prefs_dialog_auth.c

大国补丁后的nessus2.2.8的源代码

  gtk_box_pack_start_defaults(GTK_BOX(box), auth_fileselect->box);

  return auth_fileselect;
}


void
prefs_dialog_auth_update(widget, auth)
  GtkWidget *widget;
  struct auth_dialog *auth;
{
  gboolean use_ssl = gtk_toggle_button_get_active(
      GTK_TOGGLE_BUTTON(auth->use_ssl));
  gboolean use_client_cert = gtk_toggle_button_get_active(
      GTK_TOGGLE_BUTTON(auth->use_client_cert));

  gtk_widget_set_sensitive(auth->use_client_cert, use_ssl);
  gtk_widget_set_sensitive(auth->trusted_ca->box, use_ssl);
  gtk_widget_set_sensitive(auth->cert_file->box, use_ssl && use_client_cert);
  gtk_widget_set_sensitive(auth->key_file->box, use_ssl && use_client_cert);
}
#endif /* NESSUS_ON_SSL */

void
prefs_dialog_auth_create_dialog(context, auth)
  struct context *context;
  struct auth_dialog *auth;
{
  GtkTooltips *tooltips = gtk_tooltips_new();
  GtkWidget *dialog;
  GtkWidget *dialog_vbox;
  GtkWidget *frame;
  GtkWidget *hbox;
  GtkWidget *hbox2;
  GtkWidget *button;
#ifdef USE_AF_INET
  GtkObject *port_adj;
# ifdef NESSUS_ON_SSL
  GtkWidget *vbox;
# endif /* NESSUS_ON_SSL */
#endif /* USE_AF_INET */

  auth->context = context;

  /*ENABLE_CRYPTO_LAYER*/
  auth->dialog = dialog = gtk_dialog_new_with_buttons(
      _("Connect to Nessus Server"), auth->parent,
      GTK_DIALOG_MODAL | GTK_DIALOG_DESTROY_WITH_PARENT,
      GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL,
      GTK_STOCK_OK, GTK_RESPONSE_OK,
      NULL);
  gtk_dialog_set_default_response(GTK_DIALOG(dialog), GTK_RESPONSE_OK);
  gtk_window_set_resizable(GTK_WINDOW(dialog), FALSE);
  gtk_dialog_set_has_separator(GTK_DIALOG(dialog), FALSE);

  dialog_vbox = gtk_vbox_new(FALSE, 4);
  gtk_widget_show(dialog_vbox);
  gtk_container_set_border_width(GTK_CONTAINER(dialog_vbox), 4);
  gtk_box_pack_start_defaults(GTK_BOX(GTK_DIALOG(dialog)->vbox), dialog_vbox);


#ifdef USE_AF_INET
  frame = gtk_frame_new(_("Nessus Server"));
  gtk_widget_show(frame);
  gtk_box_pack_start_defaults(GTK_BOX(dialog_vbox), frame);

  hbox = gtk_hbox_new(TRUE, 8);
  gtk_widget_show(hbox);
  gtk_container_add(GTK_CONTAINER(frame), hbox);
  gtk_container_set_border_width(GTK_CONTAINER(hbox), 4);

  /*
   * nessusd_host
   */
  auth->hostname = gtk_entry_new();
  gtk_widget_show(auth->hostname);
  gtk_entry_set_text(GTK_ENTRY(auth->hostname),
      prefs_get_string(context, "nessusd_host"));
  gtk_tooltips_set_tip(tooltips, auth->hostname, HLP_AUTH_SERVER, "");
  gtk_box_pack_start_defaults(GTK_BOX(hbox),
      prefs_dialog_auth_vbox(_("Hostname:"), auth->hostname));

  /*
   * nessusd_port
   */
  hbox2 = gtk_hbox_new(FALSE, 0);
  gtk_widget_show(hbox2);

  auth->port = gtk_entry_new();
  port_adj = gtk_adjustment_new(
      prefs_get_int(context, "nessusd_port"), 1, 65535, 1, 100, 100);
  auth->port = gtk_spin_button_new(GTK_ADJUSTMENT(port_adj), 1, 0);
  gtk_spin_button_set_numeric(GTK_SPIN_BUTTON(auth->port), TRUE);
  gtk_spin_button_set_wrap(GTK_SPIN_BUTTON(auth->port), TRUE);
  gtk_tooltips_set_tip(tooltips, auth->port, HLP_AUTH_PORT, "");
  gtk_widget_show(auth->port);
  gtk_box_pack_start_defaults(GTK_BOX(hbox2), auth->port);

