diff options
| author | Kees Cook <kees@debian.org> | 2014-02-09 16:10:06 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2016-03-10 13:01:05 +0000 |
| commit | ae6ba56387f97086bb50273e1c80ba5cbaba2adc (patch) | |
| tree | 400bf392d596252e2ee4339e5f8a8d8d2f3b5c1a /servconf.c | |
| parent | fa63bc351c67842b687d94a24afa1d7fd1d8c94f (diff) | |
Add DebianBanner server configuration option
Setting this to "no" causes sshd to omit the Debian revision from its
initial protocol handshake, for those scared by package-versioning.patch.
Bug-Debian: http://bugs.debian.org/562048
Forwarded: not-needed
Last-Update: 2015-11-29
Patch-Name: debian-banner.patch
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/servconf.c b/servconf.c index fad7c92ef..8ca9695a2 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -171,6 +171,7 @@ initialize_server_options(ServerOptions *options) | |||
| 171 | options->ip_qos_bulk = -1; | 171 | options->ip_qos_bulk = -1; |
| 172 | options->version_addendum = NULL; | 172 | options->version_addendum = NULL; |
| 173 | options->fingerprint_hash = -1; | 173 | options->fingerprint_hash = -1; |
| 174 | options->debian_banner = -1; | ||
| 174 | } | 175 | } |
| 175 | 176 | ||
| 176 | /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ | 177 | /* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */ |
| @@ -359,6 +360,8 @@ fill_default_server_options(ServerOptions *options) | |||
| 359 | options->fwd_opts.streamlocal_bind_unlink = 0; | 360 | options->fwd_opts.streamlocal_bind_unlink = 0; |
| 360 | if (options->fingerprint_hash == -1) | 361 | if (options->fingerprint_hash == -1) |
| 361 | options->fingerprint_hash = SSH_FP_HASH_DEFAULT; | 362 | options->fingerprint_hash = SSH_FP_HASH_DEFAULT; |
| 363 | if (options->debian_banner == -1) | ||
| 364 | options->debian_banner = 1; | ||
| 362 | 365 | ||
| 363 | assemble_algorithms(options); | 366 | assemble_algorithms(options); |
| 364 | 367 | ||
| @@ -437,6 +440,7 @@ typedef enum { | |||
| 437 | sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, | 440 | sAuthenticationMethods, sHostKeyAgent, sPermitUserRC, |
| 438 | sStreamLocalBindMask, sStreamLocalBindUnlink, | 441 | sStreamLocalBindMask, sStreamLocalBindUnlink, |
| 439 | sAllowStreamLocalForwarding, sFingerprintHash, | 442 | sAllowStreamLocalForwarding, sFingerprintHash, |
| 443 | sDebianBanner, | ||
| 440 | sDeprecated, sUnsupported | 444 | sDeprecated, sUnsupported |
| 441 | } ServerOpCodes; | 445 | } ServerOpCodes; |
| 442 | 446 | ||
| @@ -588,6 +592,7 @@ static struct { | |||
| 588 | { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, | 592 | { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL }, |
| 589 | { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, | 593 | { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL }, |
| 590 | { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, | 594 | { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL }, |
| 595 | { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, | ||
| 591 | { NULL, sBadOption, 0 } | 596 | { NULL, sBadOption, 0 } |
| 592 | }; | 597 | }; |
| 593 | 598 | ||
| @@ -1874,6 +1879,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
| 1874 | options->fingerprint_hash = value; | 1879 | options->fingerprint_hash = value; |
| 1875 | break; | 1880 | break; |
| 1876 | 1881 | ||
| 1882 | case sDebianBanner: | ||
| 1883 | intptr = &options->debian_banner; | ||
| 1884 | goto parse_int; | ||
| 1885 | |||
| 1877 | case sDeprecated: | 1886 | case sDeprecated: |
| 1878 | logit("%s line %d: Deprecated option %s", | 1887 | logit("%s line %d: Deprecated option %s", |
| 1879 | filename, linenum, arg); | 1888 | filename, linenum, arg); |