Update of /usr/local/cvs/nessus-core
In directory raccoon.nessus.org:/tmp/cvs-serv4246/nessus-core
Modified Files:
CHANGES Makefile aclocal.m4 configure configure.in
nessus-mkcert-client.in nessus-mkcert.in nessus-rmuser.in
nessus-services nessus.tmpl.in
Log Message:
Synchronize back DEVEL with 2.2
Index: CHANGES
===================================================================
RCS file: /usr/local/cvs/nessus-core/CHANGES,v
retrieving revision 1.313
retrieving revision 1.314
diff -u -d -r1.313 -r1.314
--- CHANGES 28 Oct 2004 01:51:23 -0000 1.313
+++ CHANGES 12 Sep 2006 09:49:03 -0000 1.314
@@ -4,6 +4,204 @@
$Id$
+2.2.8 :
+
+- nessusd :
+
+ - Make sure that plugins of type ACT_INIT and ACT_SETTINGS are
+ always enabled during a scan
+
+ - Display more error verbose error messages when it's impossible to
+ load a .nes plugin
+
+ - Fixed a harmless memory reallocation problem which would truncate
+ a very long preference name
+
+- nessus-libraries
+
+ - Fixed a possible memory corruption when forwarding data from a process
+ to another
+
+- libnasl :
+
+ - 'a = b + c ++' would not work as expected
+ - fixed a memory allocation problem when split() is passed an argument of
+ the wrong type
+
+
+2.2.7 :
+
+. changes by Tenable Network Security :
+
+- nessus-libraries :
+
+ - Fixed a NULL pointer dereferencement in the BPF server
+ - The 'service' functions now only deal with the services file provided
+ with Nessus (instead of using a mix of /etc/services and others)
+
+- libnasl :
+
+ - Fixed off-by-one bugs in insstr() and str_replace() which would sometimes
+ prevent these two functions from properly dealing with the last character of a
+ string
+ - Fixed tcp_ping() which was too aggressive and may therefore sometimes miss
+ a live host
+ - Fixed a bug in send() which would not properly validate the value of the
+ 'length' variable
+ - Now handle arrays of arrays
+ - Fixed open_priv_sock_tcp() which would report a successful connection when
+ timing out
+
+- nessusd :
+
+ - Properly install the file 'nessus-services' in $prefix/var/nessus/
+ - Bigger buffer when receiving preferences from the client (to avoid a possible
+ truncation of the plugin list in the future)
+ - Fixed a bug in the preferences parser which would cause nessusd to die on startup when
+ processing a malformed preference file
+
+- nessus :
+
+ - Fixed an unlikely but potential segmentation fault when viewing the report in the GUI
+ - Erase the credentials from memory after having used them (thanks to Sumiut Siddhart
+ for noticing this)
+
+- plugins :
+
+ - nmap.nasl has been removed from the main distribution (to use nmap from Nessus,
+ read <http://www.nessus.org/u?e56c945b>)
+
+ - Performance improvements to nessus_tcp_scanner
+
+ - Improved the file nessus-services
+
+
+2.2.6 :
+
+. changes by Tenable Network Security :
+
+- Engine :
+
+ - New NASL function socket_get_error() which returns the last error which
+ occured on a socket (timeout, connection reset, etc...)
+ - Removed the C function http_recv_headers() in favor of 'http_recv_headers2()'
+ written in NASL
+ - If the computer clock is not set properly, load the plugins anyways
+ - Under certain circumstances, the plugins preferences may appear twice in the
+ Nessus GUI
+ - nessus-fetch is more reliable when used in a very low bandwidth environment
+ - nessusd has higher memory limits when running on a 64 bits CPU
+ - Use nasl_memmem() instead of memmem() to solve a possible segfault on
+ 64 bits architectures (bug#1293)
+
+Plugins :
+
+ - The Windows Bulletin checks now check the version of the files on the remote
+ host (when possible) instead of looking at the registry
+ - It is now possible to disable CGI scanning entirely in Prefs->Global Settings
+ - Rewritten several key plugins (dcetest.nasl, netbios_name_get.nasl) to better
+ support the underlying protocol
+
+. changes by Michel Arboi :
+
+- nessus_tcp_scanner now performs multiple passes, for improved reliability.
+ It also is much quicker against BSD machines (which have a rate limitation
+ for the RST they send)
+
+
+
+2.2.5 :
+
+. changes by Renaud Deraison :
+
+- Faster scan startup speed (at the expense of a slightly bigger memory usage)
+- nessus-fetch now calls nessus-update-plugins upon registration
+- Fixed the use of an uninitialized buffer in the shared socket code
+- Fixed some uninitialized variables in nessus_tcp_scanner
+- Fixed several null pointer dereferencement in libnasl
+- New NASL function 'send_capture()'
+- Rotate nessusd.messages on startup if the file is too big
+
+. changes by Michel Arboi :
+
+- nessus_tcp_scanner now tracks down more statistics about the remote ports
+ (filtered vs. closed)
+
+. changes by Beirne Kornarksi :
+
+- Fixed bug#1224
+
+2.2.4 :
+
+. changes by Renaud Deraison :
+
+- Fixed a bug in nessusd when killing slow plugins, which may result
+ in a hang of the scan
+- Fixed a bug in find_services.nes which would prevent it from exiting
+ properly when receiving a SIGTERM message
+- Fixed a bug in libnessus/network.c which may result in incompletes
+ SSL reads
+- Fixed proxy support in nessus-fetch
+- Reduced CPU usage
+- Brand new SMB API
+- The nessus-fetch man page is now installed
+- Updated os_fingerprint.nasl with all the newest signatures
+
+. changes by Michel Arboi :
+
+- More gentle nessus_tcp_scanner
+
+2.2.3 :
+
+. changes by Renaud Deraison :
+
+- Added the 'silent dependencies' option (suggested by Nicolas Pouvesle)
+- Added a new 'Credentials' Tab to put SSH and SMB credentials
+- Removed some un-recommended options from the GUI (detached scan)
+- Fixed a NULL-ptr dereferencement in libnasl
+
+. changes by Michel Arboi :
+
+- Call setrlimit() without any limits when calling popen()
+
+. changes by Nicolas Pouvesle :
+
+- Replaced the functions in libnasl/nasl/smb_crypt.* by crypt_func.nasl
+
+2.2.2 :
+
+. changes by Renaud Deraison :
+
+- Fixed HTTPS-over-proxy in nessus-fetch
+- Fixed a build issue on Solaris in nessus-fetch
+- Fixed the detached scans
+
+2.2.1 :
+
+. changes by Renaud Deraison :
+
+- Turn on buffering for every TCP sockets to reduce the number of system calls
+(only HTTP-related sockets would have a buffered input)
+
+- Fixed bug#1065 which would make nessusd do an endless stream of calls
+to gethostbyname() when testing a non-existant host name
+
+- Fixed a bug in the TCP socket buffering which would cause
+read_stream_connection() to perform a short read under some circumstances
+
+- Added nessus-fetch(1), a utility which retrieves plugins from
+www.nessus.org.
+
+- Rewrote nessus-update-plugins to use nessus-fetch instead
+of wget/lynx/fetch/curl
+
+- Fixed bug#1076 (support for bash 3.0)
+
+. changes by Michel Arboi :
+
+- New TCP port scanner (nessus_tcp_portscan.nes)
+- Better Hydra integration through multiple nasl scripts
+
2.2.0 :
- Fixed a couple of memory leaks (thanks to Lance Uyehara)
Index: Makefile
===================================================================
RCS file: /usr/local/cvs/nessus-core/Makefile,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -d -r1.57 -r1.58
--- Makefile 14 Mar 2005 22:34:04 -0000 1.57
+++ Makefile 12 Sep 2006 09:49:03 -0000 1.58
@@ -38,6 +38,7 @@
test -d $(DESTDIR)${NESSUSD_STATEDIR}/tmp || $(INSTALL_DIR) -m 755 $(DESTDIR)${NESSUSD_STATEDIR}/tmp
test -d $(DESTDIR)${NESSUSD_STATEDIR}/jobs || $(INSTALL_DIR) -m 755 $(DESTDIR)${NESSUSD_STATEDIR}/jobs
test -d $(DESTDIR)${NESSUSD_LOGDIR} || $(INSTALL_DIR) -m 755 $(DESTDIR)${NESSUSD_LOGDIR}
+ $(INSTALL) -c -m 0444 nessus-services $(DESTDIR)${NESSUSD_STATEDIR}/
$(INSTALL) -c -m 0444 include/config.h $(DESTDIR)${includedir}/nessus
$(INSTALL) -c -m 0444 include/ntcompat.h $(DESTDIR)${includedir}/nessus
$(INSTALL) -c -m 0444 include/includes.h $(DESTDIR)${includedir}/nessus
@@ -109,6 +110,7 @@
clean:
cd nessus && $(MAKE) clean
+ cd nessus-fetch && $(MAKE) clean
cd nessusd && $(MAKE) clean
cd ssl && $(MAKE) clean
Index: aclocal.m4
===================================================================
RCS file: /usr/local/cvs/nessus-core/aclocal.m4,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- aclocal.m4 3 Nov 2004 13:07:46 -0000 1.3
+++ aclocal.m4 12 Sep 2006 09:49:03 -0000 1.4
@@ -1,71 +1,511 @@
-# aclocal.m4 generated automatically by aclocal 1.6.3 -*- Autoconf -*-
+dnl aclocal.m4 generated automatically by aclocal 1.2f
-# Copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002
-# Free Software Foundation, Inc.
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
+dnl Copyright (C) 1994, 1995, 1996, 1997, 1998 Free Software Foundation, Inc.
+dnl This Makefile.in is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
-# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE.
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+dnl even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+dnl PARTICULAR PURPOSE.
+# Do all the work for Automake. This macro actually does too much --
+# some checks are only needed if your package does certain things.
+# But this isn't really a big deal.
-dnl PKG_CHECK_MODULES(GSTUFF, gtk+-2.0 >= 1.3 glib = 1.3.4, action-if, action-not)
-dnl defines GSTUFF_LIBS, GSTUFF_CFLAGS, see pkg-config man page
-dnl also defines GSTUFF_PKG_ERRORS on error
-AC_DEFUN(PKG_CHECK_MODULES, [.
- succeeded=no
+# serial 1
- if test -z "$PKG_CONFIG"; then
- AC_PATH_PROG(PKG_CONFIG, pkg-config, no)
+#
+# Check to make sure that the build environment is sane.
+#
+
+AC_DEFUN(AM_SANITY_CHECK,
+[AC_MSG_CHECKING([whether build environment is sane])
+# Just in case
+sleep 1
+echo timestamp > conftestfile
+# Do `set' in a subshell so we don't clobber the current shell's
+# arguments. Must try -L first in case configure is actually a
+# symlink; some systems play weird games with the mod time of symlinks
+# (eg FreeBSD returns the mod time of the symlink's containing
+# directory).
+if (
+ set X `ls -Lt $srcdir/configure conftestfile 2> /dev/null`
+ if test "[$]*" = "X"; then
+ # -L didn't work.
+ set X `ls -t $srcdir/configure conftestfile`
+ fi
+ if test "[$]*" != "X $srcdir/configure conftestfile" \
+ && test "[$]*" != "X conftestfile $srcdir/configure"; then
+
+ # If neither matched, then we have a broken ls. This can happen
+ # if, for instance, CONFIG_SHELL is bash and it inherits a
+ # broken ls alias from the environment. This has actually
+ # happened. Such a system could not be considered "sane".
+ AC_MSG_ERROR([.ls -t appears to fail. Make sure there is not a broken
+alias in your environment])
+ fi
+
+ test "[$]2" = conftestfile
+ )
+then
+ # Ok.
+ :
+else
+ AC_MSG_ERROR([.newly created file is older than distributed files!
+Check your system clock])
+fi
+rm -f conftest*
+AC_MSG_RESULT(yes)])
+
+dnl AM_MISSING_PROG(NAME, PROGRAM, DIRECTORY)
+dnl The program must properly implement --version.
+AC_DEFUN(AM_MISSING_PROG,
+[.AC_MSG_CHECKING(for working $2)
+# Run test in a subshell; some versions of sh will print an error if
+# an executable is not found, even if stderr is redirected.
+# Redirect stdin to placate older versions of autoconf. Sigh.
+if ($2 --version) < /dev/null > /dev/null 2>&1; then
+ $1=$2
+ AC_MSG_RESULT(found)
+else
+ $1="$3/missing $2"
+ AC_MSG_RESULT(missing)
+fi
+AC_SUBST($1)])
+
+# Like AC_CONFIG_HEADER, but automatically create stamp file.
+
+AC_DEFUN(AM_CONFIG_HEADER,
+[AC_PREREQ([2.12])
+AC_CONFIG_HEADER([$1])
+dnl When config.status generates a header, we must update the stamp-h file.
+dnl This file resides in the same directory as the config header
+dnl that is generated. We must strip everything past the first ":",
+dnl and everything past the last "/".
+AC_OUTPUT_COMMANDS(changequote(<<,>>)dnl
+ifelse(patsubst(<<$1>>, <<[^ ]>>, <<>>), <<>>,
+<<test -z "<<$>>CONFIG_HEADERS" || echo timestamp > patsubst(<<$1>>, <<^\([^:]*/\)?.*>>, <<\1>>)stamp-h<<>>dnl>>,
+<<am_indx=1
+for am_file in <<$1>>; do
+ case " <<$>>CONFIG_HEADERS " in
+ *" <<$>>am_file "*<<)>>
+ echo timestamp > `echo <<$>>am_file | sed -e 's%:.*%%' -e 's%[^/]*$%%'`stamp-h$am_indx
+ ;;
+ esac
+ am_indx=`expr "<<$>>am_indx" + 1`
+done<<>>dnl>>)
+changequote([,]))])
+
+
+# serial 24 AM_PROG_LIBTOOL
+AC_DEFUN(AM_PROG_LIBTOOL,
+[AC_REQUIRE([AM_ENABLE_SHARED])dnl
+AC_REQUIRE([AM_ENABLE_STATIC])dnl
+AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_PROG_RANLIB])dnl
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AM_PROG_LD])dnl
+AC_REQUIRE([AM_PROG_NM])dnl
+AC_REQUIRE([AC_PROG_LN_S])dnl
+dnl
+# Always use our own libtool.
+LIBTOOL='$(SHELL) $(top_builddir)/libtool'
+AC_SUBST(LIBTOOL)dnl
+
+# Check for any special flags to pass to ltconfig.
+libtool_flags=
+test "$enable_shared" = no && libtool_flags="$libtool_flags --disable-shared"
+test "$enable_static" = no && libtool_flags="$libtool_flags --disable-static"
+test "$silent" = yes && libtool_flags="$libtool_flags --silent"
+test "$ac_cv_prog_gcc" = yes && libtool_flags="$libtool_flags --with-gcc"
+test "$ac_cv_prog_gnu_ld" = yes && libtool_flags="$libtool_flags --with-gnu-ld"
+
+# Some flags need to be propagated to the compiler or linker for good
+# libtool support.
+case "$host" in
+*-*-irix6*)
+ # Find out which ABI we are using.
+ echo '[#]line __oline__ "configure"' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case "`/usr/bin/file conftest.o`" in
+ *32-bit*)
+ LD="${LD-ld} -32"
+ ;;
+ *N32*)
+ LD="${LD-ld} -n32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -64"
+ ;;
+ esac
fi
+ rm -rf conftest*
+ ;;
- if test "$PKG_CONFIG" = "no" ; then
- echo "*** The pkg-config script could not be found. Make sure it is"
- echo "*** in your path, or set the PKG_CONFIG environment variable"
- echo "*** to the full path to pkg-config."
- echo "*** Or see http://www.freedesktop.org/software/pkgconfig to get pkg-config."
- else
- PKG_CONFIG_MIN_VERSION=0.9.0
- if $PKG_CONFIG --atleast-pkgconfig-version $PKG_CONFIG_MIN_VERSION; then
- AC_MSG_CHECKING(for $2)
+*-*-sco3.2v5*)
+ # On SCO OpenServer 5, we need -belf to get full-featured binaries.
+ CFLAGS="$CFLAGS -belf"
+ ;;
+esac
- if $PKG_CONFIG --exists "$2" ; then
- AC_MSG_RESULT(yes)
- succeeded=yes
+# Actually configure libtool. ac_aux_dir is where install-sh is found.
+CC="$CC" CFLAGS="$CFLAGS" CPPFLAGS="$CPPFLAGS" \
+LD="$LD" NM="$NM" RANLIB="$RANLIB" LN_S="$LN_S" \
+${CONFIG_SHELL-/bin/sh} $ac_aux_dir/ltconfig \
+$libtool_flags --no-verify $ac_aux_dir/ltmain.sh $host \
+|| AC_MSG_ERROR([libtool configure failed])
+])
- AC_MSG_CHECKING($1_CFLAGS)
- $1_CFLAGS=`$PKG_CONFIG --cflags "$2"`
- AC_MSG_RESULT($$1_CFLAGS)
+# AM_ENABLE_SHARED - implement the --enable-shared flag
+# Usage: AM_ENABLE_SHARED[(DEFAULT)]
+# Where DEFAULT is either `yes' or `no'. If omitted, it defaults to
+# `yes'.