  button = gtk_button_new_with_mnemonic(_("_Default"));
  gtk_widget_show(button);
  gtk_box_pack_start(GTK_BOX(hbox2), button, FALSE, FALSE, 0);
  gtk_tooltips_set_tip(tooltips, button, HLP_AUTH_PORT_DEFAULT, "");
  g_signal_connect((gpointer)button, "clicked",
                   G_CALLBACK(prefs_dialog_auth_defaultport_clicked),
                   auth);

  gtk_box_pack_start_defaults(GTK_BOX(hbox),
      prefs_dialog_auth_vbox(_("Port:"), hbox2));



  frame = gtk_frame_new(_("Authentication"));
  gtk_widget_show(frame);
  gtk_box_pack_start_defaults(GTK_BOX(dialog_vbox), frame);

  hbox = gtk_hbox_new(TRUE, 8);
  gtk_container_add(GTK_CONTAINER(frame), hbox);
#else
  hbox = gtk_hbox_new(TRUE, 8);
  gtk_container_add(GTK_CONTAINER(dialog_vbox), hbox);
#endif /* USE_AF_INET */
  gtk_widget_show(hbox);
  gtk_container_set_border_width(GTK_CONTAINER(hbox), 4);

  /*
   * nessusd_user
   */
  auth->username = gtk_entry_new();
  gtk_widget_show(auth->username);
  gtk_entry_set_text(GTK_ENTRY(auth->username),
      prefs_get_string(context, "nessusd_user"));
  gtk_tooltips_set_tip(tooltips, auth->username, HLP_LOGIN_USER, "");
  gtk_box_pack_start_defaults(GTK_BOX(hbox),
      prefs_dialog_auth_vbox(_("Login:"), auth->username));

  /*
   * password
   */
  auth->password = gtk_entry_new();
  gtk_widget_show(auth->password);
  gtk_entry_set_visibility(GTK_ENTRY(auth->password), FALSE);
  /* gtk_tooltips_set_tip(tooltips, auth->password, HLP_LOGIN_PASSWORD, ""); */
  gtk_box_pack_start_defaults(GTK_BOX(hbox),
      prefs_dialog_auth_vbox(_("Password:"), auth->password));
  gtk_widget_grab_focus(auth->password);
  gtk_entry_set_activates_default(GTK_ENTRY(auth->password), TRUE);

#ifdef NESSUS_ON_SSL
  frame = gtk_frame_new(_("SSL options"));
  gtk_widget_show(frame);
  gtk_box_pack_start_defaults(GTK_BOX(dialog_vbox), frame);

  vbox = gtk_vbox_new(FALSE, 4);
  gtk_container_add(GTK_CONTAINER(frame), vbox);
  gtk_widget_show(vbox);
  gtk_container_set_border_width(GTK_CONTAINER(vbox), 4);

  hbox = gtk_hbox_new(TRUE, 8);
  gtk_widget_show(hbox);
  gtk_box_pack_start_defaults(GTK_BOX(vbox), hbox);

  /*
   * use_ssl
   */
  auth->use_ssl = gtk_check_button_new_with_mnemonic(
      _("Use SSL encryption"));
  gtk_widget_show(auth->use_ssl);
  gtk_box_pack_start_defaults(GTK_BOX(hbox), auth->use_ssl);
  gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(auth->use_ssl),
      prefs_get_int(context, "use_ssl") &&
      strcasecmp(prefs_get_string(context, "ssl_version"), "NONE"));
  g_signal_connect(G_OBJECT(auth->use_ssl), "toggled",
      G_CALLBACK(prefs_dialog_auth_update), auth);

  /*
   * use_client_cert
   */
  auth->use_client_cert = gtk_check_button_new_with_mnemonic(
      _("Authentication by certi_ficate"));
  gtk_widget_show(auth->use_client_cert);
  gtk_box_pack_start_defaults(GTK_BOX(hbox), auth->use_client_cert);
  gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(auth->use_client_cert),
      prefs_get_int(context, "use_client_cert"));
  g_signal_connect(G_OBJECT(auth->use_client_cert), "toggled",
      G_CALLBACK(prefs_dialog_auth_update), auth);

  /*
   * trusted_ca
   */
  auth->trusted_ca = prefs_dialog_auth_fileselect(
      auth, _("Trusted CA:"), "trusted_ca", vbox);

  /*
   * cert_file
   */
  auth->cert_file = prefs_dialog_auth_fileselect(
      auth, _("User Certificate File:"), "cert_file", vbox);

