Attachment #1686 for bug #1640

View | Details | Raw Unified | Return to bug 1640
Collapse All | Expand All

Lines 3914-3919 AC_ARG_WITH(lastlog, Link Here

(-)openssh-5.2p1/configure.ac.vendor (+7 lines)
3914	fi	3914	fi
3915	]	3915	]
3916	)	3916	)
		3917	AC_ARG_ENABLE(vendor-patchlevel,
		3918	[ --enable-vendor-patchlevel=TAG specify a vendor patch level],
		3919	[AC_DEFINE_UNQUOTED(SSH_VENDOR_PATCHLEVEL,[SSH_RELEASE "-" "$enableval"],[Define to your vendor patch level, if it has been modified from the upstream source release.])
		3920	SSH_VENDOR_PATCHLEVEL="$enableval"],
		3921	[AC_DEFINE(SSH_VENDOR_PATCHLEVEL,SSH_RELEASE,[Define to your vendor patch level, if it has been modified from the upstream source release.])
		3922	SSH_VENDOR_PATCHLEVEL=none])
3917		3923
3918	dnl lastlog, [uw]tmpx? detection	3924	dnl lastlog, [uw]tmpx? detection
3919	dnl NOTE: set the paths in the platform section to avoid the	3925	dnl NOTE: set the paths in the platform section to avoid the
Lines 4170-4175 echo " IP address in \$DISPLAY hac Link Here
4170	echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"	4176	echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4171	echo " BSD Auth support: $BSD_AUTH_MSG"	4177	echo " BSD Auth support: $BSD_AUTH_MSG"
4172	echo " Random number source: $RAND_MSG"	4178	echo " Random number source: $RAND_MSG"
		4179	echo " Vendor patch level: $SSH_VENDOR_PATCHLEVEL"
4173	if test ! -z "$USE_RAND_HELPER" ; then	4180	if test ! -z "$USE_RAND_HELPER" ; then
4174	echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"	4181	echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
4175	fi	4182	fi

Lines 117-122 initialize_server_options(ServerOptions Link Here

(-)openssh-5.2p1/servconf.c.vendor (-1 / +11 lines)
117	options->max_authtries = -1;	117	options->max_authtries = -1;
118	options->max_sessions = -1;	118	options->max_sessions = -1;
119	options->banner = NULL;	119	options->banner = NULL;
		120	options->show_patchlevel = -1;
120	options->use_dns = -1;	121	options->use_dns = -1;
121	options->client_alive_interval = -1;	122	options->client_alive_interval = -1;
122	options->client_alive_count_max = -1;	123	options->client_alive_count_max = -1;
Lines 262-267 fill_default_server_options(ServerOption Link Here
262	if (options->zero_knowledge_password_authentication == -1)	263	if (options->zero_knowledge_password_authentication == -1)
263	options->zero_knowledge_password_authentication = 0;	264	options->zero_knowledge_password_authentication = 0;
264		265
		266	if (options->show_patchlevel == -1)
		267	options->show_patchlevel = 0;
		268
265	/* Turn privilege separation on by default */	269	/* Turn privilege separation on by default */
266	if (use_privsep == -1)	270	if (use_privsep == -1)
267	use_privsep = 1;	271	use_privsep = 1;
Lines 299-305 typedef enum { Link Here
299	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,	303	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
300	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,	304	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
301	sMaxStartups, sMaxAuthTries, sMaxSessions,	305	sMaxStartups, sMaxAuthTries, sMaxSessions,
302	sBanner, sUseDNS, sHostbasedAuthentication,	306	sBanner, sShowPatchLevel, sUseDNS, sHostbasedAuthentication,
303	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,	307	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
304	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,	308	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
305	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,	309	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
Lines 410-415 static struct { Link Here
410	{ "maxauthtries", sMaxAuthTries, SSHCFG_ALL },	414	{ "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
411	{ "maxsessions", sMaxSessions, SSHCFG_ALL },	415	{ "maxsessions", sMaxSessions, SSHCFG_ALL },
412	{ "banner", sBanner, SSHCFG_ALL },	416	{ "banner", sBanner, SSHCFG_ALL },
		417	{ "showpatchlevel", sShowPatchLevel, SSHCFG_GLOBAL },
413	{ "usedns", sUseDNS, SSHCFG_GLOBAL },	418	{ "usedns", sUseDNS, SSHCFG_GLOBAL },
414	{ "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },	419	{ "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
415	{ "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },	420	{ "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
Lines 1033-1038 process_server_config_line(ServerOptions Link Here
1033	intptr = &use_privsep;	1038	intptr = &use_privsep;
1034	goto parse_flag;	1039	goto parse_flag;
1035		1040
		1041	case sShowPatchLevel:
		1042	intptr = &options->show_patchlevel;
		1043	goto parse_flag;
		1044
1036	case sAllowUsers:	1045	case sAllowUsers:
1037	while ((arg = strdelim(&cp)) && *arg != '\0') {	1046	while ((arg = strdelim(&cp)) && *arg != '\0') {
1038	if (options->num_allow_users >= MAX_ALLOW_USERS)	1047	if (options->num_allow_users >= MAX_ALLOW_USERS)
Lines 1613-1618 dump_config(ServerOptions *o) Link Here
1613	dump_cfg_fmtint(sUseLogin, o->use_login);	1622	dump_cfg_fmtint(sUseLogin, o->use_login);
1614	dump_cfg_fmtint(sCompression, o->compression);	1623	dump_cfg_fmtint(sCompression, o->compression);
1615	dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);	1624	dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
		1625	dump_cfg_fmtint(sShowPatchLevel, o->show_patchlevel);
1616	dump_cfg_fmtint(sUseDNS, o->use_dns);	1626	dump_cfg_fmtint(sUseDNS, o->use_dns);
1617	dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);	1627	dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
1618	dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);	1628	dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);