+AC_DEFUN(AM_ENABLE_SHARED,
+[define([AM_ENABLE_SHARED_DEFAULT], ifelse($1, no, no, yes))dnl
+AC_ARG_ENABLE(shared,
+changequote(<<, >>)dnl
+<< --enable-shared build shared libraries [default=>>AM_ENABLE_SHARED_DEFAULT]
+changequote([, ])dnl
+[. --enable-shared=PKGS only build shared libraries if the current package
+ appears as an element in the PKGS list],
+[.p=${PACKAGE-default}
+case "$enableval" in
+yes) enable_shared=yes ;;
+no) enable_shared=no ;;
+*)
+ enable_shared=no
+ # Look at the argument we got. We use all the common list separators.
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:,"
+ for pkg in $enableval; do
+ if test "X$pkg" = "X$p"; then
+ enable_shared=yes
+ fi
+ done
+ IFS="$ac_save_ifs"
+ ;;
+esac],
+enable_shared=AM_ENABLE_SHARED_DEFAULT)dnl
+])
- AC_MSG_CHECKING($1_LIBS)
- $1_LIBS=`$PKG_CONFIG --libs "$2"`
- AC_MSG_RESULT($$1_LIBS)
- else
- $1_CFLAGS=""
- $1_LIBS=""
- ## If we have a custom action on failure, don't print errors, but
- ## do set a variable so people can do so.
- $1_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "$2"`
- ifelse([$4], ,echo $$1_PKG_ERRORS,)
- fi
+# AM_DISABLE_SHARED - set the default shared flag to --disable-shared
+AC_DEFUN(AM_DISABLE_SHARED,
+[AM_ENABLE_SHARED(no)])
- AC_SUBST($1_CFLAGS)
- AC_SUBST($1_LIBS)
- else
- echo "*** Your version of pkg-config is too old. You need version $PKG_CONFIG_MIN_VERSION or newer."
- echo "*** See http://www.freedesktop.org/software/pkgconfig"
- fi
+# AM_DISABLE_STATIC - set the default static flag to --disable-static
+AC_DEFUN(AM_DISABLE_STATIC,
+[AM_ENABLE_STATIC(no)])
+
+# AM_ENABLE_STATIC - implement the --enable-static flag
+# Usage: AM_ENABLE_STATIC[(DEFAULT)]
+# Where DEFAULT is either `yes' or `no'. If omitted, it defaults to
+# `yes'.
+AC_DEFUN(AM_ENABLE_STATIC,
+[define([AM_ENABLE_STATIC_DEFAULT], ifelse($1, no, no, yes))dnl
+AC_ARG_ENABLE(static,
+changequote(<<, >>)dnl
+<< --enable-static build static libraries [default=>>AM_ENABLE_STATIC_DEFAULT]
+changequote([, ])dnl
+[. --enable-static=PKGS only build shared libraries if the current package
+ appears as an element in the PKGS list],
+[.p=${PACKAGE-default}
+case "$enableval" in
+yes) enable_static=yes ;;
+no) enable_static=no ;;
+*)
+ enable_static=no
+ # Look at the argument we got. We use all the common list separators.
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:,"
+ for pkg in $enableval; do
+ if test "X$pkg" = "X$p"; then
+ enable_static=yes
+ fi
+ done
+ IFS="$ac_save_ifs"
+ ;;
+esac],
+enable_static=AM_ENABLE_STATIC_DEFAULT)dnl
+])
+
+
+# AM_PROG_LD - find the path to the GNU or non-GNU linker
+AC_DEFUN(AM_PROG_LD,
+[.AC_ARG_WITH(gnu-ld,
+[ --with-gnu-ld assume the C compiler uses GNU ld [default=no]],
+test "$withval" = no || with_gnu_ld=yes, with_gnu_ld=no)
+AC_REQUIRE([AC_PROG_CC])
+ac_prog=ld
+if test "$ac_cv_prog_gcc" = yes; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ AC_MSG_CHECKING([for ld used by GCC])
+ ac_prog=`($CC -print-prog-name=ld) 2>&5`
+ case "$ac_prog" in
+ # Accept absolute paths.
+ /* | [A-Za-z]:\\*)
+ test -z "$LD" && LD="$ac_prog"
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test "$with_gnu_ld" = yes; then
+ AC_MSG_CHECKING([for GNU ld])
+else
+ AC_MSG_CHECKING([for non-GNU ld])
+fi
+AC_CACHE_VAL(ac_cv_path_LD,
+[.if test -z "$LD"; then
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:"
+ for ac_dir in $PATH; do
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog"; then
+ ac_cv_path_LD="$ac_dir/$ac_prog"
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some GNU ld's only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ if "$ac_cv_path_LD" -v 2>&1 < /dev/null | egrep '(GNU|with BFD)' > /dev/null; then
+ test "$with_gnu_ld" != no && break
+ else
+ test "$with_gnu_ld" != yes && break
+ fi
+ fi
+ done
+ IFS="$ac_save_ifs"
+else
+ ac_cv_path_LD="$LD" # Let the user override the test with a path.
+fi])
+LD="$ac_cv_path_LD"
+if test -n "$LD"; then
+ AC_MSG_RESULT($LD)
+else
+ AC_MSG_RESULT(no)
+fi
+test -z "$LD" && AC_MSG_ERROR([no acceptable ld found in \$PATH])
+AC_SUBST(LD)
+AM_PROG_LD_GNU
+])
+
+AC_DEFUN(AM_PROG_LD_GNU,
+[AC_CACHE_CHECK([if the linker ($LD) is GNU ld], ac_cv_prog_gnu_ld,
+[.# I'd rather use --version here, but apparently some GNU ld's only accept -v.
+if $LD -v 2>&1 </dev/null | egrep '(GNU|with BFD)' 1>&5; then
+ ac_cv_prog_gnu_ld=yes
+else
+ ac_cv_prog_gnu_ld=no
+fi])
+])
+
+# AM_PROG_NM - find the path to a BSD-compatible name lister
+AC_DEFUN(AM_PROG_NM,
+[AC_MSG_CHECKING([for BSD-compatible nm])
+AC_CACHE_VAL(ac_cv_path_NM,
+[case "$NM" in
+/* | [A-Za-z]:\\*)
+ ac_cv_path_NM="$NM" # Let the user override the test with a path.
+ ;;
+*)
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:"
+ for ac_dir in /usr/ucb /usr/ccs/bin $PATH /bin; do
+ test -z "$ac_dir" && ac_dir=.
+ if test -f $ac_dir/nm; then
+ # Check to see if the nm accepts a BSD-compat flag.
+ # Adding the `sed 1q' prevents false positives on HP-UX, which says:
+ # nm: unknown option "B" ignored
+ if ($ac_dir/nm -B /dev/null 2>&1 | sed '1q'; exit 0) | egrep /dev/null >/dev/null; then
+ ac_cv_path_NM="$ac_dir/nm -B"
+ elif ($ac_dir/nm -p /dev/null 2>&1 | sed '1q'; exit 0) | egrep /dev/null >/dev/null; then
+ ac_cv_path_NM="$ac_dir/nm -p"
+ else
+ ac_cv_path_NM="$ac_dir/nm"
+ fi
+ break
+ fi
+ done
+ IFS="$ac_save_ifs"
+ test -z "$ac_cv_path_NM" && ac_cv_path_NM=nm
+ ;;
+esac])
+NM="$ac_cv_path_NM"
+AC_MSG_RESULT([$NM])
+AC_SUBST(NM)
+])
+
+# Add --enable-maintainer-mode option to configure.
+# From Jim Meyering
+
+# serial 1
+
+AC_DEFUN(AM_MAINTAINER_MODE,
+[AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])
+ dnl maintainer-mode is disabled by default
+ AC_ARG_ENABLE(maintainer-mode,
+[. --enable-maintainer-mode enable make rules and dependencies not useful
+ (and sometimes confusing) to the casual installer],
+ USE_MAINTAINER_MODE=$enableval,
+ USE_MAINTAINER_MODE=no)
+ AC_MSG_RESULT($USE_MAINTAINER_MODE)
+ if test $USE_MAINTAINER_MODE = yes; then
+ MAINT=
+ else
+ MAINT='#M#'
fi
+ AC_SUBST(MAINT)dnl
+]
+)
- if test $succeeded = yes; then
- ifelse([$3], , :, [$3])
+# Configure paths for GTK+
+# Owen Taylor 97-11-3
+
+dnl AM_PATH_GTK([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]])
+dnl Test for GTK, and define GTK_CFLAGS and GTK_LIBS
+dnl
+AC_DEFUN(AM_PATH_GTK,
+[.dnl
+dnl Get the cflags and libraries from the gtk-config script
+dnl
+ AC_PATH_PROG(GTK_CONFIG, gtk-config, no)
+ min_gtk_version=ifelse([$1], ,0.99.7,$1)
+ AC_MSG_CHECKING(for GTK - version >= $min_gtk_version)
+ no_gtk=""
+ if test "$GTK_CONFIG" != "no" ; then
+ GTK_CFLAGS=`$GTK_CONFIG --cflags`
+ GTK_LIBS=`$GTK_CONFIG --libs`
+ ac_save_CFLAGS="$CFLAGS"
+ ac_save_LIBS="$LIBS"
+ CFLAGS="$CFLAGS $GTK_CFLAGS"
+ LIBS="$LIBS $GTK_LIBS"
+dnl
+dnl Now check if the installed GTK is sufficiently new. (Also sanity
+dnl checks the results of gtk-config to some extent
+dnl
+ AC_TRY_RUN([.
+#include <gtk/gtk.h>
+#include <stdio.h>
+
+int
+main ()
+{
+ int major, minor, micro;
+
+ if (sscanf("$min_gtk_version", "%d.%d.%d", &major, &minor, µ) != 3) {
+ printf("%s, bad version string\n", "$min_gtk_version");
+ exit(1);
+ }
+
+ return !((gtk_major_version > major) ||
+ ((gtk_major_version == major) && (gtk_minor_version > minor)) ||
+ ((gtk_major_version == major) && (gtk_minor_version == minor) && (gtk_micro_version >= micro)));
+}
+],, no_gtk=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"])
+ CFLAGS="$ac_save_CFLAGS"
+ LIBS="$ac_save_LIBS"
else
- ifelse([$4], , AC_MSG_ERROR([.Library requirements ($2) not met; consider adjusting the PKG_CONFIG_PATH environment variable if your libraries are in a nonstandard prefix so pkg-config can find them.]), [$4])
+ no_gtk=yes
fi
+ if test "x$no_gtk" = x ; then
+ AC_MSG_RESULT(yes)
+ ifelse([$2], , :, [$2])
+ else
+ AC_MSG_RESULT(no)
+ GTK_CFLAGS=""
+ GTK_LIBS=""
+ ifelse([$3], , :, [$3])
+ fi
+ AC_SUBST(GTK_CFLAGS)
+ AC_SUBST(GTK_LIBS)
])
+# serial 1
+
+# @defmac AC_PROG_CC_STDC
+# @maindex PROG_CC_STDC
+# @ovindex CC
+# If the C compiler in not in ANSI C mode by default, try to add an option
+# to output variable @code{CC} to make it so. This macro tries various
+# options that select ANSI C on some system or another. It considers the
+# compiler to be in ANSI C mode if it handles function prototypes correctly.
+#
+# If you use this macro, you should check after calling it whether the C
+# compiler has been set to accept ANSI C; if not, the shell variable
+# @code{am_cv_prog_cc_stdc} is set to @samp{no}. If you wrote your source
+# code in ANSI C, you can make an un-ANSIfied copy of it by using the
+# program @code{ansi2knr}, which comes with Ghostscript.
+# @end defmac
+
+AC_DEFUN(AM_PROG_CC_STDC,
+[AC_REQUIRE([AC_PROG_CC])
+AC_BEFORE([$0], [AC_C_INLINE])
+AC_BEFORE([$0], [AC_C_CONST])
+dnl Force this before AC_PROG_CPP. Some cpp's, eg on HPUX, require
+dnl a magic option to avoid problems with ANSI preprocessor commands
+dnl like #elif.
+dnl FIXME: can't do this because then AC_AIX won't work due to a
+dnl circular dependency.
+dnl AC_BEFORE([$0], [AC_PROG_CPP])
+AC_MSG_CHECKING(for ${CC-cc} option to accept ANSI C)
+AC_CACHE_VAL(am_cv_prog_cc_stdc,
+[.am_cv_prog_cc_stdc=no
+ac_save_CC="$CC"
+# Don't try gcc -ansi; that turns off useful extensions and
+# breaks some systems' header files.
+# AIX -qlanglvl=ansi
+# Ultrix and OSF/1 -std1
+# HP-UX -Aa -D_HPUX_SOURCE
+# SVR4 -Xc -D__EXTENSIONS__
+for ac_arg in "" -qlanglvl=ansi -std1 "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+do
+ CC="$ac_save_CC $ac_arg"
+ AC_TRY_COMPILE(
+[.#include <stdarg.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
+struct buf { int x; };
+FILE * (*rcsopen) (struct buf *, struct stat *, int);
+static char *e (p, i)
+ char **p;
+ int i;
+{
+ return p[i];
+}
+static char *f (char * (*g) (char **, int), char **p, ...)
+{
+ char *s;
+ va_list v;
+ va_start (v,p);
+ s = g (p, va_arg (v,int));
+ va_end (v);
+ return s;
+}
+int test (int i, double x);
+struct s1 {int (*f) (int a);};
+struct s2 {int (*f) (double a);};
+int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
+int argc;
+char **argv;
+], [
+return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
+],
+[am_cv_prog_cc_stdc="$ac_arg"; break])
+done
+CC="$ac_save_CC"
+])
+if test -z "$am_cv_prog_cc_stdc"; then
+ AC_MSG_RESULT([none needed])
+else
+ AC_MSG_RESULT($am_cv_prog_cc_stdc)
+fi
+case "x$am_cv_prog_cc_stdc" in
+ x|xno) ;;
+ *) CC="$CC $am_cv_prog_cc_stdc" ;;
+esac
+])
Index: configure
===================================================================
RCS file: /usr/local/cvs/nessus-core/configure,v
retrieving revision 1.137
retrieving revision 1.138
diff -u -d -r1.137 -r1.138
--- configure 8 Feb 2005 01:41:02 -0000 1.137
+++ configure 12 Sep 2006 09:49:03 -0000 1.138
@@ -17,8 +17,6 @@
ac_help="$ac_help
--enable-debug set the compiler flags to -g"
ac_help="$ac_help
- --enable-client build the nessus client"
-ac_help="$ac_help
--enable-install=user for debugging, install as non-root user"
ac_help="$ac_help
--enable-syslog log messages via syslog()"
@@ -540,7 +538,7 @@
fi
[...2821 lines suppressed...]
-s%@gettext_flags@%$gettext_flags%g
CEOF
EOF
@@ -6111,5 +6224,15 @@
chmod +x nessus-adduser nessus-mkcert nessus-mkcert-client
+
+
+test "x$enable_gtk" = "xno" ||
+{
+test -z "$GTKCONFIG" -a -z "$PKGCONFIG" && {
+echo "configure: warning: gtk-config could not be found : the client will not be built. \
+If you want to build a command-line only client then type ./configure --disable-gtk" 1>&2
+}
+
+}
exit 0
Index: configure.in
===================================================================
RCS file: /usr/local/cvs/nessus-core/configure.in,v
retrieving revision 1.130
retrieving revision 1.131
diff -u -d -r1.130 -r1.131
--- configure.in 8 Feb 2005 01:41:01 -0000 1.130
+++ configure.in 12 Sep 2006 09:49:04 -0000 1.131
@@ -9,7 +9,6 @@
dnl --enable-debug
dnl --enable-pthreads (experimental dont use dont use dont use!)
