summaryrefslogtreecommitdiff
path: root/debian/patches/debian-banner.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/debian-banner.patch')
-rw-r--r--debian/patches/debian-banner.patch52
1 files changed, 32 insertions, 20 deletions
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index 981cdd697..d02e8ffcb 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -1,16 +1,28 @@
1Description: Add DebianBanner server configuration option 1From 8a75df792931443e868e574408ed1666208a28c2 Mon Sep 17 00:00:00 2001
2 Setting this to "no" causes sshd to omit the Debian revision from its 2From: Kees Cook <kees@debian.org>
3 initial protocol handshake, for those scared by package-versioning.patch. 3Date: Sun, 9 Feb 2014 16:10:06 +0000
4Author: Kees Cook <kees@debian.org> 4Subject: Add DebianBanner server configuration option
5
6Setting this to "no" causes sshd to omit the Debian revision from its
7initial protocol handshake, for those scared by package-versioning.patch.
8
5Bug-Debian: http://bugs.debian.org/562048 9Bug-Debian: http://bugs.debian.org/562048
6Forwarded: not-needed 10Forwarded: not-needed
7Last-Update: 2013-09-14 11Last-Update: 2013-09-14
8 12
9Index: b/servconf.c 13Patch-Name: debian-banner.patch
10=================================================================== 14---
15 servconf.c | 9 +++++++++
16 servconf.h | 2 ++
17 sshd.c | 3 ++-
18 sshd_config.5 | 5 +++++
19 4 files changed, 18 insertions(+), 1 deletion(-)
20
21diff --git a/servconf.c b/servconf.c
22index 9155a8b..a2928ff 100644
11--- a/servconf.c 23--- a/servconf.c
12+++ b/servconf.c 24+++ b/servconf.c
13@@ -157,6 +157,7 @@ 25@@ -157,6 +157,7 @@ initialize_server_options(ServerOptions *options)
14 options->ip_qos_interactive = -1; 26 options->ip_qos_interactive = -1;
15 options->ip_qos_bulk = -1; 27 options->ip_qos_bulk = -1;
16 options->version_addendum = NULL; 28 options->version_addendum = NULL;
@@ -18,7 +30,7 @@ Index: b/servconf.c
18 } 30 }
19 31
20 void 32 void
21@@ -310,6 +311,8 @@ 33@@ -310,6 +311,8 @@ fill_default_server_options(ServerOptions *options)
22 options->ip_qos_bulk = IPTOS_THROUGHPUT; 34 options->ip_qos_bulk = IPTOS_THROUGHPUT;
23 if (options->version_addendum == NULL) 35 if (options->version_addendum == NULL)
24 options->version_addendum = xstrdup(""); 36 options->version_addendum = xstrdup("");
@@ -27,7 +39,7 @@ Index: b/servconf.c
27 /* Turn privilege separation on by default */ 39 /* Turn privilege separation on by default */
28 if (use_privsep == -1) 40 if (use_privsep == -1)
29 use_privsep = PRIVSEP_NOSANDBOX; 41 use_privsep = PRIVSEP_NOSANDBOX;
30@@ -360,6 +363,7 @@ 42@@ -360,6 +363,7 @@ typedef enum {
31 sKexAlgorithms, sIPQoS, sVersionAddendum, 43 sKexAlgorithms, sIPQoS, sVersionAddendum,
32 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, 44 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
33 sAuthenticationMethods, sHostKeyAgent, 45 sAuthenticationMethods, sHostKeyAgent,
@@ -35,7 +47,7 @@ Index: b/servconf.c
35 sDeprecated, sUnsupported 47 sDeprecated, sUnsupported
36 } ServerOpCodes; 48 } ServerOpCodes;
37 49
38@@ -501,6 +505,7 @@ 50@@ -501,6 +505,7 @@ static struct {
39 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, 51 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },
40 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, 52 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
41 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, 53 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },
@@ -43,7 +55,7 @@ Index: b/servconf.c
43 { NULL, sBadOption, 0 } 55 { NULL, sBadOption, 0 }
44 }; 56 };
45 57
46@@ -1648,6 +1653,10 @@ 58@@ -1648,6 +1653,10 @@ process_server_config_line(ServerOptions *options, char *line,
47 } 59 }
48 return 0; 60 return 0;
49 61
@@ -54,11 +66,11 @@ Index: b/servconf.c
54 case sDeprecated: 66 case sDeprecated:
55 logit("%s line %d: Deprecated option %s", 67 logit("%s line %d: Deprecated option %s",
56 filename, linenum, arg); 68 filename, linenum, arg);
57Index: b/servconf.h 69diff --git a/servconf.h b/servconf.h
58=================================================================== 70index f655c5b..fd72ce2 100644
59--- a/servconf.h 71--- a/servconf.h
60+++ b/servconf.h 72+++ b/servconf.h
61@@ -188,6 +188,8 @@ 73@@ -188,6 +188,8 @@ typedef struct {
62 74
63 u_int num_auth_methods; 75 u_int num_auth_methods;
64 char *auth_methods[MAX_AUTH_METHODS]; 76 char *auth_methods[MAX_AUTH_METHODS];
@@ -67,11 +79,11 @@ Index: b/servconf.h
67 } ServerOptions; 79 } ServerOptions;
68 80
69 /* Information about the incoming connection as used by Match */ 81 /* Information about the incoming connection as used by Match */
70Index: b/sshd.c 82diff --git a/sshd.c b/sshd.c
71=================================================================== 83index 7efa7ef..6b988fe 100644
72--- a/sshd.c 84--- a/sshd.c
73+++ b/sshd.c 85+++ b/sshd.c
74@@ -440,7 +440,8 @@ 86@@ -440,7 +440,8 @@ sshd_exchange_identification(int sock_in, int sock_out)
75 } 87 }
76 88
77 xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s", 89 xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s",
@@ -81,11 +93,11 @@ Index: b/sshd.c
81 *options.version_addendum == '\0' ? "" : " ", 93 *options.version_addendum == '\0' ? "" : " ",
82 options.version_addendum, newline); 94 options.version_addendum, newline);
83 95
84Index: b/sshd_config.5 96diff --git a/sshd_config.5 b/sshd_config.5
85=================================================================== 97index 510cc7c..eaf8d01 100644
86--- a/sshd_config.5 98--- a/sshd_config.5
87+++ b/sshd_config.5 99+++ b/sshd_config.5
88@@ -404,6 +404,11 @@ 100@@ -404,6 +404,11 @@ or
89 .Dq no . 101 .Dq no .
90 The default is 102 The default is
91 .Dq delayed . 103 .Dq delayed .