Bugzilla – Attachment 1686 Details for
Bug 1640
Add patchlevel info to the sshd binary.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch solving the problem
vendor.patch (text/plain), 6.88 KB, created by
jchadima
on 2009-08-31 18:51:16 AEST
(
hide
)
Description:
patch solving the problem
Filename:
MIME Type:
Creator:
jchadima
Created:
2009-08-31 18:51:16 AEST
Size:
6.88 KB
patch
obsolete
>diff -up openssh-5.2p1/configure.ac.vendor openssh-5.2p1/configure.ac >--- openssh-5.2p1/configure.ac.vendor 2009-02-16 05:37:03.000000000 +0100 >+++ openssh-5.2p1/configure.ac 2009-08-11 20:32:33.106902032 +0200 >@@ -3914,6 +3914,12 @@ AC_ARG_WITH(lastlog, > fi > ] > ) >+AC_ARG_ENABLE(vendor-patchlevel, >+ [ --enable-vendor-patchlevel=TAG specify a vendor patch level], >+ [AC_DEFINE_UNQUOTED(SSH_VENDOR_PATCHLEVEL,[SSH_RELEASE "-" "$enableval"],[Define to your vendor patch level, if it has been modified from the upstream source release.]) >+ SSH_VENDOR_PATCHLEVEL="$enableval"], >+ [AC_DEFINE(SSH_VENDOR_PATCHLEVEL,SSH_RELEASE,[Define to your vendor patch level, if it has been modified from the upstream source release.]) >+ SSH_VENDOR_PATCHLEVEL=none]) > > dnl lastlog, [uw]tmpx? detection > dnl NOTE: set the paths in the platform section to avoid the >@@ -4170,6 +4176,7 @@ echo " IP address in \$DISPLAY hac > echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" > echo " BSD Auth support: $BSD_AUTH_MSG" > echo " Random number source: $RAND_MSG" >+echo " Vendor patch level: $SSH_VENDOR_PATCHLEVEL" > if test ! -z "$USE_RAND_HELPER" ; then > echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" > fi >diff -up openssh-5.2p1/servconf.c.vendor openssh-5.2p1/servconf.c >--- openssh-5.2p1/servconf.c.vendor 2009-01-28 06:31:23.000000000 +0100 >+++ openssh-5.2p1/servconf.c 2009-08-11 20:32:33.108563976 +0200 >@@ -117,6 +117,7 @@ initialize_server_options(ServerOptions > options->max_authtries = -1; > options->max_sessions = -1; > options->banner = NULL; >+ options->show_patchlevel = -1; > options->use_dns = -1; > options->client_alive_interval = -1; > options->client_alive_count_max = -1; >@@ -262,6 +263,9 @@ fill_default_server_options(ServerOption > if (options->zero_knowledge_password_authentication == -1) > options->zero_knowledge_password_authentication = 0; > >+ if (options->show_patchlevel == -1) >+ options->show_patchlevel = 0; >+ > /* Turn privilege separation on by default */ > if (use_privsep == -1) > use_privsep = 1; >@@ -299,7 +303,7 @@ typedef enum { > sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, > sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, > sMaxStartups, sMaxAuthTries, sMaxSessions, >- sBanner, sUseDNS, sHostbasedAuthentication, >+ sBanner, sShowPatchLevel, sUseDNS, sHostbasedAuthentication, > sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, > sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, > sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, >@@ -410,6 +414,7 @@ static struct { > { "maxauthtries", sMaxAuthTries, SSHCFG_ALL }, > { "maxsessions", sMaxSessions, SSHCFG_ALL }, > { "banner", sBanner, SSHCFG_ALL }, >+ { "showpatchlevel", sShowPatchLevel, SSHCFG_GLOBAL }, > { "usedns", sUseDNS, SSHCFG_GLOBAL }, > { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, > { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, >@@ -1033,6 +1038,10 @@ process_server_config_line(ServerOptions > intptr = &use_privsep; > goto parse_flag; > >+ case sShowPatchLevel: >+ intptr = &options->show_patchlevel; >+ goto parse_flag; >+ > case sAllowUsers: > while ((arg = strdelim(&cp)) && *arg != '\0') { > if (options->num_allow_users >= MAX_ALLOW_USERS) >@@ -1613,6 +1622,7 @@ dump_config(ServerOptions *o) > dump_cfg_fmtint(sUseLogin, o->use_login); > dump_cfg_fmtint(sCompression, o->compression); > dump_cfg_fmtint(sGatewayPorts, o->gateway_ports); >+ dump_cfg_fmtint(sShowPatchLevel, o->show_patchlevel); > dump_cfg_fmtint(sUseDNS, o->use_dns); > dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding); > dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep); >diff -up openssh-5.2p1/servconf.h.vendor openssh-5.2p1/servconf.h >--- openssh-5.2p1/servconf.h.vendor 2009-01-28 06:31:23.000000000 +0100 >+++ openssh-5.2p1/servconf.h 2009-08-11 20:32:33.108563976 +0200 >@@ -128,6 +128,7 @@ typedef struct { > int max_authtries; > int max_sessions; > char *banner; /* SSH-2 banner message */ >+ int show_patchlevel; /* Show vendor patch level to clients */ > int use_dns; > int client_alive_interval; /* > * poke the client this often to >diff -up openssh-5.2p1/sshd_config.0.vendor openssh-5.2p1/sshd_config.0 >--- openssh-5.2p1/sshd_config.0.vendor 2009-02-23 01:18:15.000000000 +0100 >+++ openssh-5.2p1/sshd_config.0 2009-08-11 20:32:33.114763817 +0200 >@@ -467,6 +467,11 @@ DESCRIPTION > Defines the number of bits in the ephemeral protocol version 1 > server key. The minimum value is 512, and the default is 1024. > >+ ShowPatchLevel >+ Specifies whether sshd will display the specific patch level of >+ the binary in the server identification string. The patch level >+ is set at compile-time. The default is M-bM-^@M-^\noM-bM-^@M-^]. >+ > StrictModes > Specifies whether sshd(8) should check file modes and ownership > of the user's files and home directory before accepting login. >diff -up openssh-5.2p1/sshd_config.5.vendor openssh-5.2p1/sshd_config.5 >--- openssh-5.2p1/sshd_config.5.vendor 2009-02-23 01:00:24.000000000 +0100 >+++ openssh-5.2p1/sshd_config.5 2009-08-11 20:32:33.108563976 +0200 >@@ -814,6 +814,14 @@ This option applies to protocol version > .It Cm ServerKeyBits > Defines the number of bits in the ephemeral protocol version 1 server key. > The minimum value is 512, and the default is 1024. >+.It Cm ShowPatchLevel >+Specifies whether >+.Nm sshd >+will display the patch level of the binary in the identification string. >+The patch level is set at compile-time. >+The default is >+.Dq no . >+This option applies to protocol version 1 only. > .It Cm StrictModes > Specifies whether > .Xr sshd 8 >diff -up openssh-5.2p1/sshd_config.vendor openssh-5.2p1/sshd_config >--- openssh-5.2p1/sshd_config.vendor 2008-07-02 14:35:43.000000000 +0200 >+++ openssh-5.2p1/sshd_config 2009-08-11 20:32:33.116670066 +0200 >@@ -100,6 +100,7 @@ Protocol 2 > #Compression delayed > #ClientAliveInterval 0 > #ClientAliveCountMax 3 >+#ShowPatchLevel no > #UseDNS yes > #PidFile /var/run/sshd.pid > #MaxStartups 10 >diff -up openssh-5.2p1/sshd.c.vendor openssh-5.2p1/sshd.c >--- openssh-5.2p1/sshd.c.vendor 2009-01-28 06:31:23.000000000 +0100 >+++ openssh-5.2p1/sshd.c 2009-08-11 20:32:33.117285492 +0200 >@@ -415,7 +415,7 @@ sshd_exchange_identification(int sock_in > minor = PROTOCOL_MINOR_1; > } > snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s", major, minor, >- SSH_VERSION, newline); >+ (options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_VERSION, newline); > server_version_string = xstrdup(buf); > > /* Send our protocol version identification. */ >@@ -1483,7 +1483,8 @@ main(int ac, char **av) > exit(1); > } > >- debug("sshd version %.100s", SSH_RELEASE); >+ debug("sshd version %.100s", >+ (options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_RELEASE); > > /* Store privilege separation user for later use if required. */ > if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1686">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1640
: 1686