dnl --enable-syslog
-dnl --enable-client
dnl --enable-gtk
dnl --enable-unix-socket
@@ -60,7 +59,6 @@
test "x$enable_syslog" = "x" && enable_syslog="yes";
test "x$enable_syslog" = "xno" && unset enable_syslog
test "x$enable_gtk" = "x" && enable_gtk="yes"
-test "x$enable_client" = "x" && enable_client="yes"
nessus_lib=-lnessus
@@ -76,9 +74,7 @@
AC_ARG_ENABLE(debug,[ --enable-debug set the compiler flags to -g],[
CFLAGS="-g"; debug_flags="-DDEBUG"])
-
-AC_ARG_ENABLE(client,[ --enable-client build the nessus client])
-
+
AC_ARG_ENABLE(install,[ --enable-install=user for debugging, install as non-root user],
installuser=$enable_install)
: ${installuser:=root}
@@ -155,7 +151,6 @@
AC_CHECK_HEADERS(poll.h sys/poll.h netinet/ip_tcp.h fcntl.h signal.h limits.h)
AC_CHECK_HEADERS(sys/stat.h stat.h net/if.h sys/mman.h sys/resource.h dl.h)
AC_CHECK_HEADERS(pty.h termio.h termios.h sgtty.h libutil.h setjmp.h values.h)
-AC_CHECK_HEADERS(locale.h)
dnl ./configure fails to determine the existence of some
dnl headers under IRIX
@@ -380,20 +375,6 @@
[AC_MSG_RESULT(yes); AC_DEFINE(HAVE_TCPHDR_TH_X2_OFF)],
[AC_MSG_RESULT(no)])
-dnl I18N Test (GNU gettext)
-AC_MSG_CHECKING([GNU gettext available])
-AC_TRY_COMPILE([#include <libintl.h>],
-[.extern int _nl_msg_cat_cntr;
-extern int *_nl_domain_bindings;
-int
-main ()
-{
- bindtextdomain ("", "");
- return (int) gettext ("") + (int) ngettext ("", "", 0) + _nl_msg_cat_cntr + *_nl_domain_bindings;
-}],
-[AC_MSG_RESULT(yes); AC_DEFINE(HAVE_GNU_GETTEXT) gettext_flags="-DHAVE_GNU_GETTEXT"],
-[AC_MSG_RESULT(no)])
-
dnl Define several paths
@@ -531,7 +512,7 @@
case "$host" in
- *-freebsd*|*-bsdi*|*-netbsd*)
+ *-freebsd*|*-bsdi*|*-netbsd*|*-darwin*)
AC_DEFINE(BSD_BYTE_ORDERING)
esac
@@ -625,24 +606,96 @@
-if test "x$enable_client" = "xyes"; then
+if test "x$enable_gtk" = "xno"; then
client=client
client_install=client-install
else
unset client
unset client_install
- enable_gtk=no
fi
+AC_PATH_PROG(GTKCONFIG, gtk-config,,$XPATH)
+test "x$GTKCONFIG" = x && {
+ AC_PATH_PROG(GTKCONFIG, gtk12-config,,$XPATH)
+ test "x$GTKCONFIG" = x && AC_PATH_PROG(GTKCONFIG, gtk10-config,,$XPATH)
+ }
+
+
+AC_PATH_PROG(PKGCONFIG, pkg-config,,$XPATH)
+
+
+
+test -n "$GTKCONFIG" -o "$PKGCONFIG" &&
+{
+ client=client
+ client_install=client-install
+ AC_MSG_CHECKING([GTK version])
+ test -n "$PKGCONFIG" && {
+ GTKVERSION=`$PKGCONFIG --modversion gtk+-2.0 2>/dev/null`
+ test -z "$GTKVERSION" && PKGCONFIG=""
+ }
+ test -z "$PKGCONFIG" -o -z "$GTKVERSION" && GTKVERSION=`$GTKCONFIG --version`
+ AC_MSG_RESULT($GTKVERSION)
+ GTK_VERSION=`echo $GTKVERSION | sed 's/\./ /g' | awk {'print $1$2'}`
+ test -n "$GTK_VERSION" && AC_DEFINE_UNQUOTED(GTK_VERSION,$GTK_VERSION)
+}
+
+test -n "$GTKCONFIG" &&
+{
+AC_PATH_PROG(GLIBCONFIG, glib-config,,$XPATH)
+test "x$GLIBCONFIG" = x && {
+ AC_PATH_PROG(GLIBCONFIG, glib12-config,,$XPATH)
+ }
+}
+
+
+test -z "$GTKCONFIG" && AC_WARN(**** gtk not found)
+
+
+
+lang=$enable_language
+
+
+
+
+dnl the -R option that comes with X_LIBS usually overwrites the
+dnl LD_RUN_PATH value (eg. on Solaris)
+
+
test "x$enable_gtk" = "xno" ||
{
-pkg_modules="gtk+-2.0 >= 2.0.0"
-PKG_CHECK_MODULES(GTKCONFIG, [$pkg_modules])
-AC_SUBST(GTKCONFIG_CFLAGS)
-AC_SUBST(GTKCONFIG_LIBS)
+ test -n "$GTKCONFIG" &&
+ {
+ case `${GTKCONFIG} --libs` in
+ *-R\ *) RUN_LIBS='-R ${libdir}' ;;
+ *-R*) RUN_LIBS='-R${libdir}' ;;
+ esac
+
+ GTKCONFIG_CFLAGS=`$GTKCONFIG --cflags`
+ GTKCONFIG_LIBS=`$GTKCONFIG --libs`
+ }
+
+ test -n "$GLIBCONFIG" && {
+ GLIBCONFIG_CFLAGS=`$GLIBCONFIG --cflags`
+ GLIBCONFIG_LIBS=`$GLIBCONFIG --libs`
+ }
+
+ test -n "$PKGCONFIG" &&
+ {
+ GTKCONFIG_CFLAGS=`$PKGCONFIG --cflags gtk+-2.0`
+ GTKCONFIG_LIBS=`$PKGCONFIG --libs gtk+-2.0`
+ GLIBCONFIG_CFLAGS=""
+ GLIBCONFIG_LIBS=""
+ }
+
+
+
+
+
}
+
dnl only vanilla sed can handle long substitution lines
CFLAGS="$saveCFLAGS"
@@ -731,11 +784,12 @@
AC_SUBST(NASLCONFIG)
AC_SUBST(GTKCONFIG_CFLAGS)
AC_SUBST(GTKCONFIG_LIBS)
+AC_SUBST(GLIBCONFIG_CFLAGS)
+AC_SUBST(GLIBCONFIG_LIBS)
AC_SUBST(ac_configure_args)
AC_SUBST(egdpath)
AC_SUBST(is_cygwin)
AC_SUBST(installuser)
-AC_SUBST(gettext_flags)
dnl And we put everything in the appropriate files
@@ -743,5 +797,15 @@
chmod +x nessus-adduser nessus-mkcert nessus-mkcert-client
+
+
+test "x$enable_gtk" = "xno" ||
+{
+test -z "$GTKCONFIG" -a -z "$PKGCONFIG" && {
+AC_WARN(gtk-config could not be found : the client will not be built. \
+If you want to build a command-line only client then type ./configure --disable-gtk)
+}
+
+}
exit 0
Index: nessus-mkcert-client.in
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessus-mkcert-client.in,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- nessus-mkcert-client.in 10 Dec 2004 19:41:46 -0000 1.15
+++ nessus-mkcert-client.in 12 Sep 2006 09:49:04 -0000 1.16
@@ -7,11 +7,38 @@
# This script is distributed under the Gnu General Public License (GPL)
#
+
+case `id 2>/dev/null` in
+ uid=0*)
+ ;;
+ *)
+ echo "only root should use nessus-mkcert-client"
+ exit 1
+esac
+
+
+
case `echo -n` in
\-n) Xn= ; Xc='\c' ;;
*) Xn=-n ; Xc=
esac
+
+echo_no_nl ()
+{
+ echo $Xn "$*$Xc"
+}
+
+
+header()
+{
+clear
+echo "-------------------------------------------------------------------------------"
+echo " Creation Nessus SSL client Certificate"
+echo "-------------------------------------------------------------------------------"
+echo
+}
+#
umask 022
prefix=@prefix@
@@ -32,52 +59,6 @@
PATH=$PATH:$sbindir:$bindir:/usr/ssl/bin:/usr/local/ssl/bin:/opt/ssl/bin
-# check if gettext is present
-
-if [ -f /usr/bin/gettext.sh ];
-then
-
- # initialize gettext
-
- . gettext.sh
- export TEXTDOMAIN=nessus-scripts
- export TEXTDOMAINDIR=@datadir@/locale
-
-else
-
- # define dummy functions
-
- gettext () {
- echo $Xn "$1" $Xc
- }
-
- eval_gettext () {
- eval_gettext_var="echo $1"
- echo $Xn `eval $eval_gettext_var` $Xc
- }
-
-fi
-
-Bo='('
-Bc=')'
-Hash='#'
-
-echo_no_nl ()
-{
- echo $Xn "$*$Xc"
-}
-
-
-header()
-{
-clear
-echo "-------------------------------------------------------------------------------"
-gettext " Creation Nessus SSL Client Certificate"; echo
-echo "-------------------------------------------------------------------------------"
-echo
-}
-#
-
#
# We need openssl
#
@@ -85,13 +66,14 @@
OpenSSL*)
;;
*)
- gettext "OpenSSL is not properly installed: The 'openssl' command line utility could not be found (is your \$PATH set properly?)"; echo
+ echo "OpenSSL is not properly installed (the 'openssl' command line utility could not"
+ echo "be found (is your \$PATH set properly ?)"
exit 1
esac
# Check environment
if [ -z "$HOME" ]; then
- gettext "\$HOME should be defined." 1>&2; echo; exit 1
+ echo "HOME should be defined" 1>&2; exit 1
fi
#
@@ -103,10 +85,11 @@
if [. ! -r /dev/random -a ! -r /dev/urandom -a ! -r $HOME/.rnd ];
then
header
- gettext "You do not have any suitable random source."; echo
- gettext "You will be asked to type a few random keys on your keyboard to generate random bytes."; echo
+ echo "You do not have any suitable random source"
+ echo "You will be asked to type a few random keys on your keyboard"
+ echo "to generate random bytes"
nessus-mkrand $HOME/.rnd 1024
- gettext "Press [ENTER] to continue..."; echo
+ echo "Press [ENTER] to continue..."
fi
}
@@ -116,12 +99,12 @@
NESSUSPUB="$sharedstatedir/nessus/CA"
while [ ! -d "$NESSUSPRIV" ]; do
- gettext "Nessus server 'private' directory: "
+ echo_no_nl "Nessus server 'private' directory: "
read NESSUSPRIV
done
while [ ! -d "$NESSUSPUB" ]; do
- gettext "Nessus server 'public' directory: "
+ echo_no_nl "Nessus server 'public' directory: "
read NESSUSPUB
done
@@ -129,34 +112,35 @@
CACERT=$NESSUSPUB/cacert.pem
while [ ! -f "$CAKEY" ]; do
- eval_gettext "\$CAKEY: not found or not a file."
- gettext "Nessus CA private key: "
+ echo "$CAKEY: not found or not a file"
+ echo_no_nl "Nessus CA private key: "
read CAKEY
done
while [ ! -f "$CACERT" ]; do
- eval_gettext "\$CACERT: not found or not a file."
- gettext "Nessus CA certificate: "
+ echo "$CACERT: not found or not a file"
+ echo_no_nl "Nessus CA certificate: "
read CACERT
done
for F in "$CAKEY" "$CACERT"; do
if [ ! -r "$F" ]; then
- eval_gettext "Cannot read \$F" 1>&2; echo; exit 1
+ echo "Cannot read $F" 1>&2; exit 1
fi
done
R=x
-while [ "$R" != `gettext "y"` -a "$R" != `gettext "n"` ]; do
- gettext "Do you want to register the users in the Nessus server as soon as you create their certificates? (y/n): "
+while [ "$R" != "y" -a "$R" != "n" ]; do
+ echo "Do you want to register the users in the Nessus server "
+ echo_no_nl "as soon as you create their certificates ? (y/n): "
read R
done
-if [ "$R" = `gettext "y"` ]; then
+if [ "$R" = "y" ]; then
USERSDIR=$localstatedir/nessus/users
while [ ! -d "$USERSDIR" ]; do
- eval_gettext "\$USERSDIR: not a directory."; echo
- gettext "Users directory? "
+ echo "$USERSDIR: not a directory"
+ echo_no_nl "Users directory? "
read USERSDIR
done
else
@@ -170,24 +154,23 @@
mkdir $BASEDIR || exit 1
-gettext "This script will now ask you the relevant information to create the SSL client certificates for Nessus."; echo
+echo "This script will now ask you the relevant information to create the SSL"
+echo "client certificates for Nessus."
-gettext "Client certificates life time in days [365]: "; read x
+echo_no_nl "Client certificates life time in days [365]:"; read x
DFL_CERT_LIFETIME=${x:-365}
# Default country = France - Too bad for you, but quicker for my tests!
if [ ! -z "$LANG" ]; then
DC=`echo $LANG | sed -n 's/^..*_\(..\)$/\1/p'`
fi
-X=${DC:=FR}
-eval_gettext "Your country \${Bo}two letter code\${Bc} [\$X]: "; read x
+echo_no_nl "Your country (two letter code) [${DC:=FR}]: "; read x
DFL_COUNTRY=${x:-$DC}
-gettext "Your state or province name [none]: "; read DFL_PROVINCE
-X=Paris;
-eval_gettext "Your location \${Bo}e.g. town\${Bc} [\$X]: "; read x
+echo_no_nl "Your state or province name [none]: "; read DFL_PROVINCE
+X=Paris; echo_no_nl "Your location (e.g. town) [$X]: "; read x
DFL_LOCATION=${x:-$X}
-gettext "Your organization [none]: "; read DFL_ORGANIZATION
-gettext "Your organizational unit [none]: "; read DFL_ORGUNIT
+echo_no_nl "Your organization [none]: "; read DFL_ORGANIZATION
+echo_no_nl "Your organizational unit [none]:"; read DFL_ORGUNIT
#
@@ -323,18 +306,19 @@
echo 01 > $BASEDIR/serial
touch $BASEDIR/index.txt
-echo "**********"
-gettext "We are going to ask you some question for each client certificate. "; echo
-gettext "If some question has a default answer, you can force an empty answer by entering a single dot '.'"; echo
-echo "*********"
+echo "**********
+We are going to ask you some question for each client certificate
+If some question has a default answer, you can force an empty answer by
+entering a single dot '.'
+*********"
-I=1; ANOTHER=`gettext "y"`
+I=1; ANOTHER=y
-while [ "$ANOTHER" != `gettext "n"` ]; do
+while [ "$ANOTHER" != "n" ]; do
PSEUDO=""
while [ -z "$PSEUDO" ]; do
- eval_gettext "User \${Hash}\$I name \${Bo}e.g. Nessus username\${Bc}: "
+ echo_no_nl "User #$I name (e.g. Nessus username): "
read PSEUDO
CERTFILE="$BASEDIR/cert_$PSEUDO.pem"
KEYFILE="$BASEDIR/key_$PSEUDO.pem"
@@ -343,33 +327,28 @@
if [ -f "$CERTFILE" -o -f "$KEYFILE" -o -f "$DNFILE" ]; then
A=""
while [ -z "$A" ]; do
- gettext "Certificate, key or Nessus DN file(s) already exist."; echo
- gettext "Do you want to go on and overwrite it/them? (y/n) "
+ echo "Certificate, key or Nessus DN file(s) already exist."
+ echo_no_nl "Do you want to go on and overwite it/them? "
read A
- if [ "$A" = `gettext "n"` ]; then PSEUDO=""; fi
+ if [ "$A" = "n" ]; then PSEUDO=""; fi
done
fi
done
- eval_gettext "Client certificates life time in days [\$DFL_CERT_LIFETIME]: "
+ echo_no_nl "Client certificates life time in days [$DFL_CERT_LIFETIME]:"
read x
CERT_LIFETIME=${x:-$DFL_CERT_LIFETIME}
- X=$DFL_COUNTRY
- eval_gettext "Country \${Bo}two letter code\${Bc} [\$X]: "; read x
+ echo_no_nl "Country (two letter code) [$DFL_COUNTRY]: "; read x
COUNTRY=${x:-$DFL_COUNTRY}
- X=$DFL_PROVINCE
- eval_gettext "State or province name [\$X]: "; read x
+ echo_no_nl "State or province name [$DFL_PROVINCE]: "; read x
PROVINCE=${x:-$DFL_PROVINCE}
- X=$DFL_LOCATION
- eval_gettext "Location \${Bo}e.g. town\${Bc} [\$X]: "; read x
+ echo_no_nl "Location (e.g. town) [$DFL_LOCATION]: "; read x
LOCATION=${x:-$DFL_LOCATION}
- X=$DFL_ORGANIZATION
- eval_gettext "Organization [\$X]: "; read x
+ echo_no_nl "Organization [$DFL_ORGANIZATION]: "; read x
ORGANIZATION=${x:-$DFL_ORGANIZATION}
- X=$DFL_ORGUNIT
- eval_gettext "Organization unit [\$X]: "; read x
+ echo_no_nl "Organization unit [$DFL_ORGUNIT]: "; read x
ORGUNIT=${x:-$DFL_ORGUNIT}
- gettext "e-Mail []: "; read EMAIL
+ echo_no_nl "e-mail []: "; read EMAIL
# Client key
openssl genrsa -out $KEYFILE 1024
@@ -411,26 +390,25 @@
#
R="$USERSDIR/$PSEUDO/auth/rules"
echo
- gettext "User rules"; echo
+ echo "User rules"
echo "----------"
- eval_gettext "nessusd has a rules system which allows you to restrict the hosts that \$login has the right to test."; echo
- gettext "For instance, you may want him to be able to scan his own host only."; echo
+ echo "nessusd has a rules system which allows you to restrict the hosts"
+ echo "that $login has the right to test. For instance, you may want"
+ echo "him to be able to scan his own host only."
echo
- gettext "Please see the nessus-adduser(8) man page for the rules syntax."; echo
+ echo "Please see the nessus-adduser(8) man page for the rules syntax"
echo
- gettext "Enter the rules for this user, and hit ctrl-D once you are done:"; echo
-
- tmpAddUserFile=$TMPDIR/rules.$$
+ echo "Enter the rules for this user, and hit ctrl-D once you are done: "
- gettext "(the user can have an empty rules set)"; echo
- cat > $tmpAddUserFile || {
- echo "Error - could not write $tmpAddUserFile"
+ echo "(the user can have an empty rules set)"
+ cat > $TMPDIR/rules.$$ || {
+ echo "Error - could not write $TMPDIR/rules.$$"
exit 1
}
- cp $tmpAddUserFile "$USERSDIR/$PSEUDO/auth/rules"
+ cp $TMPDIR/rules.$$ "$USERSDIR/$PSEUDO/auth/rules"
- rm $tmpAddUserFile
+ rm $TMPDIR/rules.$$
#
# create the cert authentication file auth/dname
@@ -457,14 +435,14 @@
mkdir -p "$E"
chmod 700 "$E"
fi
- gettext "User added to Nessus."; echo
+ echo "User added to Nessus."
