Bugzilla – Attachment 3015 Details for
Bug 2745
[PATCH] add support for VersionAddendum to the client
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch to support versionaddendum in client
0001-add-VersionAddendum-to-ssh-client-mirroring-what-hap.patch (text/plain), 5.52 KB, created by
Erik Paulson
on 2017-07-19 13:01:35 AEST
(
hide
)
Description:
patch to support versionaddendum in client
Filename:
MIME Type:
Creator:
Erik Paulson
Created:
2017-07-19 13:01:35 AEST
Size:
5.52 KB
patch
obsolete
>From 69daef3b8a99d6c85f357f200c4aaa06fe28eaff Mon Sep 17 00:00:00 2001 >From: Erik Paulson <epaulson@unit1127.com> >Date: Mon, 10 Jul 2017 22:33:13 -0500 >Subject: [PATCH] support VersionAddendum in ssh client > >--- > readconf.c | 14 +++++++++++++- > readconf.h | 1 + > sshconnect.c | 24 ++++++++++++++++++------ > sshconnect.h | 2 +- > 4 files changed, 33 insertions(+), 8 deletions(-) > >diff --git a/readconf.c b/readconf.c >index b11c628..d4b20b0 100644 >--- a/readconf.c >+++ b/readconf.c >@@ -171,7 +171,7 @@ typedef enum { > oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, > oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, > oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, >- oPubkeyAcceptedKeyTypes, oProxyJump, >+ oPubkeyAcceptedKeyTypes, oProxyJump, oVersionAddendum, > oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported > } OpCodes; > >@@ -305,6 +305,7 @@ static struct { > { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, > { "ignoreunknown", oIgnoreUnknown }, > { "proxyjump", oProxyJump }, >+ { "versionaddendum", oVersionAddendum }, > > { NULL, oBadOption } > }; >@@ -1653,6 +1654,10 @@ parse_keytypes: > charptr = &options->identity_agent; > goto parse_string; > >+ case oVersionAddendum: >+ charptr = &options->version_addendum; >+ goto parse_string; >+ > case oDeprecated: > debug("%s line %d: Deprecated option \"%s\"", > filename, linenum, keyword); >@@ -1853,6 +1858,7 @@ initialize_options(Options * options) > options->update_hostkeys = -1; > options->hostbased_key_types = NULL; > options->pubkey_key_types = NULL; >+ options->version_addendum = NULL; > } > > /* >@@ -2022,6 +2028,10 @@ fill_default_options(Options * options) > options->fingerprint_hash = SSH_FP_HASH_DEFAULT; > if (options->update_hostkeys == -1) > options->update_hostkeys = 0; >+ if (options->version_addendum == NULL) >+ options->version_addendum = xstrdup(""); >+ if(strcasecmp(options->version_addendum, "none") == 0) >+ options->version_addendum = xstrdup(""); > if (kex_assemble_names(KEX_CLIENT_ENCRYPT, &options->ciphers) != 0 || > kex_assemble_names(KEX_CLIENT_MAC, &options->macs) != 0 || > kex_assemble_names(KEX_CLIENT_KEX, &options->kex_algorithms) != 0 || >@@ -2527,6 +2537,8 @@ dump_client_config(Options *o, const char *host) > dump_cfg_string(oPubkeyAcceptedKeyTypes, o->pubkey_key_types); > dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys); > dump_cfg_string(oXAuthLocation, o->xauth_location); >+ dump_cfg_string(oVersionAddendum, *o->version_addendum == '\0' >+ ? "none" : o->version_addendum); > > /* Forwards */ > dump_cfg_forwards(oDynamicForward, o->num_local_forwards, o->local_forwards); >diff --git a/readconf.h b/readconf.h >index 94dd427..41efb61 100644 >--- a/readconf.h >+++ b/readconf.h >@@ -164,6 +164,7 @@ typedef struct { > char *jump_extra; > > char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ >+ char *version_addendum; /* Appended to SSH banner */ > } Options; > > #define SSH_CANONICALISE_NO 0 >diff --git a/sshconnect.c b/sshconnect.c >index 8f527aa..6b9e02d 100644 >--- a/sshconnect.c >+++ b/sshconnect.c >@@ -508,11 +508,23 @@ ssh_connect(const char *host, struct addrinfo *addrs, > } > > static void >-send_client_banner(int connection_out, int minor1) >+send_client_banner(int connection_out, int minor1, const char *host) > { > /* Send our own protocol version identification. */ >- xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n", >- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION); >+ char *tmp, *expanded; >+ xasprintf(&tmp, "%s%s", *options.version_addendum == '\0' ? "" : " ", >+ options.version_addendum); >+ expanded = percent_expand(tmp, "h", host, (char *)NULL); >+ if (strchr(expanded, '\r') != NULL) >+ fatal("send_client_banner: cannot include carriage return " >+ "in version addendum"); >+ xasprintf(&client_version_string, "SSH-%d.%d-%.100s%s\r\n", >+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, expanded); >+ free(tmp); >+ free(expanded); >+ if(strlen(client_version_string) > 255) >+ fatal("send_client_banner: banner too long: %.255s", >+ client_version_string); > if (atomicio(vwrite, connection_out, client_version_string, > strlen(client_version_string)) != strlen(client_version_string)) > fatal("write: %.100s", strerror(errno)); >@@ -525,7 +537,7 @@ send_client_banner(int connection_out, int minor1) > * identification string. > */ > void >-ssh_exchange_identification(int timeout_ms) >+ssh_exchange_identification(int timeout_ms, const char *host) > { > char buf[256], remote_version[256]; /* must be same size! */ > int remote_major, remote_minor, mismatch; >@@ -535,7 +547,7 @@ ssh_exchange_identification(int timeout_ms) > size_t len; > int rc; > >- send_client_banner(connection_out, 0); >+ send_client_banner(connection_out, 0, host); > > /* Read other side's version identification. */ > for (n = 0;;) { >@@ -1306,7 +1318,7 @@ ssh_login(Sensitive *sensitive, const char *orighost, > lowercase(host); > > /* Exchange protocol version identification strings with the server. */ >- ssh_exchange_identification(timeout_ms); >+ ssh_exchange_identification(timeout_ms, host); > > /* Put the connection into non-blocking mode. */ > packet_set_nonblocking(); >diff --git a/sshconnect.h b/sshconnect.h >index f4e73f7..09fcff5 100644 >--- a/sshconnect.h >+++ b/sshconnect.h >@@ -39,7 +39,7 @@ void ssh_kill_proxy_command(void); > void ssh_login(Sensitive *, const char *, struct sockaddr *, u_short, > struct passwd *, int); > >-void ssh_exchange_identification(int); >+void ssh_exchange_identification(int, const char *); > > int verify_host_key(char *, struct sockaddr *, struct sshkey *); > >-- >1.7.2.2 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3015">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2745
: 3015