diff options
author | Kees Cook <kees@debian.org> | 2014-02-09 16:10:06 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-08-07 12:18:43 +0100 |
commit | 277ad2acedde81dce324e711da116d100b47f445 (patch) | |
tree | c1f6897cdf21a4dc38d4ac1b0751d426a853583e /servconf.c | |
parent | c8105413361d3c97b6a2f72c9f1c85da830bed2c (diff) |
Add DebianBanner server configuration option
Setting this to "no" causes sshd to omit the Debian revision from its
initial protocol handshake, for those scared by package-versioning.patch.
Bug-Debian: http://bugs.debian.org/562048
Forwarded: not-needed
Last-Update: 2015-11-29
Patch-Name: debian-banner.patch
Diffstat (limited to 'servconf.c')
-rw-r--r-- | servconf.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/servconf.c b/servconf.c index bf9f8f784..a98b30938 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -171,6 +171,7 @@ initialize_server_options(ServerOptions *options) | |||
171 | options->ip_qos_bulk = -1; | 171 | options->ip_qos_bulk = -1; |
172 | options->version_addendum = NULL; | 172 | options->version_addendum = NULL; |
173 | options->fingerprint_hash = -1; | 173 | options->fingerprint_hash = -1; |
174 | options->debian_banner = -1; | ||
174 | } | 175 | } |
175 | 176 | ||
176 | /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ | 177 | /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ |
@@ -359,6 +360,8 @@ fill_default_server_options(ServerOptions *options) | |||
359 | options->fwd_opts.streamlocal_bind_unlink = 0; | 360 | options->fwd_opts.streamlocal_bind_unlink = 0; |
360 | if (options->fingerprint_hash == -1) | 361 | if (options->fingerprint_hash == -1) |
361 | options->fingerprint_hash = SSH_FP_HASH_DEFAULT; | 362 | options->fingerprint_hash = SSH_FP_HASH_DEFAULT; |
363 | if (options->debian_banner == -1) | ||
364 | options->debian_banner = 1; | ||
362 | 365 | ||
363 | assemble_algorithms(options); | 366 | assemble_algorithms(options); |
364 | 367 | ||
@@ -445,6 +448,7 @@ typedef enum { | |||
445 | sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, | 448 | sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, |
446 | sStreamLocalBindMask, sStreamLocalBindUnlink, | 449 | sStreamLocalBindMask, sStreamLocalBindUnlink, |
447 | sAllowStreamLocalForwarding, sFingerprintHash, | 450 | sAllowStreamLocalForwarding, sFingerprintHash, |
451 | sDebianBanner, | ||
448 | sDeprecated, sUnsupported | 452 | sDeprecated, sUnsupported |
449 | } ServerOpCodes; | 453 | } ServerOpCodes; |
450 | 454 | ||
@@ -596,6 +600,7 @@ static struct { | |||
596 | { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, | 600 | { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, |
597 | { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, | 601 | { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, |
598 | { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, | 602 | { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, |
603 | { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, | ||
599 | { NULL, sBadOption, 0 } | 604 | { NULL, sBadOption, 0 } |
600 | }; | 605 | }; |
601 | 606 | ||
@@ -1903,6 +1908,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
1903 | options->fingerprint_hash = value; | 1908 | options->fingerprint_hash = value; |
1904 | break; | 1909 | break; |
1905 | 1910 | ||
1911 | case sDebianBanner: | ||
1912 | intptr = &options->debian_banner; | ||
1913 | goto parse_int; | ||
1914 | |||
1906 | case sDeprecated: | 1915 | case sDeprecated: |
1907 | logit("%s line %d: Deprecated option %s", | 1916 | logit("%s line %d: Deprecated option %s", |
1908 | filename, linenum, arg); | 1917 | filename, linenum, arg); |