fi
- gettext "Another client certificate? (y/n) "
+ echo_no_nl "Another client certificate? "
read ANOTHER
I=`expr $I + 1`
done
-eval_gettext "Your client certificates are in \$BASEDIR."; echo
-gettext "You will have to copy them by hand."; echo
+echo "Your client certificates are in $BASEDIR
+You will have to copy them by hand"
Index: nessus-mkcert.in
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessus-mkcert.in,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -d -r1.28 -r1.29
--- nessus-mkcert.in 10 Dec 2004 19:41:46 -0000 1.28
+++ nessus-mkcert.in 12 Sep 2006 09:49:05 -0000 1.29
@@ -13,6 +13,26 @@
*) Xn=-n ; Xc=
esac
+
+
+test "$1" = "-q" && QUIET=y
+
+
+echo_no_nl ()
+{
+ echo $Xn "$*$Xc"
+}
+
+
+header()
+{
+clear
+echo "-------------------------------------------------------------------------------"
+echo " Creation of the Nessus SSL Certificate"
+echo "-------------------------------------------------------------------------------"
+echo
+}
+#
umask 022
prefix=@prefix@
@@ -32,56 +52,14 @@
}
-PATH=$PATH:$sbindir:$bindir:/usr/ssl/bin:/usr/local/ssl/bin:/opt/ssl/bin
-
-
-# check if gettext is present
-
-if [ -f /usr/bin/gettext.sh ];
-then
-
- # initialize gettext
-
- . gettext.sh
- export TEXTDOMAIN=nessus-scripts
- export TEXTDOMAINDIR=@datadir@/locale
-
-else
-
- # define dummy functions
- gettext () {
- echo $Xn "$1" $Xc
- }
- eval_gettext () {
- eval_gettext_var="echo $1"
- echo $Xn `eval $eval_gettext_var` $Xc
- }
-
-fi
-
-Bo='('
-Bc=')'
-test "$1" = "-q" && QUIET=y
+PATH=$PATH:$sbindir:$bindir:/usr/ssl/bin:/usr/local/ssl/bin:/opt/ssl/bin
-echo_no_nl ()
-{
- echo $Xn "$*$Xc"
-}
-header()
-{
-clear
-echo "-------------------------------------------------------------------------------"
-gettext " Creation of the Nessus SSL Certificate"; echo
-echo "-------------------------------------------------------------------------------"
-echo
-}
-#
if [ -z "$is_cygwin" ];
then
@@ -91,12 +69,13 @@
case `id 2>/dev/null` in
uid=0*)
$sbindir/nessusd -g || {
- gettext "Executing nessusd failed. Make sure your library loader is configured properly and that nessusd is in your \$PATH."; echo
+ echo "Executing nessusd failed. Make sure your library loader is configured properly"
+ echo "and that nessusd is in your \$PATH"
exit 1
}
;;
*)
- gettext "Only root can use nessus-mkcert."; echo
+ echo "Only root can use nessus-mkcert"
exit 1
esac
fi
@@ -108,7 +87,8 @@
OpenSSL*)
;;
*)
- gettext "OpenSSL is not properly installed: The 'openssl' command line utility could not be found (is your \$PATH set properly?)"; echo
+ echo "OpenSSL is not properly installed (the 'openssl' command line utility could not"
+ echo "be found (is your \$PATH set properly ?)"
exit 1
esac
@@ -117,19 +97,19 @@
if [ ! -d "$NESSUSPRIV" ]; then
mkdir -p "$NESSUSPRIV"
chmod 0700 "$NESSUSPRIV"
- echo "$NESSUSPRIV `gettext "created"`"
+ echo "$NESSUSPRIV created"
fi
if [ ! -d "$NESSUSPUB" ]; then
mkdir -p "$NESSUSPUB"
chmod a+rx "$NESSUSPUB"
- echo "$NESSUSPUB `gettext "created"`"
+ echo "$NESSUSPUB created"
fi
# Check environment
if [ -z "$HOME" ]; then
- gettext "\$HOME should be defined." 1>&2; echo; exit 1
+ echo "HOME should be defined" 1>&2; exit 1
fi
@@ -142,10 +122,11 @@
if [. ! -r /dev/random -a ! -r /dev/urandom -a ! -r $HOME/.rnd ];
then
header
- gettext "You do not have any suitable random source."; echo
- gettext "You will be asked to type a few random keys on your keyboard to generate random bytes."; echo
+ echo "You do not have any suitable random source"
+ echo "You will be asked to type a few random keys on your keyboard"
+ echo "to generate random bytes"
nessus-mkrand $HOME/.rnd 1024
- gettext "Press [ENTER] to continue..."; echo
+ echo "Press [ENTER] to continue..."
fi
}
@@ -175,14 +156,16 @@
if [ -z "$QUIET" ];
then
header
-gettext "This script will now ask you the relevant information to create the SSL certificate of Nessus."; echo
-gettext "Note that this information will *NOT* be sent to anybody (everything stays local), but anyone with the ability to connect to your Nessus daemon will be able to retrieve this information."; echo
+echo "This script will now ask you the relevant information to create the SSL"
+echo "certificate of Nessus. Note that this information will *NOT* be sent to"
+echo "anybody (everything stays local), but anyone with the ability to connect to your"
+echo "Nessus daemon will be able to retrieve this information."
echo
echo
#
-gettext "CA certificate life time in days [1460]: "; read x
+echo_no_nl "CA certificate life time in days [1460]: "; read x
CACERT_LIFETIME=${x:-1460}
-gettext "Server certificate life time in days [365]: "; read x
+echo_no_nl "Server certificate life time in days [365]: "; read x
SRVCERT_LIFETIME=${x:-365}
#cln echo_no_nl "Client certificate life time in days [365]:"; read x
#cln CLNCERT_LIFETIME=${x:-365}
@@ -193,15 +176,14 @@
# Default country = France
# Too bad for you, but quicker for my tests!
-X=${DC:=FR}
-eval_gettext "Your country \${Bo}two letter code\${Bc} [\$X]: "; read x
+echo_no_nl "Your country (two letter code) [${DC:=FR}]: "; read x
COUNTRY=${x:-$DC}
#
-gettext "Your state or province name [none]: "; read x
+echo_no_nl "Your state or province name [none]: "; read x
PROVINCE=${x:-.}
-X=Paris; eval_gettext "Your location \${Bo}e.g. town\${Bc} [\$X]: "; read x
+X=Paris; echo_no_nl "Your location (e.g. town) [$X]: "; read x
LOCATION=${x:-$X}
-X="Nessus Users United"; eval_gettext "Your organization [\$X]: "; read x
+X="Nessus Users United"; echo_no_nl "Your organization [$X]: "; read x
ORGANIZATION=${x:-$X}
# X="Test unit"; echo_no_nl "Your organization unit [$X]:"; read x
# ORGUNIT=${x:-$X}
@@ -352,7 +334,7 @@
hostname=`hostname`
if [ -z "$hostname" ];
then
- gettext "An error occured while trying to determine hostname!"; echo
+ echo "An error occured while trying to determine hostname !"
exit 1
fi
# The value for organizationalUnitName must be 64 chars or less;
@@ -422,6 +404,7 @@
####
+
chmod a+r $CACERT $SRVCERT #cln $CLNCERT
@@ -446,36 +429,37 @@
if [. -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ];
then
- test -z "$QUIET" && gettext "Congratulations. Your server certificate was properly created."; echo
+ test -z "$QUIET" && echo "Congratulations. Your server certificate was properly created."
mv -f "$CF.tmp" "$CF"
test -z "$QUIET" && {
echo
- eval_gettext "\$CF updated"; echo
+ echo "$CF updated
+ "
#cln echo "Your client certificates are in $BASEDIR
#cln You will have to copy them by hand
- gettext "The following files were created:"; echo
+ echo "The following files were created : "
echo
- gettext ". Certification authority:"; echo
- eval_gettext " Certificate = \$CACERT"; echo
- eval_gettext " Private key = \$CAKEY"; echo
+ echo ". Certification authority : "
+ echo " Certificate = $CACERT"
+ echo " Private key = $CAKEY"
echo
- gettext ". Nessus Server : "; echo
- eval_gettext " Certificate = \$SRVCERT"; echo
- eval_gettext " Private key = \$SRVKEY"; echo
+ echo ". Nessus Server : "
+ echo " Certificate = $SRVCERT"
+ echo " Private key = $SRVKEY"
#cln ***** Nessus client *****
#cln Certificate = $CLNCERT
#cln Private key = $CLNKEY
}
else
- gettext "An error occured while generating the certificates and/or keys!"; echo
+ echo "An error occured while generating the certificates and/or keys !"
echo
- echo_no_nl "`gettext "Do you want to save openssl output in a file for further analysis? (y/n) [y] "`" $Xc
+ echo_no_nl "Do you want to save openssl output in a file for further analysis ? (y/n) [y] " $Xc
read n < /dev/tty
- test -z "$n" -o "$n" = `gettext "y"` && {
- eval_gettext "Where should I save this file? [\$HOME/openssl-output] "
+ test -z "$n" -o "$n" = "y" && {
+ echo_no_nl "Where should I save this file ? [$HOME/openssl-output] "
read n < /dev/tty
test -z "$n" && n="$HOME/openssl-output"
cp "$BASEDIR"/openssl-log "$n"
@@ -488,7 +472,7 @@
test -z "$QUIET" &&
{
echo
- gettext "Press [ENTER] to exit"; echo; read x
+ echo "Press [ENTER] to exit"; read x
}
rm -rf "$BASEDIR"
Index: nessus-rmuser.in
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessus-rmuser.in,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- nessus-rmuser.in 17 Mar 2005 22:11:07 -0000 1.10
+++ nessus-rmuser.in 12 Sep 2006 09:49:05 -0000 1.11
@@ -26,32 +26,6 @@
nessusd=@sbindir@/nessusd
nessusd_users=@sysconfdir@/nessus/nessusd.users
-# check if gettext is present
-
-if [ -f /usr/bin/gettext.sh ];
-then
-
- # initialize gettext
-
- . gettext.sh
- export TEXTDOMAIN=nessus-scripts
- export TEXTDOMAINDIR=@datadir@/locale
-
-else
-
- # define dummy functions
-
- gettext () {
- echo $1
- }
-
- eval_gettext () {
- echo $1
- }
-
-fi
-
-#
# check whether we have echo -n, depending
# on the current shell, used
case `echo -n` in
@@ -63,28 +37,28 @@
then
# make sure that we are root
case `id` in uid=0*) ;; *)
- gettext "Only root should use nessus-rmuser."; echo
+ echo "only root should use nessus-rmuser"
exit 1
esac
fi
-login="$1"
+login=$1
-test -z "$login" && {
-echo $Xn "`gettext "Login to remove :"` $Xc"
+test -z "$1" && {
+echo $Xn "Login to remove : $Xc"
read login
}
test -z "$login" && {
- gettext "No login entered"
- exit 1
-}
+ echo "No login entered"
+ exit 1
+ }
if [ -d "$localstatedir/nessus/users/$login" ];
then
rm -rf "$localstatedir/nessus/users/$login"
- gettext "user removed."; echo
+ echo "user removed."
else
- gettext "user does not exist"; echo
+ echo "This user does not exist"
fi
Index: nessus-services
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessus-services,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- nessus-services 14 Feb 2006 12:05:58 -0000 1.10
+++ nessus-services 12 Sep 2006 09:49:05 -0000 1.11
@@ -53,8 +53,8 @@
rlp 39/udp
graphics 41/tcp
graphics 41/udp
-nameserver 42/tcp
-nameserver 42/udp
+name 42/tcp
+name 42/udp
nicname 43/tcp
nicname 43/udp
mpm-flags 44/tcp
@@ -99,8 +99,8 @@
[...5151 lines suppressed...]
com-bardac-dw 48556/udp
compaqdiag 49400/tcp
@@ -12065,15 +8849,15 @@
pop3proxy 50002/tcp
pop3proxy 50003/tcp
pop3proxy 50004/tcp
-sockets-de-troi 50505/udp
sockets-de-troje 50505/tcp
+sockets-de-troi 50505/udp
fore 50776/tcp
fore 50776/udp
dialpad 51210/tcp
winshut 53001/tcp
bo2k 54320/tcp
-bo2k 54321/udp
schoolbus 54321/tcp
+bo2k 54321/udp
ivisit 56768/udp
netraider 57341/tcp
sap-r3-instgui 59595/tcp
Index: nessus.tmpl.in
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessus.tmpl.in,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -d -r1.38 -r1.39
--- nessus.tmpl.in 10 Dec 2004 15:29:21 -0000 1.38
+++ nessus.tmpl.in 12 Sep 2006 09:49:05 -0000 1.39
@@ -41,9 +41,6 @@
INSTALL=@INSTALL@
INSTALL_DIR=@INSTALL_DIR@
installuser=@installuser@
-localedir=$(datadir)/locale
-
-VERSION=@NESSUS_MAJOR@.@NESSUS_MINOR@.@NESSUS_PATCH@
# Nessus specific
NESSUSD_CONFDIR=@NESSUSD_CONFDIR@
@@ -57,7 +54,7 @@
NESSUSD_PLUGINS=@NESSUSD_PLUGINS@
NESSUSD_REPORTS=@NESSUSD_REPORTS@
-NESSUS_DIRECTORIES="-DNESSUSD_CONFDIR=\"$(NESSUSD_CONFDIR)\"" "-DNESSUSD_STATEDIR=\"$(NESSUSD_STATEDIR)\"" "-DNESSUSD_DATADIR=\"$(NESSUSD_DATADIR)\"" "-DNESSUSD_LIBDIR=\"${NESSUSD_LIBDIR}\"" "-DNESSUSD_PLUGINS=\"${NESSUSD_PLUGINS}\"" "-DNESSUSD_REPORTS=\"${NESSUSD_REPORTS}\"" -DNESSUSD_SHAREDSTATEDIR=\"${NESSUSD_SHAREDSTATEDIR}\" -DNESSUSD_LOGDIR=\"${NESSUSD_LOGDIR}\" -DNESSUS_DOCDIR=\"${NESSUS_DOCDIR}\"
+NESSUS_DIRECTORIES="-DNESSUSD_CONFDIR=\"$(NESSUSD_CONFDIR)\"" "-DNESSUSD_STATEDIR=\"$(NESSUSD_STATEDIR)\"" "-DNESSUSD_DATADIR=\"$(NESSUSD_DATADIR)\"" "-DNESSUSD_LIBDIR=\"${NESSUSD_LIBDIR}\"" "-DNESSUSD_PLUGINS=\"${NESSUSD_PLUGINS}\"" "-DNESSUSD_REPORTS=\"${NESSUSD_REPORTS}\"" -DNESSUSD_SHAREDSTATEDIR=\"${NESSUSD_SHAREDSTATEDIR}\" -DNESSUSD_LOGDIR=\"${NESSUSD_LOGDIR}\"
#
# The server / client modes do not make a lot of sense
@@ -104,9 +101,6 @@
USE_GTK = @gtk_flags@
-# Is GNU Gettext available?
