diff options
author | Kees Cook <kees@debian.org> | 2014-02-09 16:10:06 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-10-07 14:27:21 +0100 |
commit | 114c8a8fb488cbe39507edb75c51198a4b9e8b24 (patch) | |
tree | 7acc2667122984f8fa6565853bb747e8328558ec /servconf.c | |
parent | 8679c96f74ee7dbea6c15c764b036fbab7372740 (diff) |
Add DebianBanner server configuration option
Setting this to "no" causes sshd to omit the Debian revision from its
initial protocol handshake, for those scared by package-versioning.patch.
Bug-Debian: http://bugs.debian.org/562048
Forwarded: not-needed
Last-Update: 2014-10-07
Patch-Name: debian-banner.patch
Diffstat (limited to 'servconf.c')
-rw-r--r-- | servconf.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/servconf.c b/servconf.c index a25248782..6c7741ab2 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -160,6 +160,7 @@ initialize_server_options(ServerOptions *options) | |||
160 | options->ip_qos_interactive = -1; | 160 | options->ip_qos_interactive = -1; |
161 | options->ip_qos_bulk = -1; | 161 | options->ip_qos_bulk = -1; |
162 | options->version_addendum = NULL; | 162 | options->version_addendum = NULL; |
163 | options->debian_banner = -1; | ||
163 | } | 164 | } |
164 | 165 | ||
165 | void | 166 | void |
@@ -321,6 +322,8 @@ fill_default_server_options(ServerOptions *options) | |||
321 | options->fwd_opts.streamlocal_bind_mask = 0177; | 322 | options->fwd_opts.streamlocal_bind_mask = 0177; |
322 | if (options->fwd_opts.streamlocal_bind_unlink == -1) | 323 | if (options->fwd_opts.streamlocal_bind_unlink == -1) |
323 | options->fwd_opts.streamlocal_bind_unlink = 0; | 324 | options->fwd_opts.streamlocal_bind_unlink = 0; |
325 | if (options->debian_banner == -1) | ||
326 | options->debian_banner = 1; | ||
324 | /* Turn privilege separation on by default */ | 327 | /* Turn privilege separation on by default */ |
325 | if (use_privsep == -1) | 328 | if (use_privsep == -1) |
326 | use_privsep = PRIVSEP_NOSANDBOX; | 329 | use_privsep = PRIVSEP_NOSANDBOX; |
@@ -373,6 +376,7 @@ typedef enum { | |||
373 | sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, | 376 | sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, |
374 | sStreamLocalBindMask, sStreamLocalBindUnlink, | 377 | sStreamLocalBindMask, sStreamLocalBindUnlink, |
375 | sAllowStreamLocalForwarding, | 378 | sAllowStreamLocalForwarding, |
379 | sDebianBanner, | ||
376 | sDeprecated, sUnsupported | 380 | sDeprecated, sUnsupported |
377 | } ServerOpCodes; | 381 | } ServerOpCodes; |
378 | 382 | ||
@@ -514,6 +518,7 @@ static struct { | |||
514 | { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, | 518 | { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL }, |
515 | { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, | 519 | { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, |
516 | { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, | 520 | { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, |
521 | { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, | ||
517 | { NULL, sBadOption, 0 } | 522 | { NULL, sBadOption, 0 } |
518 | }; | 523 | }; |
519 | 524 | ||
@@ -1697,6 +1702,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
1697 | intptr = &options->fwd_opts.streamlocal_bind_unlink; | 1702 | intptr = &options->fwd_opts.streamlocal_bind_unlink; |
1698 | goto parse_flag; | 1703 | goto parse_flag; |
1699 | 1704 | ||
1705 | case sDebianBanner: | ||
1706 | intptr = &options->debian_banner; | ||
1707 | goto parse_int; | ||
1708 | |||
1700 | case sDeprecated: | 1709 | case sDeprecated: |
1701 | logit("%s line %d: Deprecated option %s", | 1710 | logit("%s line %d: Deprecated option %s", |
1702 | filename, linenum, arg); | 1711 | filename, linenum, arg); |