diff options
author | Kees Cook <kees@debian.org> | 2014-02-09 16:10:06 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2020-10-18 12:07:21 +0100 |
commit | 6353ee79cc71ef33a0a34d2d769a5fe327f6260d (patch) | |
tree | aea45e4915495e264f5f0c42b77a4a59df700b29 /servconf.c | |
parent | 707144d399b9fc959a4f6be3fd8e239c208c88ff (diff) |
Add DebianBanner server configuration option
Setting this to "no" causes sshd to omit the Debian revision from its
initial protocol handshake, for those scared by package-versioning.patch.
Bug-Debian: http://bugs.debian.org/562048
Forwarded: not-needed
Last-Update: 2020-06-07
Patch-Name: debian-banner.patch
Diffstat (limited to 'servconf.c')
-rw-r--r-- | servconf.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/servconf.c b/servconf.c index 21abe41ac..f9eb778d6 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -195,6 +195,7 @@ initialize_server_options(ServerOptions *options) | |||
195 | options->fingerprint_hash = -1; | 195 | options->fingerprint_hash = -1; |
196 | options->disable_forwarding = -1; | 196 | options->disable_forwarding = -1; |
197 | options->expose_userauth_info = -1; | 197 | options->expose_userauth_info = -1; |
198 | options->debian_banner = -1; | ||
198 | } | 199 | } |
199 | 200 | ||
200 | /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ | 201 | /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ |
@@ -469,6 +470,8 @@ fill_default_server_options(ServerOptions *options) | |||
469 | options->expose_userauth_info = 0; | 470 | options->expose_userauth_info = 0; |
470 | if (options->sk_provider == NULL) | 471 | if (options->sk_provider == NULL) |
471 | options->sk_provider = xstrdup("internal"); | 472 | options->sk_provider = xstrdup("internal"); |
473 | if (options->debian_banner == -1) | ||
474 | options->debian_banner = 1; | ||
472 | 475 | ||
473 | assemble_algorithms(options); | 476 | assemble_algorithms(options); |
474 | 477 | ||
@@ -548,6 +551,7 @@ typedef enum { | |||
548 | sStreamLocalBindMask, sStreamLocalBindUnlink, | 551 | sStreamLocalBindMask, sStreamLocalBindUnlink, |
549 | sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, | 552 | sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding, |
550 | sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, | 553 | sExposeAuthInfo, sRDomain, sPubkeyAuthOptions, sSecurityKeyProvider, |
554 | sDebianBanner, | ||
551 | sDeprecated, sIgnore, sUnsupported | 555 | sDeprecated, sIgnore, sUnsupported |
552 | } ServerOpCodes; | 556 | } ServerOpCodes; |
553 | 557 | ||
@@ -712,6 +716,7 @@ static struct { | |||
712 | { "rdomain", sRDomain, SSHCFG_ALL }, | 716 | { "rdomain", sRDomain, SSHCFG_ALL }, |
713 | { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, | 717 | { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL }, |
714 | { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, | 718 | { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, |
719 | { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, | ||
715 | { NULL, sBadOption, 0 } | 720 | { NULL, sBadOption, 0 } |
716 | }; | 721 | }; |
717 | 722 | ||
@@ -2402,6 +2407,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, | |||
2402 | *charptr = xstrdup(arg); | 2407 | *charptr = xstrdup(arg); |
2403 | break; | 2408 | break; |
2404 | 2409 | ||
2410 | case sDebianBanner: | ||
2411 | intptr = &options->debian_banner; | ||
2412 | goto parse_flag; | ||
2413 | |||
2405 | case sDeprecated: | 2414 | case sDeprecated: |
2406 | case sIgnore: | 2415 | case sIgnore: |
2407 | case sUnsupported: | 2416 | case sUnsupported: |