-USE_GNU_GETTEXT = @gettext_flags@ -DLOCALEDIR=\"$(localedir)\"
-
# Build with debugging ?
DEBUG = @debug_flags@
@@ -114,9 +108,9 @@
USE_LIBWRAP = @uselibwrap@
# Some defines you may want to modify
-NESSUS_DEFS=@DEFS@ $(USE_PTHREADS) $(DEBUG) $(USE_GTK) $(USE_LIBWRAP) $(USE_GNU_GETTEXT)
+NESSUS_DEFS=@DEFS@ $(USE_PTHREADS) $(DEBUG) $(USE_GTK) $(USE_LIBWRAP)
DEFS=
-LDFLAGS=@LDFLAGS@
+LDFLAGS=
# Your C compiler
CC=@CC@
@@ -124,6 +118,8 @@
NASLCONFIG=@NASLCONFIG@
GTKCONFIG_CFLAGS=@GTKCONFIG_CFLAGS@
GTKCONFIG_LIBS=@GTKCONFIG_LIBS@
+GLIBCONFIG_CFLAGS=@GLIBCONFIG_CFLAGS@
+GLIBCONFIG_LIBS=@GLIBCONFIG_LIBS@
DL_LIB=@dl_lib@
RESOLV_LIB=@resolv_lib@
SOCKET_LIB=@socket_lib@
@@ -141,8 +137,6 @@
# documentation
MAN_NESSUS_1=@man_nessus_1@
MAN_NESSUSD_8=@man_nessusd_8@
-# where the pdf doc's reside:
-NESSUS_DOCDIR=$(datadir)/doc/nessus
# C compiler options
NESSCFLAGS=@NESSCFLAGS@
_______________________________________________
Nessus-cvs mailing list
Nessus-cvs@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus-cvs
In directory raccoon.nessus.org:/tmp/cvs-serv4246/nessus-core
Modified Files:
CHANGES Makefile aclocal.m4 configure configure.in
nessus-mkcert-client.in nessus-mkcert.in nessus-rmuser.in
nessus-services nessus.tmpl.in
Log Message:
Synchronize back DEVEL with 2.2
Index: CHANGES
===================================================================
RCS file: /usr/local/cvs/nessus-core/CHANGES,v
retrieving revision 1.313
retrieving revision 1.314
diff -u -d -r1.313 -r1.314
--- CHANGES 28 Oct 2004 01:51:23 -0000 1.313
+++ CHANGES 12 Sep 2006 09:49:03 -0000 1.314
@@ -4,6 +4,204 @@
$Id$
+2.2.8 :
+
+- nessusd :
+
+ - Make sure that plugins of type ACT_INIT and ACT_SETTINGS are
+ always enabled during a scan
+
+ - Display more error verbose error messages when it's impossible to
+ load a .nes plugin
+
+ - Fixed a harmless memory reallocation problem which would truncate
+ a very long preference name
+
+- nessus-libraries
+
+ - Fixed a possible memory corruption when forwarding data from a process
+ to another
+
+- libnasl :
+
+ - 'a = b + c ++' would not work as expected
+ - fixed a memory allocation problem when split() is passed an argument of
+ the wrong type
+
+
+2.2.7 :
+
+. changes by Tenable Network Security :
+
+- nessus-libraries :
+
+ - Fixed a NULL pointer dereferencement in the BPF server
+ - The 'service' functions now only deal with the services file provided
+ with Nessus (instead of using a mix of /etc/services and others)
+
+- libnasl :
+
+ - Fixed off-by-one bugs in insstr() and str_replace() which would sometimes
+ prevent these two functions from properly dealing with the last character of a
+ string
+ - Fixed tcp_ping() which was too aggressive and may therefore sometimes miss
+ a live host
+ - Fixed a bug in send() which would not properly validate the value of the
+ 'length' variable
+ - Now handle arrays of arrays
+ - Fixed open_priv_sock_tcp() which would report a successful connection when
+ timing out
+
+- nessusd :
+
+ - Properly install the file 'nessus-services' in $prefix/var/nessus/
+ - Bigger buffer when receiving preferences from the client (to avoid a possible
+ truncation of the plugin list in the future)
+ - Fixed a bug in the preferences parser which would cause nessusd to die on startup when
+ processing a malformed preference file
+
+- nessus :
+
+ - Fixed an unlikely but potential segmentation fault when viewing the report in the GUI
+ - Erase the credentials from memory after having used them (thanks to Sumiut Siddhart
+ for noticing this)
+
+- plugins :
+
+ - nmap.nasl has been removed from the main distribution (to use nmap from Nessus,
+ read <http://www.nessus.org/u?e56c945b>)
+
+ - Performance improvements to nessus_tcp_scanner
+
+ - Improved the file nessus-services
+
+
+2.2.6 :
+
+. changes by Tenable Network Security :
+
+- Engine :
+
+ - New NASL function socket_get_error() which returns the last error which
+ occured on a socket (timeout, connection reset, etc...)
+ - Removed the C function http_recv_headers() in favor of 'http_recv_headers2()'
+ written in NASL
+ - If the computer clock is not set properly, load the plugins anyways
+ - Under certain circumstances, the plugins preferences may appear twice in the
+ Nessus GUI
+ - nessus-fetch is more reliable when used in a very low bandwidth environment
+ - nessusd has higher memory limits when running on a 64 bits CPU
+ - Use nasl_memmem() instead of memmem() to solve a possible segfault on
+ 64 bits architectures (bug#1293)
+
+Plugins :
+
+ - The Windows Bulletin checks now check the version of the files on the remote
+ host (when possible) instead of looking at the registry
+ - It is now possible to disable CGI scanning entirely in Prefs->Global Settings
+ - Rewritten several key plugins (dcetest.nasl, netbios_name_get.nasl) to better
+ support the underlying protocol
+
+. changes by Michel Arboi :
+
+- nessus_tcp_scanner now performs multiple passes, for improved reliability.
+ It also is much quicker against BSD machines (which have a rate limitation
+ for the RST they send)
+
+
+
+2.2.5 :
+
+. changes by Renaud Deraison :
+
+- Faster scan startup speed (at the expense of a slightly bigger memory usage)
+- nessus-fetch now calls nessus-update-plugins upon registration
+- Fixed the use of an uninitialized buffer in the shared socket code
+- Fixed some uninitialized variables in nessus_tcp_scanner
+- Fixed several null pointer dereferencement in libnasl
+- New NASL function 'send_capture()'
+- Rotate nessusd.messages on startup if the file is too big
+
+. changes by Michel Arboi :
+
+- nessus_tcp_scanner now tracks down more statistics about the remote ports
+ (filtered vs. closed)
+
+. changes by Beirne Kornarksi :
+
+- Fixed bug#1224
+
+2.2.4 :
+
+. changes by Renaud Deraison :
+
+- Fixed a bug in nessusd when killing slow plugins, which may result
+ in a hang of the scan
+- Fixed a bug in find_services.nes which would prevent it from exiting
+ properly when receiving a SIGTERM message
+- Fixed a bug in libnessus/network.c which may result in incompletes
+ SSL reads
+- Fixed proxy support in nessus-fetch
+- Reduced CPU usage
+- Brand new SMB API
+- The nessus-fetch man page is now installed
+- Updated os_fingerprint.nasl with all the newest signatures
+
+. changes by Michel Arboi :
+
+- More gentle nessus_tcp_scanner
+
+2.2.3 :
+
+. changes by Renaud Deraison :
+
+- Added the 'silent dependencies' option (suggested by Nicolas Pouvesle)
+- Added a new 'Credentials' Tab to put SSH and SMB credentials
+- Removed some un-recommended options from the GUI (detached scan)
+- Fixed a NULL-ptr dereferencement in libnasl
+
+. changes by Michel Arboi :
+
+- Call setrlimit() without any limits when calling popen()
+
+. changes by Nicolas Pouvesle :
+
+- Replaced the functions in libnasl/nasl/smb_crypt.* by crypt_func.nasl
+
+2.2.2 :
+
+. changes by Renaud Deraison :
+
+- Fixed HTTPS-over-proxy in nessus-fetch
+- Fixed a build issue on Solaris in nessus-fetch
+- Fixed the detached scans
+
+2.2.1 :
+
+. changes by Renaud Deraison :
+
+- Turn on buffering for every TCP sockets to reduce the number of system calls
+(only HTTP-related sockets would have a buffered input)
+
+- Fixed bug#1065 which would make nessusd do an endless stream of calls
+to gethostbyname() when testing a non-existant host name
+
+- Fixed a bug in the TCP socket buffering which would cause
+read_stream_connection() to perform a short read under some circumstances
+
+- Added nessus-fetch(1), a utility which retrieves plugins from
+www.nessus.org.
+
+- Rewrote nessus-update-plugins to use nessus-fetch instead
+of wget/lynx/fetch/curl
+
+- Fixed bug#1076 (support for bash 3.0)
+
+. changes by Michel Arboi :
+
+- New TCP port scanner (nessus_tcp_portscan.nes)
+- Better Hydra integration through multiple nasl scripts
+
2.2.0 :
- Fixed a couple of memory leaks (thanks to Lance Uyehara)
Index: Makefile
===================================================================
RCS file: /usr/local/cvs/nessus-core/Makefile,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -d -r1.57 -r1.58
--- Makefile 14 Mar 2005 22:34:04 -0000 1.57
+++ Makefile 12 Sep 2006 09:49:03 -0000 1.58
@@ -38,6 +38,7 @@
test -d $(DESTDIR)${NESSUSD_STATEDIR}/tmp || $(INSTALL_DIR) -m 755 $(DESTDIR)${NESSUSD_STATEDIR}/tmp
test -d $(DESTDIR)${NESSUSD_STATEDIR}/jobs || $(INSTALL_DIR) -m 755 $(DESTDIR)${NESSUSD_STATEDIR}/jobs
test -d $(DESTDIR)${NESSUSD_LOGDIR} || $(INSTALL_DIR) -m 755 $(DESTDIR)${NESSUSD_LOGDIR}
+ $(INSTALL) -c -m 0444 nessus-services $(DESTDIR)${NESSUSD_STATEDIR}/
$(INSTALL) -c -m 0444 include/config.h $(DESTDIR)${includedir}/nessus
$(INSTALL) -c -m 0444 include/ntcompat.h $(DESTDIR)${includedir}/nessus
$(INSTALL) -c -m 0444 include/includes.h $(DESTDIR)${includedir}/nessus
@@ -109,6 +110,7 @@
clean:
cd nessus && $(MAKE) clean
+ cd nessus-fetch && $(MAKE) clean
cd nessusd && $(MAKE) clean
cd ssl && $(MAKE) clean
Index: aclocal.m4
===================================================================
RCS file: /usr/local/cvs/nessus-core/aclocal.m4,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- aclocal.m4 3 Nov 2004 13:07:46 -0000 1.3
+++ aclocal.m4 12 Sep 2006 09:49:03 -0000 1.4
@@ -1,71 +1,511 @@
-# aclocal.m4 generated automatically by aclocal 1.6.3 -*- Autoconf -*-
+dnl aclocal.m4 generated automatically by aclocal 1.2f
-# Copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002
-# Free Software Foundation, Inc.
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
+dnl Copyright (C) 1994, 1995, 1996, 1997, 1998 Free Software Foundation, Inc.
+dnl This Makefile.in is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
-# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-# PARTICULAR PURPOSE.
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+dnl even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+dnl PARTICULAR PURPOSE.
+# Do all the work for Automake. This macro actually does too much --
+# some checks are only needed if your package does certain things.
+# But this isn't really a big deal.
-dnl PKG_CHECK_MODULES(GSTUFF, gtk+-2.0 >= 1.3 glib = 1.3.4, action-if, action-not)
-dnl defines GSTUFF_LIBS, GSTUFF_CFLAGS, see pkg-config man page
-dnl also defines GSTUFF_PKG_ERRORS on error
-AC_DEFUN(PKG_CHECK_MODULES, [.
- succeeded=no
+# serial 1
- if test -z "$PKG_CONFIG"; then
- AC_PATH_PROG(PKG_CONFIG, pkg-config, no)
+#
+# Check to make sure that the build environment is sane.
+#
+
+AC_DEFUN(AM_SANITY_CHECK,
+[AC_MSG_CHECKING([whether build environment is sane])
+# Just in case
+sleep 1
+echo timestamp > conftestfile
+# Do `set' in a subshell so we don't clobber the current shell's
+# arguments. Must try -L first in case configure is actually a
+# symlink; some systems play weird games with the mod time of symlinks
+# (eg FreeBSD returns the mod time of the symlink's containing
+# directory).
+if (
+ set X `ls -Lt $srcdir/configure conftestfile 2> /dev/null`
+ if test "[$]*" = "X"; then
+ # -L didn't work.
+ set X `ls -t $srcdir/configure conftestfile`
+ fi
+ if test "[$]*" != "X $srcdir/configure conftestfile" \
+ && test "[$]*" != "X conftestfile $srcdir/configure"; then
+
+ # If neither matched, then we have a broken ls. This can happen
+ # if, for instance, CONFIG_SHELL is bash and it inherits a
+ # broken ls alias from the environment. This has actually
+ # happened. Such a system could not be considered "sane".
+ AC_MSG_ERROR([.ls -t appears to fail. Make sure there is not a broken
+alias in your environment])
+ fi
+
+ test "[$]2" = conftestfile
+ )
+then
+ # Ok.
+ :
+else
+ AC_MSG_ERROR([.newly created file is older than distributed files!
+Check your system clock])
+fi
+rm -f conftest*
+AC_MSG_RESULT(yes)])
+
+dnl AM_MISSING_PROG(NAME, PROGRAM, DIRECTORY)
+dnl The program must properly implement --version.
+AC_DEFUN(AM_MISSING_PROG,
+[.AC_MSG_CHECKING(for working $2)
+# Run test in a subshell; some versions of sh will print an error if
+# an executable is not found, even if stderr is redirected.
+# Redirect stdin to placate older versions of autoconf. Sigh.
+if ($2 --version) < /dev/null > /dev/null 2>&1; then
+ $1=$2
+ AC_MSG_RESULT(found)
+else
+ $1="$3/missing $2"
+ AC_MSG_RESULT(missing)
+fi
+AC_SUBST($1)])
+
+# Like AC_CONFIG_HEADER, but automatically create stamp file.
+
+AC_DEFUN(AM_CONFIG_HEADER,
+[AC_PREREQ([2.12])
+AC_CONFIG_HEADER([$1])
+dnl When config.status generates a header, we must update the stamp-h file.
+dnl This file resides in the same directory as the config header
+dnl that is generated. We must strip everything past the first ":",
+dnl and everything past the last "/".
+AC_OUTPUT_COMMANDS(changequote(<<,>>)dnl
+ifelse(patsubst(<<$1>>, <<[^ ]>>, <<>>), <<>>,
+<<test -z "<<$>>CONFIG_HEADERS" || echo timestamp > patsubst(<<$1>>, <<^\([^:]*/\)?.*>>, <<\1>>)stamp-h<<>>dnl>>,
+<<am_indx=1
+for am_file in <<$1>>; do
+ case " <<$>>CONFIG_HEADERS " in
+ *" <<$>>am_file "*<<)>>
+ echo timestamp > `echo <<$>>am_file | sed -e 's%:.*%%' -e 's%[^/]*$%%'`stamp-h$am_indx
+ ;;
+ esac
+ am_indx=`expr "<<$>>am_indx" + 1`
+done<<>>dnl>>)
+changequote([,]))])
+
+
+# serial 24 AM_PROG_LIBTOOL
+AC_DEFUN(AM_PROG_LIBTOOL,
+[AC_REQUIRE([AM_ENABLE_SHARED])dnl
+AC_REQUIRE([AM_ENABLE_STATIC])dnl
+AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_PROG_RANLIB])dnl
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AM_PROG_LD])dnl
+AC_REQUIRE([AM_PROG_NM])dnl
+AC_REQUIRE([AC_PROG_LN_S])dnl
+dnl
+# Always use our own libtool.
+LIBTOOL='$(SHELL) $(top_builddir)/libtool'
+AC_SUBST(LIBTOOL)dnl
+
+# Check for any special flags to pass to ltconfig.
+libtool_flags=
+test "$enable_shared" = no && libtool_flags="$libtool_flags --disable-shared"
+test "$enable_static" = no && libtool_flags="$libtool_flags --disable-static"
+test "$silent" = yes && libtool_flags="$libtool_flags --silent"
+test "$ac_cv_prog_gcc" = yes && libtool_flags="$libtool_flags --with-gcc"
+test "$ac_cv_prog_gnu_ld" = yes && libtool_flags="$libtool_flags --with-gnu-ld"
+
+# Some flags need to be propagated to the compiler or linker for good
+# libtool support.
+case "$host" in
+*-*-irix6*)
+ # Find out which ABI we are using.
+ echo '[#]line __oline__ "configure"' > conftest.$ac_ext
+ if AC_TRY_EVAL(ac_compile); then
+ case "`/usr/bin/file conftest.o`" in
+ *32-bit*)
+ LD="${LD-ld} -32"
+ ;;
+ *N32*)
+ LD="${LD-ld} -n32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -64"
+ ;;
+ esac
fi
+ rm -rf conftest*
+ ;;
- if test "$PKG_CONFIG" = "no" ; then
- echo "*** The pkg-config script could not be found. Make sure it is"
- echo "*** in your path, or set the PKG_CONFIG environment variable"
- echo "*** to the full path to pkg-config."
- echo "*** Or see http://www.freedesktop.org/software/pkgconfig to get pkg-config."
- else
- PKG_CONFIG_MIN_VERSION=0.9.0
- if $PKG_CONFIG --atleast-pkgconfig-version $PKG_CONFIG_MIN_VERSION; then
- AC_MSG_CHECKING(for $2)
+*-*-sco3.2v5*)
+ # On SCO OpenServer 5, we need -belf to get full-featured binaries.
+ CFLAGS="$CFLAGS -belf"
+ ;;
+esac
- if $PKG_CONFIG --exists "$2" ; then
- AC_MSG_RESULT(yes)
- succeeded=yes
+# Actually configure libtool. ac_aux_dir is where install-sh is found.
+CC="$CC" CFLAGS="$CFLAGS" CPPFLAGS="$CPPFLAGS" \
+LD="$LD" NM="$NM" RANLIB="$RANLIB" LN_S="$LN_S" \
+${CONFIG_SHELL-/bin/sh} $ac_aux_dir/ltconfig \
+$libtool_flags --no-verify $ac_aux_dir/ltmain.sh $host \
+|| AC_MSG_ERROR([libtool configure failed])
+])
- AC_MSG_CHECKING($1_CFLAGS)
- $1_CFLAGS=`$PKG_CONFIG --cflags "$2"`
- AC_MSG_RESULT($$1_CFLAGS)
+# AM_ENABLE_SHARED - implement the --enable-shared flag
+# Usage: AM_ENABLE_SHARED[(DEFAULT)]
+# Where DEFAULT is either `yes' or `no'. If omitted, it defaults to
+# `yes'.
