/mandos/release

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2016-03-17 20:40:55 UTC
mto: (237.7.594 trunk)
mto: This revision was merged to the branch mainline in revision 341.
Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu

Client: Fix plymouth agent; broken since 1.7.2.

Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2. This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.

* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
allocating new_argv. Also tolerate a zero-length argv.

files added:
bugs.xml

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

files modified:
DBUS-API

INSTALL

Makefile

NEWS

TODO

common.ent

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.postinst

debian/mandos.prerm

debian/rules

initramfs-tools-hook

initramfs-tools-script

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.service

mandos.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

2

2

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

3

3

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

4

4

<!ENTITY COMMANDNAME "mandos">

5

<!ENTITY TIMESTAMP "2014-06-15">

5

<!ENTITY TIMESTAMP "2016-03-05">

6

6

<!ENTITY % common SYSTEM "common.ent">

7

7

%common;

8

8

]>

37

37

<year>2011</year>

38

38

<year>2012</year>

39

39

<year>2013</year>

40

<year>2014</year>

41

<year>2015</year>

42

<year>2016</year>

40

43

<holder>Teddy Hogeborn</holder>

41

44

<holder>Björn Påhlsson</holder>

42

45

</copyright>

236

239

<term><option>--priority <replaceable>

237

240

PRIORITY</replaceable></option></term>

238

241

<listitem>

239

<xi:include href="mandos-options.xml"

240

xpointer="priority_compat"/>

242

<xi:include href="mandos-options.xml" xpointer="priority"/>

241

243

</listitem>

242

244

</varlistentry>

243

245

540

542

</listitem>

541

543

</varlistentry>

542

544

<varlistentry>

543

<term><filename class="devicefile">/dev/log</filename></term>

544

</varlistentry>

545

<varlistentry>

546

545

<term><filename

547

546

class="directory">/var/lib/mandos</filename></term>

548

547

<listitem>

554

553

</listitem>

555

554

</varlistentry>

556

555

<varlistentry>

557

<term><filename>/dev/log</filename></term>

556

<term><filename class="devicefile">/dev/log</filename></term>

558

557

<listitem>

559

558

<para>

560

559

The Unix domain socket to where local syslog messages are

589

588

This server does not check the expire time of clients’ OpenPGP

590

589

keys.

591

590

</para>

591

<xi:include href="bugs.xml"/>

592

592

</refsect1>

593

593

594

594

<refsect1 id="example">

707

707

</varlistentry>

708

708

<varlistentry>

709

709

<term>

710

<ulink url="http://www.gnu.org/software/gnutls/"

711

>GnuTLS</ulink>

710

<ulink url="http://gnutls.org/">GnuTLS</ulink>

712

711

</term>

713

712

<listitem>

714

713

<para>

752

751

</varlistentry>

753

752

<varlistentry>

754

753

<term>

755

RFC 4346: <citetitle>The Transport Layer Security (TLS)

756

Protocol Version 1.1</citetitle>

754

RFC 5246: <citetitle>The Transport Layer Security (TLS)

755

Protocol Version 1.2</citetitle>

757

756

</term>

758

757

<listitem>

759

758

<para>

760

TLS 1.1 is the protocol implemented by GnuTLS.

759

TLS 1.2 is the protocol implemented by GnuTLS.

761

760

</para>

762

761

</listitem>

763

762

</varlistentry>

773

772

</varlistentry>

774

773

<varlistentry>

775

774

<term>

776

RFC 5081: <citetitle>Using OpenPGP Keys for Transport Layer

777

Security</citetitle>

775

RFC 6091: <citetitle>Using OpenPGP Keys for Transport Layer

776

Security (TLS) Authentication</citetitle>

778

777

</term>

779

778

<listitem>

780

779

<para>

Older »