/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

  • Committer: Teddy Hogeborn
  • Date: 2016-03-17 20:40:55 UTC
  • Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu
Client: Fix plymouth agent; broken since 1.7.2.

Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2.  This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.

* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
  allocating new_argv.  Also tolerate a zero-length argv.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos">
5
 
<!ENTITY TIMESTAMP "2012-01-15">
 
5
<!ENTITY TIMESTAMP "2016-03-05">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
36
36
      <year>2010</year>
37
37
      <year>2011</year>
38
38
      <year>2012</year>
 
39
      <year>2013</year>
 
40
      <year>2014</year>
 
41
      <year>2015</year>
 
42
      <year>2016</year>
39
43
      <holder>Teddy Hogeborn</holder>
40
44
      <holder>Björn Påhlsson</holder>
41
45
    </copyright>
100
104
      <sbr/>
101
105
      <arg><option>--statedir
102
106
      <replaceable>DIRECTORY</replaceable></option></arg>
 
107
      <sbr/>
 
108
      <arg><option>--socket
 
109
      <replaceable>FD</replaceable></option></arg>
 
110
      <sbr/>
 
111
      <arg><option>--foreground</option></arg>
 
112
      <sbr/>
 
113
      <arg><option>--no-zeroconf</option></arg>
103
114
    </cmdsynopsis>
104
115
    <cmdsynopsis>
105
116
      <command>&COMMANDNAME;</command>
299
310
          <xi:include href="mandos-options.xml" xpointer="statedir"/>
300
311
        </listitem>
301
312
      </varlistentry>
 
313
      
 
314
      <varlistentry>
 
315
        <term><option>--socket
 
316
        <replaceable>FD</replaceable></option></term>
 
317
        <listitem>
 
318
          <xi:include href="mandos-options.xml" xpointer="socket"/>
 
319
        </listitem>
 
320
      </varlistentry>
 
321
      
 
322
      <varlistentry>
 
323
        <term><option>--foreground</option></term>
 
324
        <listitem>
 
325
          <xi:include href="mandos-options.xml"
 
326
                      xpointer="foreground"/>
 
327
        </listitem>
 
328
      </varlistentry>
 
329
      
 
330
      <varlistentry>
 
331
        <term><option>--no-zeroconf</option></term>
 
332
        <listitem>
 
333
          <xi:include href="mandos-options.xml" xpointer="zeroconf"/>
 
334
        </listitem>
 
335
      </varlistentry>
 
336
      
302
337
    </variablelist>
303
338
  </refsect1>
304
339
  
494
529
        </listitem>
495
530
      </varlistentry>
496
531
      <varlistentry>
497
 
        <term><filename>/var/run/mandos.pid</filename></term>
 
532
        <term><filename>/run/mandos.pid</filename></term>
498
533
        <listitem>
499
534
          <para>
500
535
            The file containing the process id of the
501
536
            <command>&COMMANDNAME;</command> process started last.
 
537
            <emphasis >Note:</emphasis> If the <filename
 
538
            class="directory">/run</filename> directory does not
 
539
            exist, <filename>/var/run/mandos.pid</filename> will be
 
540
            used instead.
502
541
          </para>
503
542
        </listitem>
504
543
      </varlistentry>
505
544
      <varlistentry>
506
 
        <term><filename class="devicefile">/dev/log</filename></term>
507
 
      </varlistentry>
508
 
      <varlistentry>
509
545
        <term><filename
510
546
        class="directory">/var/lib/mandos</filename></term>
511
547
        <listitem>
517
553
        </listitem>
518
554
      </varlistentry>
519
555
      <varlistentry>
520
 
        <term><filename>/dev/log</filename></term>
 
556
        <term><filename class="devicefile">/dev/log</filename></term>
521
557
        <listitem>
522
558
          <para>
523
559
            The Unix domain socket to where local syslog messages are
549
585
      There is no fine-grained control over logging and debug output.
550
586
    </para>
551
587
    <para>
552
 
      Debug mode is conflated with running in the foreground.
553
 
    </para>
554
 
    <para>
555
588
      This server does not check the expire time of clients’ OpenPGP
556
589
      keys.
557
590
    </para>
 
591
    <xi:include href="bugs.xml"/>
558
592
  </refsect1>
559
593
  
560
594
  <refsect1 id="example">
673
707
      </varlistentry>
674
708
      <varlistentry>
675
709
        <term>
676
 
          <ulink url="http://www.gnu.org/software/gnutls/"
677
 
          >GnuTLS</ulink>
 
710
          <ulink url="http://gnutls.org/">GnuTLS</ulink>
678
711
        </term>
679
712
      <listitem>
680
713
        <para>
718
751
      </varlistentry>
719
752
      <varlistentry>
720
753
        <term>
721
 
          RFC 4346: <citetitle>The Transport Layer Security (TLS)
722
 
          Protocol Version 1.1</citetitle>
 
754
          RFC 5246: <citetitle>The Transport Layer Security (TLS)
 
755
          Protocol Version 1.2</citetitle>
723
756
        </term>
724
757
      <listitem>
725
758
        <para>
726
 
          TLS 1.1 is the protocol implemented by GnuTLS.
 
759
          TLS 1.2 is the protocol implemented by GnuTLS.
727
760
        </para>
728
761
      </listitem>
729
762
      </varlistentry>
739
772
      </varlistentry>
740
773
      <varlistentry>
741
774
        <term>
742
 
          RFC 5081: <citetitle>Using OpenPGP Keys for Transport Layer
743
 
          Security</citetitle>
 
775
          RFC 6091: <citetitle>Using OpenPGP Keys for Transport Layer
 
776
          Security (TLS) Authentication</citetitle>
744
777
        </term>
745
778
      <listitem>
746
779
        <para>