+AC_DEFUN(AM_ENABLE_SHARED,
+[define([AM_ENABLE_SHARED_DEFAULT], ifelse($1, no, no, yes))dnl
+AC_ARG_ENABLE(shared,
+changequote(<<, >>)dnl
+<< --enable-shared build shared libraries [default=>>AM_ENABLE_SHARED_DEFAULT]
+changequote([, ])dnl
+[. --enable-shared=PKGS only build shared libraries if the current package
+ appears as an element in the PKGS list],
+[.p=${PACKAGE-default}
+case "$enableval" in
+yes) enable_shared=yes ;;
+no) enable_shared=no ;;
+*)
+ enable_shared=no
+ # Look at the argument we got. We use all the common list separators.
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:,"
+ for pkg in $enableval; do
+ if test "X$pkg" = "X$p"; then
+ enable_shared=yes
+ fi
+ done
+ IFS="$ac_save_ifs"
+ ;;
+esac],
+enable_shared=AM_ENABLE_SHARED_DEFAULT)dnl
+])
- AC_MSG_CHECKING($1_LIBS)
- $1_LIBS=`$PKG_CONFIG --libs "$2"`
- AC_MSG_RESULT($$1_LIBS)
- else
- $1_CFLAGS=""
- $1_LIBS=""
- ## If we have a custom action on failure, don't print errors, but
- ## do set a variable so people can do so.
- $1_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "$2"`
- ifelse([$4], ,echo $$1_PKG_ERRORS,)
- fi
+# AM_DISABLE_SHARED - set the default shared flag to --disable-shared
+AC_DEFUN(AM_DISABLE_SHARED,
+[AM_ENABLE_SHARED(no)])
- AC_SUBST($1_CFLAGS)
- AC_SUBST($1_LIBS)
- else
- echo "*** Your version of pkg-config is too old. You need version $PKG_CONFIG_MIN_VERSION or newer."
- echo "*** See http://www.freedesktop.org/software/pkgconfig"
- fi
+# AM_DISABLE_STATIC - set the default static flag to --disable-static
+AC_DEFUN(AM_DISABLE_STATIC,
+[AM_ENABLE_STATIC(no)])
+
+# AM_ENABLE_STATIC - implement the --enable-static flag
+# Usage: AM_ENABLE_STATIC[(DEFAULT)]
+# Where DEFAULT is either `yes' or `no'. If omitted, it defaults to
+# `yes'.
+AC_DEFUN(AM_ENABLE_STATIC,
+[define([AM_ENABLE_STATIC_DEFAULT], ifelse($1, no, no, yes))dnl
+AC_ARG_ENABLE(static,
+changequote(<<, >>)dnl
+<< --enable-static build static libraries [default=>>AM_ENABLE_STATIC_DEFAULT]
+changequote([, ])dnl
+[. --enable-static=PKGS only build shared libraries if the current package
+ appears as an element in the PKGS list],
+[.p=${PACKAGE-default}
+case "$enableval" in
+yes) enable_static=yes ;;
+no) enable_static=no ;;
+*)
+ enable_static=no
+ # Look at the argument we got. We use all the common list separators.
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:,"
+ for pkg in $enableval; do
+ if test "X$pkg" = "X$p"; then
+ enable_static=yes
+ fi
+ done
+ IFS="$ac_save_ifs"
+ ;;
+esac],
+enable_static=AM_ENABLE_STATIC_DEFAULT)dnl
+])
+
+
+# AM_PROG_LD - find the path to the GNU or non-GNU linker
+AC_DEFUN(AM_PROG_LD,
+[.AC_ARG_WITH(gnu-ld,
+[ --with-gnu-ld assume the C compiler uses GNU ld [default=no]],
+test "$withval" = no || with_gnu_ld=yes, with_gnu_ld=no)
+AC_REQUIRE([AC_PROG_CC])
+ac_prog=ld
+if test "$ac_cv_prog_gcc" = yes; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ AC_MSG_CHECKING([for ld used by GCC])
+ ac_prog=`($CC -print-prog-name=ld) 2>&5`
+ case "$ac_prog" in
+ # Accept absolute paths.
+ /* | [A-Za-z]:\\*)
+ test -z "$LD" && LD="$ac_prog"
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test "$with_gnu_ld" = yes; then
+ AC_MSG_CHECKING([for GNU ld])
+else
+ AC_MSG_CHECKING([for non-GNU ld])
+fi
+AC_CACHE_VAL(ac_cv_path_LD,
+[.if test -z "$LD"; then
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:"
+ for ac_dir in $PATH; do
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog"; then
+ ac_cv_path_LD="$ac_dir/$ac_prog"
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some GNU ld's only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ if "$ac_cv_path_LD" -v 2>&1 < /dev/null | egrep '(GNU|with BFD)' > /dev/null; then
+ test "$with_gnu_ld" != no && break
+ else
+ test "$with_gnu_ld" != yes && break
+ fi
+ fi
+ done
+ IFS="$ac_save_ifs"
+else
+ ac_cv_path_LD="$LD" # Let the user override the test with a path.
+fi])
+LD="$ac_cv_path_LD"
+if test -n "$LD"; then
+ AC_MSG_RESULT($LD)
+else
+ AC_MSG_RESULT(no)
+fi
+test -z "$LD" && AC_MSG_ERROR([no acceptable ld found in \$PATH])
+AC_SUBST(LD)
+AM_PROG_LD_GNU
+])
+
+AC_DEFUN(AM_PROG_LD_GNU,
+[AC_CACHE_CHECK([if the linker ($LD) is GNU ld], ac_cv_prog_gnu_ld,
+[.# I'd rather use --version here, but apparently some GNU ld's only accept -v.
+if $LD -v 2>&1 </dev/null | egrep '(GNU|with BFD)' 1>&5; then
+ ac_cv_prog_gnu_ld=yes
+else
+ ac_cv_prog_gnu_ld=no
+fi])
+])
+
+# AM_PROG_NM - find the path to a BSD-compatible name lister
+AC_DEFUN(AM_PROG_NM,
+[AC_MSG_CHECKING([for BSD-compatible nm])
+AC_CACHE_VAL(ac_cv_path_NM,
+[case "$NM" in
+/* | [A-Za-z]:\\*)
+ ac_cv_path_NM="$NM" # Let the user override the test with a path.
+ ;;
+*)
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:"
+ for ac_dir in /usr/ucb /usr/ccs/bin $PATH /bin; do
+ test -z "$ac_dir" && ac_dir=.
+ if test -f $ac_dir/nm; then
+ # Check to see if the nm accepts a BSD-compat flag.
+ # Adding the `sed 1q' prevents false positives on HP-UX, which says:
+ # nm: unknown option "B" ignored
+ if ($ac_dir/nm -B /dev/null 2>&1 | sed '1q'; exit 0) | egrep /dev/null >/dev/null; then
+ ac_cv_path_NM="$ac_dir/nm -B"
+ elif ($ac_dir/nm -p /dev/null 2>&1 | sed '1q'; exit 0) | egrep /dev/null >/dev/null; then
+ ac_cv_path_NM="$ac_dir/nm -p"
+ else
+ ac_cv_path_NM="$ac_dir/nm"
+ fi
+ break
+ fi
+ done
+ IFS="$ac_save_ifs"
+ test -z "$ac_cv_path_NM" && ac_cv_path_NM=nm
+ ;;
+esac])
+NM="$ac_cv_path_NM"
+AC_MSG_RESULT([$NM])
+AC_SUBST(NM)
+])
+
+# Add --enable-maintainer-mode option to configure.
+# From Jim Meyering
+
+# serial 1
+
+AC_DEFUN(AM_MAINTAINER_MODE,
+[AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])
+ dnl maintainer-mode is disabled by default
+ AC_ARG_ENABLE(maintainer-mode,
+[. --enable-maintainer-mode enable make rules and dependencies not useful
+ (and sometimes confusing) to the casual installer],
+ USE_MAINTAINER_MODE=$enableval,
+ USE_MAINTAINER_MODE=no)
+ AC_MSG_RESULT($USE_MAINTAINER_MODE)
+ if test $USE_MAINTAINER_MODE = yes; then
+ MAINT=
+ else
+ MAINT='#M#'
fi
+ AC_SUBST(MAINT)dnl
+]
+)
- if test $succeeded = yes; then
- ifelse([$3], , :, [$3])
+# Configure paths for GTK+
+# Owen Taylor 97-11-3
+
+dnl AM_PATH_GTK([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]])
+dnl Test for GTK, and define GTK_CFLAGS and GTK_LIBS
+dnl
+AC_DEFUN(AM_PATH_GTK,
+[.dnl
+dnl Get the cflags and libraries from the gtk-config script
+dnl
+ AC_PATH_PROG(GTK_CONFIG, gtk-config, no)
+ min_gtk_version=ifelse([$1], ,0.99.7,$1)
+ AC_MSG_CHECKING(for GTK - version >= $min_gtk_version)
+ no_gtk=""
+ if test "$GTK_CONFIG" != "no" ; then
+ GTK_CFLAGS=`$GTK_CONFIG --cflags`
+ GTK_LIBS=`$GTK_CONFIG --libs`
+ ac_save_CFLAGS="$CFLAGS"
+ ac_save_LIBS="$LIBS"
+ CFLAGS="$CFLAGS $GTK_CFLAGS"
+ LIBS="$LIBS $GTK_LIBS"
+dnl
+dnl Now check if the installed GTK is sufficiently new. (Also sanity
+dnl checks the results of gtk-config to some extent
+dnl
+ AC_TRY_RUN([.
+#include <gtk/gtk.h>
+#include <stdio.h>
+
+int
+main ()
+{
+ int major, minor, micro;
+
+ if (sscanf("$min_gtk_version", "%d.%d.%d", &major, &minor, µ) != 3) {
+ printf("%s, bad version string\n", "$min_gtk_version");
+ exit(1);
+ }
+
+ return !((gtk_major_version > major) ||
+ ((gtk_major_version == major) && (gtk_minor_version > minor)) ||
+ ((gtk_major_version == major) && (gtk_minor_version == minor) && (gtk_micro_version >= micro)));
+}
+],, no_gtk=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"])
+ CFLAGS="$ac_save_CFLAGS"
+ LIBS="$ac_save_LIBS"
else
- ifelse([$4], , AC_MSG_ERROR([.Library requirements ($2) not met; consider adjusting the PKG_CONFIG_PATH environment variable if your libraries are in a nonstandard prefix so pkg-config can find them.]), [$4])
+ no_gtk=yes
fi
+ if test "x$no_gtk" = x ; then
+ AC_MSG_RESULT(yes)
+ ifelse([$2], , :, [$2])
+ else
+ AC_MSG_RESULT(no)
+ GTK_CFLAGS=""
+ GTK_LIBS=""
+ ifelse([$3], , :, [$3])
+ fi
+ AC_SUBST(GTK_CFLAGS)
+ AC_SUBST(GTK_LIBS)
])
+# serial 1
+
+# @defmac AC_PROG_CC_STDC
+# @maindex PROG_CC_STDC
+# @ovindex CC
+# If the C compiler in not in ANSI C mode by default, try to add an option
+# to output variable @code{CC} to make it so. This macro tries various
+# options that select ANSI C on some system or another. It considers the
+# compiler to be in ANSI C mode if it handles function prototypes correctly.
+#
+# If you use this macro, you should check after calling it whether the C
+# compiler has been set to accept ANSI C; if not, the shell variable
+# @code{am_cv_prog_cc_stdc} is set to @samp{no}. If you wrote your source
+# code in ANSI C, you can make an un-ANSIfied copy of it by using the
+# program @code{ansi2knr}, which comes with Ghostscript.
+# @end defmac
+
+AC_DEFUN(AM_PROG_CC_STDC,
+[AC_REQUIRE([AC_PROG_CC])
+AC_BEFORE([$0], [AC_C_INLINE])
+AC_BEFORE([$0], [AC_C_CONST])
+dnl Force this before AC_PROG_CPP. Some cpp's, eg on HPUX, require
+dnl a magic option to avoid problems with ANSI preprocessor commands
+dnl like #elif.
+dnl FIXME: can't do this because then AC_AIX won't work due to a
+dnl circular dependency.
+dnl AC_BEFORE([$0], [AC_PROG_CPP])
+AC_MSG_CHECKING(for ${CC-cc} option to accept ANSI C)
+AC_CACHE_VAL(am_cv_prog_cc_stdc,
+[.am_cv_prog_cc_stdc=no
+ac_save_CC="$CC"
+# Don't try gcc -ansi; that turns off useful extensions and
+# breaks some systems' header files.
+# AIX -qlanglvl=ansi
+# Ultrix and OSF/1 -std1
+# HP-UX -Aa -D_HPUX_SOURCE
+# SVR4 -Xc -D__EXTENSIONS__
+for ac_arg in "" -qlanglvl=ansi -std1 "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+do
+ CC="$ac_save_CC $ac_arg"
+ AC_TRY_COMPILE(
+[.#include <stdarg.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
+struct buf { int x; };
+FILE * (*rcsopen) (struct buf *, struct stat *, int);
+static char *e (p, i)
+ char **p;
+ int i;
+{
+ return p[i];
+}
+static char *f (char * (*g) (char **, int), char **p, ...)
+{
+ char *s;
+ va_list v;
+ va_start (v,p);
+ s = g (p, va_arg (v,int));
+ va_end (v);
+ return s;
+}
+int test (int i, double x);
+struct s1 {int (*f) (int a);};
+struct s2 {int (*f) (double a);};
+int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
+int argc;
+char **argv;
+], [
+return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
+],
+[am_cv_prog_cc_stdc="$ac_arg"; break])
+done
+CC="$ac_save_CC"
+])
+if test -z "$am_cv_prog_cc_stdc"; then
+ AC_MSG_RESULT([none needed])
+else
+ AC_MSG_RESULT($am_cv_prog_cc_stdc)
+fi
+case "x$am_cv_prog_cc_stdc" in
+ x|xno) ;;
+ *) CC="$CC $am_cv_prog_cc_stdc" ;;
+esac
+])
Index: configure
===================================================================
RCS file: /usr/local/cvs/nessus-core/configure,v
retrieving revision 1.137
retrieving revision 1.138
diff -u -d -r1.137 -r1.138
--- configure 8 Feb 2005 01:41:02 -0000 1.137
+++ configure 12 Sep 2006 09:49:03 -0000 1.138
@@ -17,8 +17,6 @@
ac_help="$ac_help
--enable-debug set the compiler flags to -g"
ac_help="$ac_help
- --enable-client build the nessus client"
-ac_help="$ac_help
--enable-install=user for debugging, install as non-root user"
ac_help="$ac_help
--enable-syslog log messages via syslog()"
@@ -540,7 +538,7 @@
fi
[...2821 lines suppressed...]
-s%@gettext_flags@%$gettext_flags%g
CEOF
EOF
@@ -6111,5 +6224,15 @@
chmod +x nessus-adduser nessus-mkcert nessus-mkcert-client
+
+
+test "x$enable_gtk" = "xno" ||
+{
+test -z "$GTKCONFIG" -a -z "$PKGCONFIG" && {
+echo "configure: warning: gtk-config could not be found : the client will not be built. \
+If you want to build a command-line only client then type ./configure --disable-gtk" 1>&2
+}
+
+}
exit 0
Index: configure.in
===================================================================
RCS file: /usr/local/cvs/nessus-core/configure.in,v
retrieving revision 1.130
retrieving revision 1.131
diff -u -d -r1.130 -r1.131
--- configure.in 8 Feb 2005 01:41:01 -0000 1.130
+++ configure.in 12 Sep 2006 09:49:04 -0000 1.131
@@ -9,7 +9,6 @@
dnl --enable-debug
dnl --enable-pthreads (experimental dont use dont use dont use!)
