OpenPKG Specs / file revision

nessus-tool/nessus-tool.patch@300d43423c2e

nessus-tool/nessus-tool.patch

Wed, 08 Feb 2012 20:07:00 +0200

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 08 Feb 2012 20:07:00 +0200
changeset 588
300d43423c2e
permissions
-rw-r--r--

Update version, adapt patch, correct PID writing, correct build on newer
FreeBSD releases, and most importantly introduce new patch to try to
avoid segfault caused by multiple network interfaces with the same (or
no) address. This is common when configuring bridges and tunnels.

     1 Index: nessus-core/doc/nessusd.8.in

     2 --- nessus-core/doc/nessusd.8.in.orig	2004-10-19 17:21:05 +0200

     3 +++ nessus-core/doc/nessusd.8.in	2005-03-23 11:59:54 +0100

     4 @@ -183,7 +183,7 @@

     5  .SH USERS MANAGEMENT

     6  

     7  The utility nessus-adduser(8) creates new nessusd users. Each nessusd user

     8 -is attributed a "home", in @NESSUS_STATEDIR@/users/<username>. This home contains the following directories :

     9 +is attributed a "home", in @NESSUSD_STATEDIR@/users/<username>. This home contains the following directories :

    10  .IP auth/

    11  This directory contains the authentification information for this user. It might contain the file 'dname' if the user is authenticating using a certificate, or 'hash' (or 'passwd') if the user is authenticating using a password. The file 'hash' contains a MD5 hash of the user password, as well as a random seed. The file 'password' should contain the password in clear text.

    12  

    13 @@ -206,7 +206,7 @@

    14  

    15  

    16  When a user attempts to log in, nessusd first checks that the directory

    17 -@NESSUS_STATEDIR@/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then nessusd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname.

    18 +@NESSUSD_STATEDIR@/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then nessusd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname.

    19  

    20  

    21  To remove a given user, use the command nessus-rmuser(8).

    22 Index: nessus-core/nessus-mkcert.in

    23 --- nessus-core/nessus-mkcert.in.orig	2004-12-10 20:40:22 +0100

    24 +++ nessus-core/nessus-mkcert.in	2005-03-23 12:00:24 +0100

    25 @@ -407,31 +407,12 @@

    26  

    27  chmod a+r $CACERT $SRVCERT #cln $CLNCERT

    28  

    29 -

    30 -CF=@sysconfdir@/nessus/nessusd.conf

    31 -egrep -v '^ *(pem_password|cert_file|key_file|ca_file|force_pubkey_auth) *=' "$CF" > "$CF.tmp"

    32 -echo "#

    33 -# Added by nessus-mkcert

    34 -#

    35 -cert_file=$SRVCERT

    36 -key_file=$SRVKEY

    37 -ca_file=$CACERT

    38 -# If you decide to protect your private key with a password, 

    39 -# uncomment and change next line

    40 -# pem_password=password

    41 -# If you want to force the use of a client certificate, uncomment next line

    42 -# force_pubkey_auth = yes" >> "$CF.tmp"

    43 -

    44 -

    45 -

    46 -

    47  test -z "$QUIET" && header

    48  

    49  if [ -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ];

    50   then

    51   test -z "$QUIET" && echo "Congratulations. Your server certificate was properly created."

    52   

    53 - mv -f "$CF.tmp" "$CF"

    54   test -z "$QUIET" && { 

    55   echo

    56   echo "$CF updated

Mercurial Repository: OpenPKG Specs

Europalab SCM Repository Server

mercurial