diff -r 8dba60127214 -r 8db7071256b6 nessus-tool/nessus-tool.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nessus-tool/nessus-tool.patch Fri Jan 16 22:39:09 2009 +0100 @@ -0,0 +1,56 @@ +Index: nessus-core/doc/nessusd.8.in +--- nessus-core/doc/nessusd.8.in.orig 2004-10-19 17:21:05 +0200 ++++ nessus-core/doc/nessusd.8.in 2005-03-23 11:59:54 +0100 +@@ -183,7 +183,7 @@ + .SH USERS MANAGEMENT + + The utility nessus-adduser(8) creates new nessusd users. Each nessusd user +-is attributed a "home", in @NESSUS_STATEDIR@/users/. This home contains the following directories : ++is attributed a "home", in @NESSUSD_STATEDIR@/users/. This home contains the following directories : + .IP auth/ + This directory contains the authentification information for this user. It might contain the file 'dname' if the user is authenticating using a certificate, or 'hash' (or 'passwd') if the user is authenticating using a password. The file 'hash' contains a MD5 hash of the user password, as well as a random seed. The file 'password' should contain the password in clear text. + +@@ -206,7 +206,7 @@ + + + When a user attempts to log in, nessusd first checks that the directory +-@NESSUS_STATEDIR@/users/ exists, then hashes the password sent by the user with the random salt found in /auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then nessusd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in /dname. ++@NESSUSD_STATEDIR@/users/ exists, then hashes the password sent by the user with the random salt found in /auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then nessusd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in /dname. + + + To remove a given user, use the command nessus-rmuser(8). +Index: nessus-core/nessus-mkcert.in +--- nessus-core/nessus-mkcert.in.orig 2004-12-10 20:40:22 +0100 ++++ nessus-core/nessus-mkcert.in 2005-03-23 12:00:24 +0100 +@@ -407,31 +407,12 @@ + + chmod a+r $CACERT $SRVCERT #cln $CLNCERT + +- +-CF=@sysconfdir@/nessus/nessusd.conf +-egrep -v '^ *(pem_password|cert_file|key_file|ca_file|force_pubkey_auth) *=' "$CF" > "$CF.tmp" +-echo "# +-# Added by nessus-mkcert +-# +-cert_file=$SRVCERT +-key_file=$SRVKEY +-ca_file=$CACERT +-# If you decide to protect your private key with a password, +-# uncomment and change next line +-# pem_password=password +-# If you want to force the use of a client certificate, uncomment next line +-# force_pubkey_auth = yes" >> "$CF.tmp" +- +- +- +- + test -z "$QUIET" && header + + if [ -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ]; + then + test -z "$QUIET" && echo "Congratulations. Your server certificate was properly created." + +- mv -f "$CF.tmp" "$CF" + test -z "$QUIET" && { + echo + echo "$CF updated