dnl --enable-syslog
-dnl --enable-client
dnl --enable-gtk
dnl --enable-unix-socket
@@ -60,7 +59,6 @@
test "x$enable_syslog" = "x" && enable_syslog="yes";
test "x$enable_syslog" = "xno" && unset enable_syslog
test "x$enable_gtk" = "x" && enable_gtk="yes"
-test "x$enable_client" = "x" && enable_client="yes"
nessus_lib=-lnessus
@@ -76,9 +74,7 @@
AC_ARG_ENABLE(debug,[ --enable-debug set the compiler flags to -g],[
CFLAGS="-g"; debug_flags="-DDEBUG"])
-
-AC_ARG_ENABLE(client,[ --enable-client build the nessus client])
-
+
AC_ARG_ENABLE(install,[ --enable-install=user for debugging, install as non-root user],
installuser=$enable_install)
: ${installuser:=root}
@@ -155,7 +151,6 @@
AC_CHECK_HEADERS(poll.h sys/poll.h netinet/ip_tcp.h fcntl.h signal.h limits.h)
AC_CHECK_HEADERS(sys/stat.h stat.h net/if.h sys/mman.h sys/resource.h dl.h)
AC_CHECK_HEADERS(pty.h termio.h termios.h sgtty.h libutil.h setjmp.h values.h)
-AC_CHECK_HEADERS(locale.h)
dnl ./configure fails to determine the existence of some
dnl headers under IRIX
@@ -380,20 +375,6 @@
[AC_MSG_RESULT(yes); AC_DEFINE(HAVE_TCPHDR_TH_X2_OFF)],
[AC_MSG_RESULT(no)])
-dnl I18N Test (GNU gettext)
-AC_MSG_CHECKING([GNU gettext available])
-AC_TRY_COMPILE([#include <libintl.h>],
-[.extern int _nl_msg_cat_cntr;
-extern int *_nl_domain_bindings;
-int
-main ()
-{
- bindtextdomain ("", "");
- return (int) gettext ("") + (int) ngettext ("", "", 0) + _nl_msg_cat_cntr + *_nl_domain_bindings;
-}],
-[AC_MSG_RESULT(yes); AC_DEFINE(HAVE_GNU_GETTEXT) gettext_flags="-DHAVE_GNU_GETTEXT"],
-[AC_MSG_RESULT(no)])
-
dnl Define several paths
@@ -531,7 +512,7 @@
case "$host" in
- *-freebsd*|*-bsdi*|*-netbsd*)
+ *-freebsd*|*-bsdi*|*-netbsd*|*-darwin*)
AC_DEFINE(BSD_BYTE_ORDERING)
esac
@@ -625,24 +606,96 @@
-if test "x$enable_client" = "xyes"; then
+if test "x$enable_gtk" = "xno"; then
client=client
client_install=client-install
else
unset client
unset client_install
- enable_gtk=no
fi
+AC_PATH_PROG(GTKCONFIG, gtk-config,,$XPATH)
+test "x$GTKCONFIG" = x && {
+ AC_PATH_PROG(GTKCONFIG, gtk12-config,,$XPATH)
+ test "x$GTKCONFIG" = x && AC_PATH_PROG(GTKCONFIG, gtk10-config,,$XPATH)
+ }
+
+
+AC_PATH_PROG(PKGCONFIG, pkg-config,,$XPATH)
+
+
+
+test -n "$GTKCONFIG" -o "$PKGCONFIG" &&
+{
+ client=client
+ client_install=client-install
+ AC_MSG_CHECKING([GTK version])
+ test -n "$PKGCONFIG" && {
+ GTKVERSION=`$PKGCONFIG --modversion gtk+-2.0 2>/dev/null`
+ test -z "$GTKVERSION" && PKGCONFIG=""
+ }
+ test -z "$PKGCONFIG" -o -z "$GTKVERSION" && GTKVERSION=`$GTKCONFIG --version`
+ AC_MSG_RESULT($GTKVERSION)
+ GTK_VERSION=`echo $GTKVERSION | sed 's/\./ /g' | awk {'print $1$2'}`
+ test -n "$GTK_VERSION" && AC_DEFINE_UNQUOTED(GTK_VERSION,$GTK_VERSION)
+}
+
+test -n "$GTKCONFIG" &&
+{
+AC_PATH_PROG(GLIBCONFIG, glib-config,,$XPATH)
+test "x$GLIBCONFIG" = x && {
+ AC_PATH_PROG(GLIBCONFIG, glib12-config,,$XPATH)
+ }
+}
+
+
+test -z "$GTKCONFIG" && AC_WARN(**** gtk not found)
+
+
+
+lang=$enable_language
+
+
+
+
+dnl the -R option that comes with X_LIBS usually overwrites the
+dnl LD_RUN_PATH value (eg. on Solaris)
+
+
test "x$enable_gtk" = "xno" ||
{
-pkg_modules="gtk+-2.0 >= 2.0.0"
-PKG_CHECK_MODULES(GTKCONFIG, [$pkg_modules])
-AC_SUBST(GTKCONFIG_CFLAGS)
-AC_SUBST(GTKCONFIG_LIBS)
+ test -n "$GTKCONFIG" &&
+ {
+ case `${GTKCONFIG} --libs` in
+ *-R\ *) RUN_LIBS='-R ${libdir}' ;;
+ *-R*) RUN_LIBS='-R${libdir}' ;;
+ esac
+
+ GTKCONFIG_CFLAGS=`$GTKCONFIG --cflags`
+ GTKCONFIG_LIBS=`$GTKCONFIG --libs`
+ }
+
+ test -n "$GLIBCONFIG" && {
+ GLIBCONFIG_CFLAGS=`$GLIBCONFIG --cflags`
+ GLIBCONFIG_LIBS=`$GLIBCONFIG --libs`
+ }
+
+ test -n "$PKGCONFIG" &&
+ {
+ GTKCONFIG_CFLAGS=`$PKGCONFIG --cflags gtk+-2.0`
+ GTKCONFIG_LIBS=`$PKGCONFIG --libs gtk+-2.0`
+ GLIBCONFIG_CFLAGS=""
+ GLIBCONFIG_LIBS=""
+ }
+
+
+
+
+
}
+
dnl only vanilla sed can handle long substitution lines
CFLAGS="$saveCFLAGS"
@@ -731,11 +784,12 @@
AC_SUBST(NASLCONFIG)
AC_SUBST(GTKCONFIG_CFLAGS)
AC_SUBST(GTKCONFIG_LIBS)
+AC_SUBST(GLIBCONFIG_CFLAGS)
+AC_SUBST(GLIBCONFIG_LIBS)
AC_SUBST(ac_configure_args)
AC_SUBST(egdpath)
AC_SUBST(is_cygwin)
AC_SUBST(installuser)
-AC_SUBST(gettext_flags)
dnl And we put everything in the appropriate files
@@ -743,5 +797,15 @@
chmod +x nessus-adduser nessus-mkcert nessus-mkcert-client
+
+
+test "x$enable_gtk" = "xno" ||
+{
+test -z "$GTKCONFIG" -a -z "$PKGCONFIG" && {
+AC_WARN(gtk-config could not be found : the client will not be built. \
+If you want to build a command-line only client then type ./configure --disable-gtk)
+}
+
+}
exit 0
Index: nessus-mkcert-client.in
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessus-mkcert-client.in,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- nessus-mkcert-client.in 10 Dec 2004 19:41:46 -0000 1.15
+++ nessus-mkcert-client.in 12 Sep 2006 09:49:04 -0000 1.16
@@ -7,11 +7,38 @@
# This script is distributed under the Gnu General Public License (GPL)
#
+
+case `id 2>/dev/null` in
+ uid=0*)
+ ;;
+ *)
+ echo "only root should use nessus-mkcert-client"
+ exit 1
+esac
+
+
+
case `echo -n` in
\-n) Xn= ; Xc='\c' ;;
*) Xn=-n ; Xc=
esac
+
+echo_no_nl ()
+{
+ echo $Xn "$*$Xc"
+}
+
+
+header()
+{
+clear
+echo "-------------------------------------------------------------------------------"
+echo " Creation Nessus SSL client Certificate"
+echo "-------------------------------------------------------------------------------"
+echo
+}
+#
umask 022
prefix=@prefix@
@@ -32,52 +59,6 @@
PATH=$PATH:$sbindir:$bindir:/usr/ssl/bin:/usr/local/ssl/bin:/opt/ssl/bin
-# check if gettext is present
-
-if [ -f /usr/bin/gettext.sh ];
-then
-
- # initialize gettext
-
- . gettext.sh
- export TEXTDOMAIN=nessus-scripts
- export TEXTDOMAINDIR=@datadir@/locale
-
-else
-
- # define dummy functions
-
- gettext () {
- echo $Xn "$1" $Xc
- }
-
- eval_gettext () {
- eval_gettext_var="echo $1"
- echo $Xn `eval $eval_gettext_var` $Xc
- }
-
-fi
-
-Bo='('
-Bc=')'
-Hash='#'
-
-echo_no_nl ()
-{
- echo $Xn "$*$Xc"
-}
-
-
-header()
-{
-clear
-echo "-------------------------------------------------------------------------------"
-gettext " Creation Nessus SSL Client Certificate"; echo
-echo "-------------------------------------------------------------------------------"
-echo
-}
-#
-
#
# We need openssl
#
@@ -85,13 +66,14 @@
OpenSSL*)
;;
*)
- gettext "OpenSSL is not properly installed: The 'openssl' command line utility could not be found (is your \$PATH set properly?)"; echo
+ echo "OpenSSL is not properly installed (the 'openssl' command line utility could not"
+ echo "be found (is your \$PATH set properly ?)"
exit 1
esac
# Check environment
if [ -z "$HOME" ]; then
- gettext "\$HOME should be defined." 1>&2; echo; exit 1
+ echo "HOME should be defined" 1>&2; exit 1
fi
#
@@ -103,10 +85,11 @@
if [. ! -r /dev/random -a ! -r /dev/urandom -a ! -r $HOME/.rnd ];
then
header
- gettext "You do not have any suitable random source."; echo
- gettext "You will be asked to type a few random keys on your keyboard to generate random bytes."; echo
+ echo "You do not have any suitable random source"
+ echo "You will be asked to type a few random keys on your keyboard"
+ echo "to generate random bytes"
nessus-mkrand $HOME/.rnd 1024
- gettext "Press [ENTER] to continue..."; echo
+ echo "Press [ENTER] to continue..."
fi
}
@@ -116,12 +99,12 @@
NESSUSPUB="$sharedstatedir/nessus/CA"
while [ ! -d "$NESSUSPRIV" ]; do
- gettext "Nessus server 'private' directory: "
+ echo_no_nl "Nessus server 'private' directory: "
read NESSUSPRIV
done
while [ ! -d "$NESSUSPUB" ]; do
- gettext "Nessus server 'public' directory: "
+ echo_no_nl "Nessus server 'public' directory: "
read NESSUSPUB
done
@@ -129,34 +112,35 @@
CACERT=$NESSUSPUB/cacert.pem
while [ ! -f "$CAKEY" ]; do
- eval_gettext "\$CAKEY: not found or not a file."
- gettext "Nessus CA private key: "
+ echo "$CAKEY: not found or not a file"
+ echo_no_nl "Nessus CA private key: "
read CAKEY
done
while [ ! -f "$CACERT" ]; do
- eval_gettext "\$CACERT: not found or not a file."
- gettext "Nessus CA certificate: "
+ echo "$CACERT: not found or not a file"
+ echo_no_nl "Nessus CA certificate: "
read CACERT
done
for F in "$CAKEY" "$CACERT"; do
if [ ! -r "$F" ]; then
- eval_gettext "Cannot read \$F" 1>&2; echo; exit 1
+ echo "Cannot read $F" 1>&2; exit 1
fi
done
R=x
-while [ "$R" != `gettext "y"` -a "$R" != `gettext "n"` ]; do
- gettext "Do you want to register the users in the Nessus server as soon as you create their certificates? (y/n): "
+while [ "$R" != "y" -a "$R" != "n" ]; do
+ echo "Do you want to register the users in the Nessus server "
+ echo_no_nl "as soon as you create their certificates ? (y/n): "
read R
done
-if [ "$R" = `gettext "y"` ]; then
+if [ "$R" = "y" ]; then
USERSDIR=$localstatedir/nessus/users
while [ ! -d "$USERSDIR" ]; do
- eval_gettext "\$USERSDIR: not a directory."; echo
- gettext "Users directory? "
+ echo "$USERSDIR: not a directory"
+ echo_no_nl "Users directory? "
read USERSDIR
done
else
@@ -170,24 +154,23 @@
mkdir $BASEDIR || exit 1
-gettext "This script will now ask you the relevant information to create the SSL client certificates for Nessus."; echo
+echo "This script will now ask you the relevant information to create the SSL"
+echo "client certificates for Nessus."
-gettext "Client certificates life time in days [365]: "; read x
+echo_no_nl "Client certificates life time in days [365]:"; read x
DFL_CERT_LIFETIME=${x:-365}
# Default country = France - Too bad for you, but quicker for my tests!
if [ ! -z "$LANG" ]; then
DC=`echo $LANG | sed -n 's/^..*_\(..\)$/\1/p'`
fi
-X=${DC:=FR}
-eval_gettext "Your country \${Bo}two letter code\${Bc} [\$X]: "; read x
+echo_no_nl "Your country (two letter code) [${DC:=FR}]: "; read x
DFL_COUNTRY=${x:-$DC}
-gettext "Your state or province name [none]: "; read DFL_PROVINCE
-X=Paris;
-eval_gettext "Your location \${Bo}e.g. town\${Bc} [\$X]: "; read x
+echo_no_nl "Your state or province name [none]: "; read DFL_PROVINCE
+X=Paris; echo_no_nl "Your location (e.g. town) [$X]: "; read x
DFL_LOCATION=${x:-$X}
-gettext "Your organization [none]: "; read DFL_ORGANIZATION
-gettext "Your organizational unit [none]: "; read DFL_ORGUNIT
+echo_no_nl "Your organization [none]: "; read DFL_ORGANIZATION
+echo_no_nl "Your organizational unit [none]:"; read DFL_ORGUNIT
#
@@ -323,18 +306,19 @@
echo 01 > $BASEDIR/serial
touch $BASEDIR/index.txt
-echo "**********"
-gettext "We are going to ask you some question for each client certificate. "; echo
-gettext "If some question has a default answer, you can force an empty answer by entering a single dot '.'"; echo
-echo "*********"
+echo "**********
+We are going to ask you some question for each client certificate
+If some question has a default answer, you can force an empty answer by
+entering a single dot '.'
+*********"
-I=1; ANOTHER=`gettext "y"`
+I=1; ANOTHER=y
-while [ "$ANOTHER" != `gettext "n"` ]; do
+while [ "$ANOTHER" != "n" ]; do
PSEUDO=""
while [ -z "$PSEUDO" ]; do
- eval_gettext "User \${Hash}\$I name \${Bo}e.g. Nessus username\${Bc}: "
+ echo_no_nl "User #$I name (e.g. Nessus username): "
read PSEUDO
CERTFILE="$BASEDIR/cert_$PSEUDO.pem"
KEYFILE="$BASEDIR/key_$PSEUDO.pem"
@@ -343,33 +327,28 @@
if [ -f "$CERTFILE" -o -f "$KEYFILE" -o -f "$DNFILE" ]; then
A=""
while [ -z "$A" ]; do
- gettext "Certificate, key or Nessus DN file(s) already exist."; echo
- gettext "Do you want to go on and overwrite it/them? (y/n) "
+ echo "Certificate, key or Nessus DN file(s) already exist."
+ echo_no_nl "Do you want to go on and overwite it/them? "
read A
- if [ "$A" = `gettext "n"` ]; then PSEUDO=""; fi
+ if [ "$A" = "n" ]; then PSEUDO=""; fi
done
fi
done
- eval_gettext "Client certificates life time in days [\$DFL_CERT_LIFETIME]: "
+ echo_no_nl "Client certificates life time in days [$DFL_CERT_LIFETIME]:"
read x
CERT_LIFETIME=${x:-$DFL_CERT_LIFETIME}
- X=$DFL_COUNTRY
- eval_gettext "Country \${Bo}two letter code\${Bc} [\$X]: "; read x
+ echo_no_nl "Country (two letter code) [$DFL_COUNTRY]: "; read x
COUNTRY=${x:-$DFL_COUNTRY}
- X=$DFL_PROVINCE
- eval_gettext "State or province name [\$X]: "; read x
+ echo_no_nl "State or province name [$DFL_PROVINCE]: "; read x
PROVINCE=${x:-$DFL_PROVINCE}
- X=$DFL_LOCATION
- eval_gettext "Location \${Bo}e.g. town\${Bc} [\$X]: "; read x
+ echo_no_nl "Location (e.g. town) [$DFL_LOCATION]: "; read x
LOCATION=${x:-$DFL_LOCATION}
- X=$DFL_ORGANIZATION
- eval_gettext "Organization [\$X]: "; read x
+ echo_no_nl "Organization [$DFL_ORGANIZATION]: "; read x
ORGANIZATION=${x:-$DFL_ORGANIZATION}
- X=$DFL_ORGUNIT
- eval_gettext "Organization unit [\$X]: "; read x
+ echo_no_nl "Organization unit [$DFL_ORGUNIT]: "; read x
ORGUNIT=${x:-$DFL_ORGUNIT}
- gettext "e-Mail []: "; read EMAIL
+ echo_no_nl "e-mail []: "; read EMAIL
# Client key
openssl genrsa -out $KEYFILE 1024
@@ -411,26 +390,25 @@
#
R="$USERSDIR/$PSEUDO/auth/rules"
echo
- gettext "User rules"; echo
+ echo "User rules"
echo "----------"
- eval_gettext "nessusd has a rules system which allows you to restrict the hosts that \$login has the right to test."; echo
- gettext "For instance, you may want him to be able to scan his own host only."; echo
+ echo "nessusd has a rules system which allows you to restrict the hosts"
+ echo "that $login has the right to test. For instance, you may want"
+ echo "him to be able to scan his own host only."
echo
- gettext "Please see the nessus-adduser(8) man page for the rules syntax."; echo
+ echo "Please see the nessus-adduser(8) man page for the rules syntax"
echo
- gettext "Enter the rules for this user, and hit ctrl-D once you are done:"; echo
-
- tmpAddUserFile=$TMPDIR/rules.$$
+ echo "Enter the rules for this user, and hit ctrl-D once you are done: "
- gettext "(the user can have an empty rules set)"; echo
- cat > $tmpAddUserFile || {
- echo "Error - could not write $tmpAddUserFile"
+ echo "(the user can have an empty rules set)"
+ cat > $TMPDIR/rules.$$ || {
+ echo "Error - could not write $TMPDIR/rules.$$"
exit 1
}
- cp $tmpAddUserFile "$USERSDIR/$PSEUDO/auth/rules"
+ cp $TMPDIR/rules.$$ "$USERSDIR/$PSEUDO/auth/rules"
- rm $tmpAddUserFile
+ rm $TMPDIR/rules.$$
#
# create the cert authentication file auth/dname
@@ -457,14 +435,14 @@
mkdir -p "$E"
chmod 700 "$E"
fi
- gettext "User added to Nessus."; echo
+ echo "User added to Nessus."
