/mandos/release

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.xml

Committer: Teddy Hogeborn
Date: 2014-07-15 23:52:00 UTC
mto: (237.7.272 trunk)
mto: This revision was merged to the branch mainline in revision 319.
Revision ID: teddy@recompile.se-20140715235200-4dukd7i2tvbcix61

mandos-client: Bug Fix: Fix some memory leaks.

* plugins.d/mandos-client.c (resolve_callback): Always free resolver.
  (run_network_hooks): Free the individual direntries.
  (main): When listing network interfaces and when removing the GPGME
          temp directory, free the individual direntries.

files added:
debian/upstream

debian/upstream/signing-key.asc

files removed:
debian/upstream-signing-key.pgp

files modified:
INSTALL

Makefile

NEWS

TODO

common.ent

debian/changelog

debian/control

debian/mandos.postinst

debian/rules

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.lsm

mandos.xml

plugin-runner.c

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/plymouth.c

plugins.d/splashy.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

plugins.d/mandos-client.xml

2

2

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

3

3

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

4

4

<!ENTITY COMMANDNAME "mandos-client">

5

<!ENTITY TIMESTAMP "2014-03-01">

5

<!ENTITY TIMESTAMP "2014-06-22">

6

6

<!ENTITY % common SYSTEM "../common.ent">

7

7

%common;

8

8

]>

261

261

<para>

262

262

<replaceable>NAME</replaceable> can be the string

263

263

<quote><literal>none</literal></quote>; this will make

264

<command>&COMMANDNAME;</command> not bring up

265

<emphasis>any</emphasis> interfaces specified

266

<emphasis>after</emphasis> this string. This is not

267

recommended, and only meant for advanced users.

264

<command>&COMMANDNAME;</command> only bring up interfaces

265

specified <emphasis>before</emphasis> this string. This

266

is not recommended, and only meant for advanced users.

268

267

</para>

269

268

</listitem>

270

269

</varlistentry>

749

748

<para>

750

749

It will also help if the checker program on the server is

751

750

configured to request something from the client which can not be

752

spoofed by someone else on the network, unlike unencrypted

753

<acronym>ICMP</acronym> echo (<quote>ping</quote>) replies.

751

spoofed by someone else on the network, like SSH server key

752

fingerprints, and unlike unencrypted <acronym>ICMP</acronym>

753

echo (<quote>ping</quote>) replies.

754

754

</para>

755

755

<para>

756

756

<emphasis>Note</emphasis>: This makes it completely insecure to

Older »