  /*
   * key_file
   */
  auth->key_file = prefs_dialog_auth_fileselect(
      auth, _("User Key File:"), "key_file", vbox);

  prefs_dialog_auth_update(NULL, auth);
#endif /* NESSUS_ON_SSL */
}

gboolean
prefs_dialog_auth_connect_dialog(context, ctrls)
  struct context *context;
  gpointer ctrls;
{
  void *context_window = arg_get_value(ctrls, "CONTEXT");
  struct auth_dialog *auth = emalloc(sizeof(struct auth_dialog));

  auth->parent = context_window?GTK_WINDOW(context_window):NULL;
  prefs_dialog_auth_create_dialog(context, auth);

  arg_set_value(ctrls, "CONTEXT", -1, auth->dialog);
  for(;;)
  {
    if(gtk_dialog_run(GTK_DIALOG(auth->dialog)) == GTK_RESPONSE_OK)
    {
      const char *hostname;
      int port;
      const char *username;
      const char *password;
      char *err;
#ifdef NESSUS_ON_SSL
      const char *trusted_ca;
      const char *cert_file;
      const char *key_file;
      int use_ssl = 0;
      int use_client_cert = 0;
#endif /* NESSUS_ON_SSL */

      efree(&context->passwd);
#ifdef USE_AF_INET
      if(!(hostname = prefs_dialog_auth_hostname(auth)) ||
	 (port = prefs_dialog_auth_port(auth)) < 0)
	continue;
#endif /* USE_AF_INET */
      if(!(username = prefs_dialog_auth_username(auth)) ||
	 !(password = prefs_dialog_auth_password(auth)))
	continue;

#ifdef NESSUS_ON_SSL
      if(gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(auth->use_ssl)))
	use_ssl = 1;
      if(gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(auth->use_client_cert)))
	use_client_cert = 1;

      if(use_ssl)
      {
	if(!(trusted_ca = prefs_dialog_auth_trusted_ca(auth, context)))
	  continue;

	if(use_client_cert)
	{
	  if(!(cert_file = prefs_dialog_auth_cert_file(auth)) ||
	     !(key_file = prefs_dialog_auth_key_file(auth)))
	    continue;
	  prefs_set_string(context, "cert_file", cert_file);
	  prefs_set_string(context, "key_file", key_file);
	}

	prefs_set_string(context, "trusted_ca", trusted_ca);
      }
      prefs_set_int(context, "use_ssl", use_ssl);
      prefs_set_int(context, "use_client_cert", use_client_cert);
#endif /* NESSUS_ON_SSL */

      prefs_set_string(context, "nessusd_host", hostname);
      prefs_set_int(context, "nessusd_port", port);
      prefs_set_string(context, "nessusd_user", username);
      if(password[0])
	context->passwd = estrdup(password);
      else
	context->passwd = estrdup("*"); /* XXX this is ugly */
      err = prefs_dialog_auth_do_connect(context, ctrls);
      if(err)
      {
	show_error("%s", err);
	continue;
      }
    }
    break;
  }
  arg_set_value(ctrls, "CONTEXT", -1, auth->parent);
  gtk_widget_destroy(auth->dialog);
#ifdef NESSUS_ON_SSL
  efree(&auth->trusted_ca);
  efree(&auth->cert_file);
  efree(&auth->key_file);
#endif /* NESSUS_ON_SSL */
  efree(&auth);

  return (context->socket >= 0);
}

void
prefs_dialog_auth_connect(menuitem, ctrls)
  GtkMenuItem *menuitem;
  gpointer ctrls;
{
  prefs_dialog_auth_connect_dialog(Context, ctrls);
}

/*
 * Try connecting if not already connected and context->passwd is
 * available. passwd may be empty (but != NULL) for user certificates.
 * If this fails, raise the login dialog.
 * Returns TRUE if connected.
 */
gboolean
prefs_dialog_auth_connection(context)
  struct context *context;
{
  if(context->socket >= 0)
    return TRUE;

  if(!context->passwd ||
     !prefs_get_int(Global, "nessusd_autoconnect") ||
      prefs_dialog_auth_do_connect(context, MainDialog))
    return prefs_dialog_auth_connect_dialog(context, MainDialog);

  return (context->socket >= 0);
}

void
prefs_dialog_auth_disconnect(menuitem, ctrls)
  GtkMenuItem *menuitem;
  gpointer ctrls;
{
#ifdef NESSUS_ON_SSL
  close_stream_connection(Context->socket);
#else
  shutdown(Context->socket, 2);
  closesocket(Context->socket);
#endif
  Context->socket = -1;
  prefs_context_update(Context);
  scopetreeview_connected_update(Context);
}
#endif