fi
- gettext "Another client certificate? (y/n) "
+ echo_no_nl "Another client certificate? "
read ANOTHER
I=`expr $I + 1`
done
-eval_gettext "Your client certificates are in \$BASEDIR."; echo
-gettext "You will have to copy them by hand."; echo
+echo "Your client certificates are in $BASEDIR
+You will have to copy them by hand"
Index: nessus-mkcert.in
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessus-mkcert.in,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -d -r1.28 -r1.29
--- nessus-mkcert.in 10 Dec 2004 19:41:46 -0000 1.28
+++ nessus-mkcert.in 12 Sep 2006 09:49:05 -0000 1.29
@@ -13,6 +13,26 @@
*) Xn=-n ; Xc=
esac
+
+
+test "$1" = "-q" && QUIET=y
+
+
+echo_no_nl ()
+{
+ echo $Xn "$*$Xc"
+}
+
+
+header()
+{
+clear
+echo "-------------------------------------------------------------------------------"
+echo " Creation of the Nessus SSL Certificate"
+echo "-------------------------------------------------------------------------------"
+echo
+}
+#
umask 022
prefix=@prefix@
@@ -32,56 +52,14 @@
}
-PATH=$PATH:$sbindir:$bindir:/usr/ssl/bin:/usr/local/ssl/bin:/opt/ssl/bin
-
-
-# check if gettext is present
-
-if [ -f /usr/bin/gettext.sh ];
-then
-
- # initialize gettext
-
- . gettext.sh
- export TEXTDOMAIN=nessus-scripts
- export TEXTDOMAINDIR=@datadir@/locale
-
-else
-
- # define dummy functions
- gettext () {
- echo $Xn "$1" $Xc
- }
- eval_gettext () {
- eval_gettext_var="echo $1"
- echo $Xn `eval $eval_gettext_var` $Xc
- }
-
-fi
-
-Bo='('
-Bc=')'
-test "$1" = "-q" && QUIET=y
+PATH=$PATH:$sbindir:$bindir:/usr/ssl/bin:/usr/local/ssl/bin:/opt/ssl/bin
-echo_no_nl ()
-{
- echo $Xn "$*$Xc"
-}
-header()
-{
-clear
-echo "-------------------------------------------------------------------------------"
-gettext " Creation of the Nessus SSL Certificate"; echo
-echo "-------------------------------------------------------------------------------"
-echo
-}
-#
if [ -z "$is_cygwin" ];
then
@@ -91,12 +69,13 @@
case `id 2>/dev/null` in
uid=0*)
$sbindir/nessusd -g || {
- gettext "Executing nessusd failed. Make sure your library loader is configured properly and that nessusd is in your \$PATH."; echo
+ echo "Executing nessusd failed. Make sure your library loader is configured properly"
+ echo "and that nessusd is in your \$PATH"
exit 1
}
;;
*)
- gettext "Only root can use nessus-mkcert."; echo
+ echo "Only root can use nessus-mkcert"
exit 1
esac
fi
@@ -108,7 +87,8 @@
OpenSSL*)
;;
*)
- gettext "OpenSSL is not properly installed: The 'openssl' command line utility could not be found (is your \$PATH set properly?)"; echo
+ echo "OpenSSL is not properly installed (the 'openssl' command line utility could not"
+ echo "be found (is your \$PATH set properly ?)"
exit 1
esac
@@ -117,19 +97,19 @@
if [ ! -d "$NESSUSPRIV" ]; then
mkdir -p "$NESSUSPRIV"
chmod 0700 "$NESSUSPRIV"
- echo "$NESSUSPRIV `gettext "created"`"
+ echo "$NESSUSPRIV created"
fi
if [ ! -d "$NESSUSPUB" ]; then
mkdir -p "$NESSUSPUB"
chmod a+rx "$NESSUSPUB"
- echo "$NESSUSPUB `gettext "created"`"
+ echo "$NESSUSPUB created"
fi
# Check environment
if [ -z "$HOME" ]; then
- gettext "\$HOME should be defined." 1>&2; echo; exit 1
+ echo "HOME should be defined" 1>&2; exit 1
fi
@@ -142,10 +122,11 @@
if [. ! -r /dev/random -a ! -r /dev/urandom -a ! -r $HOME/.rnd ];
then
header
- gettext "You do not have any suitable random source."; echo
- gettext "You will be asked to type a few random keys on your keyboard to generate random bytes."; echo
+ echo "You do not have any suitable random source"
+ echo "You will be asked to type a few random keys on your keyboard"
+ echo "to generate random bytes"
nessus-mkrand $HOME/.rnd 1024
- gettext "Press [ENTER] to continue..."; echo
+ echo "Press [ENTER] to continue..."
fi
}
@@ -175,14 +156,16 @@
if [ -z "$QUIET" ];
then
header
-gettext "This script will now ask you the relevant information to create the SSL certificate of Nessus."; echo
-gettext "Note that this information will *NOT* be sent to anybody (everything stays local), but anyone with the ability to connect to your Nessus daemon will be able to retrieve this information."; echo
+echo "This script will now ask you the relevant information to create the SSL"
+echo "certificate of Nessus. Note that this information will *NOT* be sent to"
+echo "anybody (everything stays local), but anyone with the ability to connect to your"
+echo "Nessus daemon will be able to retrieve this information."
echo
echo
#
-gettext "CA certificate life time in days [1460]: "; read x
+echo_no_nl "CA certificate life time in days [1460]: "; read x
CACERT_LIFETIME=${x:-1460}
-gettext "Server certificate life time in days [365]: "; read x
+echo_no_nl "Server certificate life time in days [365]: "; read x
SRVCERT_LIFETIME=${x:-365}
#cln echo_no_nl "Client certificate life time in days [365]:"; read x
#cln CLNCERT_LIFETIME=${x:-365}
@@ -193,15 +176,14 @@
# Default country = France
# Too bad for you, but quicker for my tests!
-X=${DC:=FR}
-eval_gettext "Your country \${Bo}two letter code\${Bc} [\$X]: "; read x
+echo_no_nl "Your country (two letter code) [${DC:=FR}]: "; read x
COUNTRY=${x:-$DC}
#
-gettext "Your state or province name [none]: "; read x
+echo_no_nl "Your state or province name [none]: "; read x
PROVINCE=${x:-.}
-X=Paris; eval_gettext "Your location \${Bo}e.g. town\${Bc} [\$X]: "; read x
+X=Paris; echo_no_nl "Your location (e.g. town) [$X]: "; read x
LOCATION=${x:-$X}
-X="Nessus Users United"; eval_gettext "Your organization [\$X]: "; read x
+X="Nessus Users United"; echo_no_nl "Your organization [$X]: "; read x
ORGANIZATION=${x:-$X}
# X="Test unit"; echo_no_nl "Your organization unit [$X]:"; read x
# ORGUNIT=${x:-$X}
@@ -352,7 +334,7 @@
hostname=`hostname`
if [ -z "$hostname" ];
then
- gettext "An error occured while trying to determine hostname!"; echo
+ echo "An error occured while trying to determine hostname !"
exit 1
fi
# The value for organizationalUnitName must be 64 chars or less;
@@ -422,6 +404,7 @@
####
+
chmod a+r $CACERT $SRVCERT #cln $CLNCERT
@@ -446,36 +429,37 @@
if [. -s "$CACERT" -a -s "$CAKEY" -a -s "$SRVCERT" -a -s "$SRVKEY" ];
then
- test -z "$QUIET" && gettext "Congratulations. Your server certificate was properly created."; echo
+ test -z "$QUIET" && echo "Congratulations. Your server certificate was properly created."
mv -f "$CF.tmp" "$CF"
test -z "$QUIET" && {
echo
- eval_gettext "\$CF updated"; echo
+ echo "$CF updated
+ "
#cln echo "Your client certificates are in $BASEDIR
#cln You will have to copy them by hand
- gettext "The following files were created:"; echo
+ echo "The following files were created : "
echo
- gettext ". Certification authority:"; echo
- eval_gettext " Certificate = \$CACERT"; echo
- eval_gettext " Private key = \$CAKEY"; echo
+ echo ". Certification authority : "
+ echo " Certificate = $CACERT"
+ echo " Private key = $CAKEY"
echo
- gettext ". Nessus Server : "; echo
- eval_gettext " Certificate = \$SRVCERT"; echo
- eval_gettext " Private key = \$SRVKEY"; echo
+ echo ". Nessus Server : "
+ echo " Certificate = $SRVCERT"
+ echo " Private key = $SRVKEY"
#cln ***** Nessus client *****
#cln Certificate = $CLNCERT
#cln Private key = $CLNKEY
}
else
- gettext "An error occured while generating the certificates and/or keys!"; echo
+ echo "An error occured while generating the certificates and/or keys !"
echo
- echo_no_nl "`gettext "Do you want to save openssl output in a file for further analysis? (y/n) [y] "`" $Xc
+ echo_no_nl "Do you want to save openssl output in a file for further analysis ? (y/n) [y] " $Xc
read n < /dev/tty
- test -z "$n" -o "$n" = `gettext "y"` && {
- eval_gettext "Where should I save this file? [\$HOME/openssl-output] "
+ test -z "$n" -o "$n" = "y" && {
+ echo_no_nl "Where should I save this file ? [$HOME/openssl-output] "
read n < /dev/tty
test -z "$n" && n="$HOME/openssl-output"
cp "$BASEDIR"/openssl-log "$n"
@@ -488,7 +472,7 @@
test -z "$QUIET" &&
{
echo
- gettext "Press [ENTER] to exit"; echo; read x
+ echo "Press [ENTER] to exit"; read x
}
rm -rf "$BASEDIR"
Index: nessus-rmuser.in
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessus-rmuser.in,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- nessus-rmuser.in 17 Mar 2005 22:11:07 -0000 1.10
+++ nessus-rmuser.in 12 Sep 2006 09:49:05 -0000 1.11
@@ -26,32 +26,6 @@
nessusd=@sbindir@/nessusd
nessusd_users=@sysconfdir@/nessus/nessusd.users
-# check if gettext is present
-
-if [ -f /usr/bin/gettext.sh ];
-then
-
- # initialize gettext
-
- . gettext.sh
- export TEXTDOMAIN=nessus-scripts
- export TEXTDOMAINDIR=@datadir@/locale
-
-else
-
- # define dummy functions
-
- gettext () {
- echo $1
- }
-
- eval_gettext () {
- echo $1
- }
-
-fi
-
-#
# check whether we have echo -n, depending
# on the current shell, used
case `echo -n` in
@@ -63,28 +37,28 @@
then
# make sure that we are root
case `id` in uid=0*) ;; *)
- gettext "Only root should use nessus-rmuser."; echo
+ echo "only root should use nessus-rmuser"
exit 1
esac
fi
-login="$1"
+login=$1
-test -z "$login" && {
-echo $Xn "`gettext "Login to remove :"` $Xc"
+test -z "$1" && {
+echo $Xn "Login to remove : $Xc"
read login
}
test -z "$login" && {
- gettext "No login entered"
- exit 1
-}
+ echo "No login entered"
+ exit 1
+ }
if [ -d "$localstatedir/nessus/users/$login" ];
then
rm -rf "$localstatedir/nessus/users/$login"
- gettext "user removed."; echo
+ echo "user removed."
else
- gettext "user does not exist"; echo
+ echo "This user does not exist"
fi
Index: nessus-services
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessus-services,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- nessus-services 14 Feb 2006 12:05:58 -0000 1.10
+++ nessus-services 12 Sep 2006 09:49:05 -0000 1.11
@@ -53,8 +53,8 @@
rlp 39/udp
graphics 41/tcp
graphics 41/udp
-nameserver 42/tcp
-nameserver 42/udp
+name 42/tcp
+name 42/udp
nicname 43/tcp
nicname 43/udp
mpm-flags 44/tcp
@@ -99,8 +99,8 @@
[...5151 lines suppressed...]
com-bardac-dw 48556/udp
compaqdiag 49400/tcp
@@ -12065,15 +8849,15 @@
pop3proxy 50002/tcp
pop3proxy 50003/tcp
pop3proxy 50004/tcp
-sockets-de-troi 50505/udp
sockets-de-troje 50505/tcp
+sockets-de-troi 50505/udp
fore 50776/tcp
fore 50776/udp
dialpad 51210/tcp
winshut 53001/tcp
bo2k 54320/tcp
-bo2k 54321/udp
schoolbus 54321/tcp
+bo2k 54321/udp
ivisit 56768/udp
netraider 57341/tcp
sap-r3-instgui 59595/tcp
Index: nessus.tmpl.in
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessus.tmpl.in,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -d -r1.38 -r1.39
--- nessus.tmpl.in 10 Dec 2004 15:29:21 -0000 1.38
+++ nessus.tmpl.in 12 Sep 2006 09:49:05 -0000 1.39
@@ -41,9 +41,6 @@
INSTALL=@INSTALL@
INSTALL_DIR=@INSTALL_DIR@
installuser=@installuser@
-localedir=$(datadir)/locale
-
-VERSION=@NESSUS_MAJOR@.@NESSUS_MINOR@.@NESSUS_PATCH@
# Nessus specific
NESSUSD_CONFDIR=@NESSUSD_CONFDIR@
@@ -57,7 +54,7 @@
NESSUSD_PLUGINS=@NESSUSD_PLUGINS@
NESSUSD_REPORTS=@NESSUSD_REPORTS@
-NESSUS_DIRECTORIES="-DNESSUSD_CONFDIR=\"$(NESSUSD_CONFDIR)\"" "-DNESSUSD_STATEDIR=\"$(NESSUSD_STATEDIR)\"" "-DNESSUSD_DATADIR=\"$(NESSUSD_DATADIR)\"" "-DNESSUSD_LIBDIR=\"${NESSUSD_LIBDIR}\"" "-DNESSUSD_PLUGINS=\"${NESSUSD_PLUGINS}\"" "-DNESSUSD_REPORTS=\"${NESSUSD_REPORTS}\"" -DNESSUSD_SHAREDSTATEDIR=\"${NESSUSD_SHAREDSTATEDIR}\" -DNESSUSD_LOGDIR=\"${NESSUSD_LOGDIR}\" -DNESSUS_DOCDIR=\"${NESSUS_DOCDIR}\"
+NESSUS_DIRECTORIES="-DNESSUSD_CONFDIR=\"$(NESSUSD_CONFDIR)\"" "-DNESSUSD_STATEDIR=\"$(NESSUSD_STATEDIR)\"" "-DNESSUSD_DATADIR=\"$(NESSUSD_DATADIR)\"" "-DNESSUSD_LIBDIR=\"${NESSUSD_LIBDIR}\"" "-DNESSUSD_PLUGINS=\"${NESSUSD_PLUGINS}\"" "-DNESSUSD_REPORTS=\"${NESSUSD_REPORTS}\"" -DNESSUSD_SHAREDSTATEDIR=\"${NESSUSD_SHAREDSTATEDIR}\" -DNESSUSD_LOGDIR=\"${NESSUSD_LOGDIR}\"
#
# The server / client modes do not make a lot of sense
@@ -104,9 +101,6 @@
USE_GTK = @gtk_flags@
-# Is GNU Gettext available?
-USE_GNU_GETTEXT = @gettext_flags@ -DLOCALEDIR=\"$(localedir)\"
-
# Build with debugging ?
DEBUG = @debug_flags@
@@ -114,9 +108,9 @@
USE_LIBWRAP = @uselibwrap@
# Some defines you may want to modify
-NESSUS_DEFS=@DEFS@ $(USE_PTHREADS) $(DEBUG) $(USE_GTK) $(USE_LIBWRAP) $(USE_GNU_GETTEXT)
+NESSUS_DEFS=@DEFS@ $(USE_PTHREADS) $(DEBUG) $(USE_GTK) $(USE_LIBWRAP)
DEFS=
-LDFLAGS=@LDFLAGS@
+LDFLAGS=
# Your C compiler
CC=@CC@
@@ -124,6 +118,8 @@
NASLCONFIG=@NASLCONFIG@
GTKCONFIG_CFLAGS=@GTKCONFIG_CFLAGS@
GTKCONFIG_LIBS=@GTKCONFIG_LIBS@
+GLIBCONFIG_CFLAGS=@GLIBCONFIG_CFLAGS@
+GLIBCONFIG_LIBS=@GLIBCONFIG_LIBS@
DL_LIB=@dl_lib@
RESOLV_LIB=@resolv_lib@
SOCKET_LIB=@socket_lib@
@@ -141,8 +137,6 @@
# documentation
MAN_NESSUS_1=@man_nessus_1@
MAN_NESSUSD_8=@man_nessusd_8@
-# where the pdf doc's reside:
-NESSUS_DOCDIR=$(datadir)/doc/nessus
# C compiler options
NESSCFLAGS=@NESSCFLAGS@
_______________________________________________
Nessus-cvs mailing list
Nessus-cvs@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus-cvs