1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/nessus-tool/nessus-tool.patch Fri Jan 16 22:39:09 2009 +0100
1.3 @@ -0,0 +1,56 @@
1.4 +Index: nessus-core/doc/nessusd.8.in
1.5 +--- nessus-core/doc/nessusd.8.in.orig 2004-10-19 17:21:05 +0200
1.6 ++++ nessus-core/doc/nessusd.8.in 2005-03-23 11:59:54 +0100
1.7 +@@ -183,7 +183,7 @@
1.8 + .SH USERS MANAGEMENT
1.9 +
1.10 + The utility nessus-adduser(8) creates new nessusd users. Each nessusd user
1.11 +-is attributed a "home", in @NESSUS_STATEDIR@/users/<username>. This home contains the following directories :
1.12 ++is attributed a "home", in @NESSUSD_STATEDIR@/users/<username>. This home contains the following directories :
1.13 + .IP auth/
1.14 + This directory contains the authentification information for this user. It might contain the file 'dname' if the user is authenticating using a certificate, or 'hash' (or 'passwd') if the user is authenticating using a password. The file 'hash' contains a MD5 hash of the user password, as well as a random seed. The file 'password' should contain the password in clear text.
1.15 +
1.16 +@@ -206,7 +206,7 @@
1.17 +
1.18 +
1.19 + When a user attempts to log in, nessusd first checks that the directory
1.20 +-@NESSUS_STATEDIR@/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then nessusd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname.
1.21 ++@NESSUSD_STATEDIR@/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then nessusd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname.
1.22 +
1.23 +
1.24 + To remove a given user, use the command nessus-rmuser(8).
1.25 +Index: nessus-core/nessus-mkcert.in
1.26 +--- nessus-core/nessus-mkcert.in.orig 2004-12-10 20:40:22 +0100
1.27 ++++ nessus-core/nessus-mkcert.in 2005-03-23 12:00:24 +0100
1.28 +@@ -407,31 +407,12 @@
1.29 +
1.30 + chmod a+r $CACERT $SRVCERT #cln $CLNCERT
1.31 +
1.32 +-
1.33 +-CF=@sysconfdir@/nessus/nessusd.conf
1.34 +-egrep -v '^ *(pem_password|cert_file|key_file|ca_file|force_pubkey_auth) *=' "$CF" > "$CF.tmp"
1.35 +-echo "#
1.36 +-# Added by nessus-mkcert
1.37 +-#
1.38 +-cert_file=$SRVCERT
1.39 +-key_file=$SRVKEY
1.40 +-ca_file=$CACERT
1.41 +-# If you decide to protect your private key with a password,
1.42 +-# uncomment and change next line
1.43 +-# pem_password=password
1.44 +-# If you want to force the use of a client certificate, uncomment next line
1.45 +-# force_pubkey_auth = yes" >> "$CF.tmp"
1.46 +-
1.47 +-
1.48 +-
1.49 +-
1.50 + test -z "$QUIET" && header
1.51 +
1.52 + if [ -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ];
1.53 + then
1.54 + test -z "$QUIET" && echo "Congratulations. Your server certificate was properly created."
1.55 +
1.56 +- mv -f "$CF.tmp" "$CF"
1.57 + test -z "$QUIET" && {
1.58 + echo
1.59 + echo "$CF updated
