1 files changed, 100 insertions, 0 deletions
diff --git a/debian/config b/debian/config
new file mode 100644
index 000000000..c25f2ae3f
--- /dev/null
+++ b/debian/config
@@ -0,0 +1,100 @@
+#!/bin/sh 
+action=$1
+version=$2
+if [ -d /etc/ssh-nonfree -a ! -d /etc/ssh ]; then
+  version=1.2.27
+  cp -a /etc/ssh-nonfree /etc/ssh
+fi
+# Source debconf library.
+. /usr/share/debconf/confmodule
+db_version 2.0
+if [ -n "$version" ] && dpkg --compare-versions "$version" lt 1:3.0p1-1
+then
+  db_input medium ssh/ssh2_keys_merged
+fi
+if [ -e /etc/init.d/ssh ] && ! grep -q pidfile /etc/init.d/ssh
+then
+  db_fset ssh/use_old_init_script seen false
+  db_input medium ssh/use_old_init_script || true
+  db_go
+  db_get ssh/use_old_init_script
+  [ "$RET" = "false" ] && exit 0
+else
+  db_set ssh/use_old_init_script true
+  db_fset ssh/use_old_init_script seen true
+fi
+if [ -z "$version" -a ! -e /etc/ssh/sshd_config ]
+then
+  db_input medium ssh/protocol2_only || true
+fi
+if [ -e /etc/ssh/sshd_config ]
+then
+    if dpkg --compare-versions "$version" lt-nl 1:1.3 ; 
+    then db_input medium ssh/new_config || true
+        db_go
+        db_get ssh/new_config
+        if [ "$RET" = "true" ];
+        then db_input medium ssh/protocol2_only ||true
+             db_input high ssh/privsep_ask ||true
+        else db_input high ssh/privsep_tell ||true
+        fi
+    else db_input high ssh/privsep_tell ||true
+    fi
+else db_input high ssh/privsep_tell ||true
+fi 
+db_input medium ssh/SUID_client || true
+# To be correct during initial installation, this relies on the desired
+# default for run_sshd being "true".
+if [ -e /etc/ssh/sshd_not_to_be_run ]
+then
+    db_set ssh/run_sshd false
+else
+    db_set ssh/run_sshd true
+fi
+db_input medium ssh/run_sshd || true
+if [ -x /usr/sbin/in.telnetd ] && grep -q "^telnet\b" /etc/inetd.conf
+then
+  if ! /usr/sbin/in.telnetd -? 2>&1 | grep -q ssl 2>/dev/null
+  then 
+    db_input low ssh/insecure_telnetd || true
+  fi
+fi
+key=/etc/ssh/ssh_host_key
+export key
+if [ -n "$version" ] && [ -f $key ] && [ ! -x /usr/bin/ssh-keygen ] &&
+     dpkg --compare-versions "$version" lt 1.2.28
+then
+  # make sure that keys get updated to get rid of IDEA; preinst
+  # actually does the work, but if the old ssh-keygen is not found,
+  # it can't do that -- thus, we tell the user that he must create
+  # a new host key.
+  echo -en '\0\0' | 3<&0 sh -c \
+      'dd if=$key bs=1 skip=32 count=2 2>/dev/null | cmp -s - /dev/fd/3' || {
+    # this means that bytes 32&33 of the key were not both zero, in which
+    # case the key is encrypted, which we need to fix
+    db_input high ssh/encrypted_host_key_but_no_keygen || true
+  }
+fi
+db_input low ssh/forward_warning || true
+if dpkg --compare-versions "$version" lt-nl 1:3.5p1-3; then
+    db_input high ssh/user_environment_tell || true
+fi
+db_go
+exit 0

diff --git a/debian/config b/debian/config new file mode 100644 index 000000000..c25f2ae3f --- /dev/null +++ b/debian/config
@@ -0,0 +1,100 @@
	1	#!/bin/sh
	2
	3	action=$1
	4	version=$2
	5
	6	if [ -d /etc/ssh-nonfree -a ! -d /etc/ssh ]; then
	7	version=1.2.27
	8	cp -a /etc/ssh-nonfree /etc/ssh
	9	fi
	10
	11	# Source debconf library.