Lines 128-133 typedef struct { Link Here

(-)openssh-5.2p1/servconf.h.vendor (+1 lines)
128	int max_authtries;	128	int max_authtries;
129	int max_sessions;	129	int max_sessions;
130	char banner; / SSH-2 banner message */	130	char banner; / SSH-2 banner message */
		131	int show_patchlevel; /* Show vendor patch level to clients */
131	int use_dns;	132	int use_dns;
132	int client_alive_interval; /*	133	int client_alive_interval; /*
133	* poke the client this often to	134	* poke the client this often to

Lines 467-472 DESCRIPTION Link Here

(-)openssh-5.2p1/sshd_config.0.vendor (+5 lines)
467	Defines the number of bits in the ephemeral protocol version 1	467	Defines the number of bits in the ephemeral protocol version 1
468	server key. The minimum value is 512, and the default is 1024.	468	server key. The minimum value is 512, and the default is 1024.
469		469
		470	ShowPatchLevel
		471	Specifies whether sshd will display the specific patch level of
		472	the binary in the server identification string. The patch level
		473	is set at compile-time. The default is M-bM-^@M-^\noM-bM-^@M-^].
		474
470	StrictModes	475	StrictModes
471	Specifies whether sshd(8) should check file modes and ownership	476	Specifies whether sshd(8) should check file modes and ownership
472	of the user's files and home directory before accepting login.	477	of the user's files and home directory before accepting login.

Lines 814-819 This option applies to protocol version Link Here

(-)openssh-5.2p1/sshd_config.5.vendor (+8 lines)
814	.It Cm ServerKeyBits	814	.It Cm ServerKeyBits
815	Defines the number of bits in the ephemeral protocol version 1 server key.	815	Defines the number of bits in the ephemeral protocol version 1 server key.
816	The minimum value is 512, and the default is 1024.	816	The minimum value is 512, and the default is 1024.
		817	.It Cm ShowPatchLevel
		818	Specifies whether
		819	.Nm sshd
		820	will display the patch level of the binary in the identification string.
		821	The patch level is set at compile-time.
		822	The default is
		823	.Dq no .
		824	This option applies to protocol version 1 only.
817	.It Cm StrictModes	825	.It Cm StrictModes
818	Specifies whether	826	Specifies whether
819	.Xr sshd 8	827	.Xr sshd 8

Lines 100-105 Protocol 2 Link Here

(-)openssh-5.2p1/sshd_config.vendor (+1 lines)
100	#Compression delayed	100	#Compression delayed
101	#ClientAliveInterval 0	101	#ClientAliveInterval 0
102	#ClientAliveCountMax 3	102	#ClientAliveCountMax 3
		103	#ShowPatchLevel no
103	#UseDNS yes	104	#UseDNS yes
104	#PidFile /var/run/sshd.pid	105	#PidFile /var/run/sshd.pid
105	#MaxStartups 10	106	#MaxStartups 10

Lines 415-421 sshd_exchange_identification(int sock_in Link Here

(-)openssh-5.2p1/sshd.c.vendor (-2 / +3 lines)
415	minor = PROTOCOL_MINOR_1;	415	minor = PROTOCOL_MINOR_1;
416	}	416	}
417	snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s", major, minor,	417	snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s", major, minor,
418	SSH_VERSION, newline);	418	(options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_VERSION, newline);
419	server_version_string = xstrdup(buf);	419	server_version_string = xstrdup(buf);
420		420
421	/* Send our protocol version identification. */	421	/* Send our protocol version identification. */
Lines 1483-1489 main(int ac, char **av) Link Here
1483	exit(1);	1483	exit(1);
1484	}	1484	}
1485		1485
1486	debug("sshd version %.100s", SSH_RELEASE);	1486	debug("sshd version %.100s",
		1487	(options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_RELEASE);
1487		1488
1488	/* Store privilege separation user for later use if required. */	1489	/* Store privilege separation user for later use if required. */
1489	if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {	1490	if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {

Return to bug 1640