/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-keygen.xml

  • Committer: Teddy Hogeborn
  • Date: 2016-03-17 20:40:55 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 341.
  • Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu
Client: Fix plymouth agent; broken since 1.7.2.

Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2.  This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.

* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
  allocating new_argv.  Also tolerate a zero-length argv.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos-keygen">
5
 
<!ENTITY TIMESTAMP "2012-01-01">
 
5
<!ENTITY TIMESTAMP "2016-03-05">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
33
33
    <copyright>
34
34
      <year>2008</year>
35
35
      <year>2009</year>
 
36
      <year>2010</year>
36
37
      <year>2011</year>
37
38
      <year>2012</year>
 
39
      <year>2013</year>
 
40
      <year>2014</year>
 
41
      <year>2015</year>
 
42
      <year>2016</year>
38
43
      <holder>Teddy Hogeborn</holder>
39
44
      <holder>Björn Påhlsson</holder>
40
45
    </copyright>
119
124
        <replaceable>TIME</replaceable></option></arg>
120
125
      </group>
121
126
      <sbr/>
122
 
      <arg><option>--force</option></arg>
 
127
      <group>
 
128
        <arg choice="plain"><option>--force</option></arg>
 
129
        <arg choice="plain"><option>-f</option></arg>
 
130
      </group>
123
131
    </cmdsynopsis>
124
132
    <cmdsynopsis>
125
133
      <command>&COMMANDNAME;</command>
145
153
        <arg choice="plain"><option>-n
146
154
        <replaceable>NAME</replaceable></option></arg>
147
155
      </group>
 
156
      <group>
 
157
        <arg choice="plain"><option>--no-ssh</option></arg>
 
158
        <arg choice="plain"><option>-S</option></arg>
 
159
      </group>
148
160
    </cmdsynopsis>
149
161
    <cmdsynopsis>
150
162
      <command>&COMMANDNAME;</command>
227
239
        <replaceable>TYPE</replaceable></option></term>
228
240
        <listitem>
229
241
          <para>
230
 
            Key type.  Default is <quote>DSA</quote>.
 
242
            Key type.  Default is <quote>RSA</quote>.
231
243
          </para>
232
244
        </listitem>
233
245
      </varlistentry>
239
251
        <replaceable>BITS</replaceable></option></term>
240
252
        <listitem>
241
253
          <para>
242
 
            Key length in bits.  Default is 2048.
 
254
            Key length in bits.  Default is 4096.
243
255
          </para>
244
256
        </listitem>
245
257
      </varlistentry>
251
263
        <replaceable>KEYTYPE</replaceable></option></term>
252
264
        <listitem>
253
265
          <para>
254
 
            Subkey type.  Default is <quote>ELG-E</quote> (Elgamal
 
266
            Subkey type.  Default is <quote>RSA</quote> (Elgamal
255
267
            encryption-only).
256
268
          </para>
257
269
        </listitem>
264
276
        <replaceable>BITS</replaceable></option></term>
265
277
        <listitem>
266
278
          <para>
267
 
            Subkey length in bits.  Default is 2048.
 
279
            Subkey length in bits.  Default is 4096.
268
280
          </para>
269
281
        </listitem>
270
282
      </varlistentry>
288
300
        <replaceable>TEXT</replaceable></option></term>
289
301
        <listitem>
290
302
          <para>
291
 
            Comment field for key.  The default value is
292
 
            <quote><literal>Mandos client key</literal></quote>.
 
303
            Comment field for key.  Default is empty.
293
304
          </para>
294
305
        </listitem>
295
306
      </varlistentry>
347
358
          </para>
348
359
        </listitem>
349
360
      </varlistentry>
 
361
      <varlistentry>
 
362
        <term><option>--no-ssh</option></term>
 
363
        <term><option>-S</option></term>
 
364
        <listitem>
 
365
          <para>
 
366
            When <option>--password</option> or
 
367
            <option>--passfile</option> is given, this option will
 
368
            prevent <command>&COMMANDNAME;</command> from calling
 
369
            <command>ssh-keyscan</command> to get an SSH fingerprint
 
370
            for this host and, if successful, output suitable config
 
371
            options to use this fingerprint as a
 
372
            <option>checker</option> option in the output.  This is
 
373
            otherwise the default behavior.
 
374
          </para>
 
375
        </listitem>
 
376
      </varlistentry>
350
377
    </variablelist>
351
378
  </refsect1>
352
379
  
423
450
    </variablelist>
424
451
  </refsect1>
425
452
  
426
 
<!--   <refsect1 id="bugs"> -->
427
 
<!--     <title>BUGS</title> -->
428
 
<!--     <para> -->
429
 
<!--     </para> -->
430
 
<!--   </refsect1> -->
 
453
  <refsect1 id="bugs">
 
454
    <title>BUGS</title>
 
455
    <xi:include href="bugs.xml"/>
 
456
  </refsect1>
431
457
  
432
458
  <refsect1 id="example">
433
459
    <title>EXAMPLE</title>
503
529
      <citerefentry><refentrytitle>mandos</refentrytitle>
504
530
      <manvolnum>8</manvolnum></citerefentry>,
505
531
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
506
 
      <manvolnum>8mandos</manvolnum></citerefentry>
 
532
      <manvolnum>8mandos</manvolnum></citerefentry>,
 
533
      <citerefentry><refentrytitle>ssh-keyscan</refentrytitle>
 
534
      <manvolnum>1</manvolnum></citerefentry>
507
535
    </para>
508
536
  </refsect1>
509
537