	12	. /usr/share/debconf/confmodule
	13	db_version 2.0
	14
	15	if [ -n "$version" ] && dpkg --compare-versions "$version" lt 1:3.0p1-1
	16	then
	17	db_input medium ssh/ssh2_keys_merged
	18	fi
	19
	20	if [ -e /etc/init.d/ssh ] && ! grep -q pidfile /etc/init.d/ssh
	21	then
	22	db_fset ssh/use_old_init_script seen false
	23	db_input medium ssh/use_old_init_script \|\| true
	24	db_go
	25
	26	db_get ssh/use_old_init_script
	27	[ "$RET" = "false" ] && exit 0
	28	else
	29	db_set ssh/use_old_init_script true
	30	db_fset ssh/use_old_init_script seen true
	31	fi
	32
	33	if [ -z "$version" -a ! -e /etc/ssh/sshd_config ]
	34	then
	35	db_input medium ssh/protocol2_only \|\| true
	36	fi
	37
	38	if [ -e /etc/ssh/sshd_config ]
	39	then
	40	if dpkg --compare-versions "$version" lt-nl 1:1.3 ;
	41	then db_input medium ssh/new_config \|\| true
	42	db_go
	43	db_get ssh/new_config
	44	if [ "$RET" = "true" ];
	45	then db_input medium ssh/protocol2_only \|\|true
	46	db_input high ssh/privsep_ask \|\|true
	47	else db_input high ssh/privsep_tell \|\|true
	48	fi
	49	else db_input high ssh/privsep_tell \|\|true
	50	fi
	51	else db_input high ssh/privsep_tell \|\|true
	52	fi
	53
	54	db_input medium ssh/SUID_client \|\| true
	55
	56	# To be correct during initial installation, this relies on the desired
	57	# default for run_sshd being "true".
	58	if [ -e /etc/ssh/sshd_not_to_be_run ]
	59	then
	60	db_set ssh/run_sshd false
	61	else
	62	db_set ssh/run_sshd true
	63	fi
	64	db_input medium ssh/run_sshd \|\| true
	65
	66	if [ -x /usr/sbin/in.telnetd ] && grep -q "^telnet\b" /etc/inetd.conf
	67	then
	68	if ! /usr/sbin/in.telnetd -? 2>&1 \| grep -q ssl 2>/dev/null
	69	then
	70	db_input low ssh/insecure_telnetd \|\| true
	71	fi
	72	fi
	73
	74	key=/etc/ssh/ssh_host_key
	75	export key
	76	if [ -n "$version" ] && [ -f $key ] && [ ! -x /usr/bin/ssh-keygen ] &&
	77	dpkg --compare-versions "$version" lt 1.2.28
	78	then
	79	# make sure that keys get updated to get rid of IDEA; preinst
	80	# actually does the work, but if the old ssh-keygen is not found,
	81	# it can't do that -- thus, we tell the user that he must create
	82	# a new host key.
	83	echo -en '\0\0' \| 3<&0 sh -c \
	84	'dd if=$key bs=1 skip=32 count=2 2>/dev/null \| cmp -s - /dev/fd/3' \|\| {
	85	# this means that bytes 32&33 of the key were not both zero, in which
	86	# case the key is encrypted, which we need to fix
	87	db_input high ssh/encrypted_host_key_but_no_keygen \|\| true
	88	}
	89	fi
	90
	91
	92	db_input low ssh/forward_warning \|\| true
	93
	94	if dpkg --compare-versions "$version" lt-nl 1:3.5p1-3; then
	95	db_input high ssh/user_environment_tell \|\| true
	96	fi
	97
	98	db_go
	99
	100	exit 0