summaryrefslogtreecommitdiff
path: root/servconf.c
diff options
context:
space:
mode:
authorKees Cook <kees@debian.org>2014-02-09 16:10:06 +0000
committerColin Watson <cjwatson@debian.org>2014-10-07 14:27:21 +0100
commit114c8a8fb488cbe39507edb75c51198a4b9e8b24 (patch)
tree7acc2667122984f8fa6565853bb747e8328558ec /servconf.c
parent8679c96f74ee7dbea6c15c764b036fbab7372740 (diff)
Add DebianBanner server configuration option
Setting this to "no" causes sshd to omit the Debian revision from its initial protocol handshake, for those scared by package-versioning.patch. Bug-Debian: http://bugs.debian.org/562048 Forwarded: not-needed Last-Update: 2014-10-07 Patch-Name: debian-banner.patch
Diffstat (limited to 'servconf.c')
-rw-r--r--servconf.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/servconf.c b/servconf.c
index a25248782..6c7741ab2 100644
--- a/servconf.c
+++ b/servconf.c
@@ -160,6 +160,7 @@ initialize_server_options(ServerOptions *options)
160 options->ip_qos_interactive = -1; 160 options->ip_qos_interactive = -1;
161 options->ip_qos_bulk = -1; 161 options->ip_qos_bulk = -1;
162 options->version_addendum = NULL; 162 options->version_addendum = NULL;
163 options->debian_banner = -1;
163} 164}
164 165
165void 166void
@@ -321,6 +322,8 @@ fill_default_server_options(ServerOptions *options)
321 options->fwd_opts.streamlocal_bind_mask = 0177; 322 options->fwd_opts.streamlocal_bind_mask = 0177;
322 if (options->fwd_opts.streamlocal_bind_unlink == -1) 323 if (options->fwd_opts.streamlocal_bind_unlink == -1)
323 options->fwd_opts.streamlocal_bind_unlink = 0; 324 options->fwd_opts.streamlocal_bind_unlink = 0;
325 if (options->debian_banner == -1)
326 options->debian_banner = 1;
324 /* Turn privilege separation on by default */ 327 /* Turn privilege separation on by default */
325 if (use_privsep == -1) 328 if (use_privsep == -1)
326 use_privsep = PRIVSEP_NOSANDBOX; 329 use_privsep = PRIVSEP_NOSANDBOX;
@@ -373,6 +376,7 @@ typedef enum {
373 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, 376 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC,
374 sStreamLocalBindMask, sStreamLocalBindUnlink, 377 sStreamLocalBindMask, sStreamLocalBindUnlink,
375 sAllowStreamLocalForwarding, 378 sAllowStreamLocalForwarding,
379 sDebianBanner,
376 sDeprecated, sUnsupported 380 sDeprecated, sUnsupported
377} ServerOpCodes; 381} ServerOpCodes;
378 382
@@ -514,6 +518,7 @@ static struct {
514 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, 518 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL },
515 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, 519 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL },
516 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, 520 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL },
521 { "debianbanner", sDebianBanner, SSHCFG_GLOBAL },
517 { NULL, sBadOption, 0 } 522 { NULL, sBadOption, 0 }
518}; 523};
519 524
@@ -1697,6 +1702,10 @@ process_server_config_line(ServerOptions *options, char *line,
1697 intptr = &options->fwd_opts.streamlocal_bind_unlink; 1702 intptr = &options->fwd_opts.streamlocal_bind_unlink;
1698 goto parse_flag; 1703 goto parse_flag;
1699 1704
1705 case sDebianBanner:
1706 intptr = &options->debian_banner;
1707 goto parse_int;
1708
1700 case sDeprecated: 1709 case sDeprecated:
1701 logit("%s line %d: Deprecated option %s", 1710 logit("%s line %d: Deprecated option %s",
1702 filename, linenum, arg); 1711 filename, linenum, arg);