comparison: nessus-tool/nessus-tool.patch
nessus-tool/nessus-tool.patch
- changeset 501
- 4d4d275a712a
equal
deleted
inserted
replaced
| -1:000000000000 | 0:31d12da439cd |
|---|---|
| 1 Index: nessus-core/doc/nessusd.8.in | |
| 2 --- nessus-core/doc/nessusd.8.in.orig 2004-10-19 17:21:05 +0200 | |
| 3 +++ nessus-core/doc/nessusd.8.in 2005-03-23 11:59:54 +0100 | |
| 4 @@ -183,7 +183,7 @@ | |
| 5 .SH USERS MANAGEMENT | |
| 6 | |
| 7 The utility nessus-adduser(8) creates new nessusd users. Each nessusd user | |
| 8 -is attributed a "home", in @NESSUS_STATEDIR@/users/<username>. This home contains the following directories : | |
| 9 +is attributed a "home", in @NESSUSD_STATEDIR@/users/<username>. This home contains the following directories : | |
| 10 .IP auth/ | |
| 11 This directory contains the authentification information for this user. It might contain the file 'dname' if the user is authenticating using a certificate, or 'hash' (or 'passwd') if the user is authenticating using a password. The file 'hash' contains a MD5 hash of the user password, as well as a random seed. The file 'password' should contain the password in clear text. | |
| 12 | |
| 13 @@ -206,7 +206,7 @@ | |
| 14 | |
| 15 | |
| 16 When a user attempts to log in, nessusd first checks that the directory | |
| 17 -@NESSUS_STATEDIR@/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then nessusd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname. | |
| 18 +@NESSUSD_STATEDIR@/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then nessusd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname. | |
| 19 | |
| 20 | |
| 21 To remove a given user, use the command nessus-rmuser(8). | |
| 22 Index: nessus-core/nessus-mkcert.in | |
| 23 --- nessus-core/nessus-mkcert.in.orig 2004-12-10 20:40:22 +0100 | |
| 24 +++ nessus-core/nessus-mkcert.in 2005-03-23 12:00:24 +0100 | |
| 25 @@ -407,31 +407,12 @@ | |
| 26 | |
| 27 chmod a+r $CACERT $SRVCERT #cln $CLNCERT | |
| 28 | |
| 29 - | |
| 30 -CF=@sysconfdir@/nessus/nessusd.conf | |
| 31 -egrep -v '^ *(pem_password|cert_file|key_file|ca_file|force_pubkey_auth) *=' "$CF" > "$CF.tmp" | |
| 32 -echo "# | |
| 33 -# Added by nessus-mkcert | |
| 34 -# | |
| 35 -cert_file=$SRVCERT | |
| 36 -key_file=$SRVKEY | |
| 37 -ca_file=$CACERT | |
| 38 -# If you decide to protect your private key with a password, | |
| 39 -# uncomment and change next line | |
| 40 -# pem_password=password | |
| 41 -# If you want to force the use of a client certificate, uncomment next line | |
| 42 -# force_pubkey_auth = yes" >> "$CF.tmp" | |
| 43 - | |
| 44 - | |
| 45 - | |
| 46 - | |
| 47 test -z "$QUIET" && header | |
| 48 | |
| 49 if [ -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ]; | |
| 50 then | |
| 51 test -z "$QUIET" && echo "Congratulations. Your server certificate was properly created." | |
| 52 | |
| 53 - mv -f "$CF.tmp" "$CF" | |
| 54 test -z "$QUIET" && { | |
| 55 echo | |
| 56 echo "$CF updated |
