Bugzilla – Attachment 523 Details for
Bug 764
fully remove product and version information
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to add configurable version information
version-info.patch (text/plain), 6.48 KB, created by
Kees Cook
on 2004-01-07 12:49:55 AEDT
(
hide
)
Description:
Patch to add configurable version information
Filename:
MIME Type:
Creator:
Kees Cook
Created:
2004-01-07 12:49:55 AEDT
Size:
6.48 KB
patch
obsolete
>diff -ur openssh-3.6.1p2-orig/misc.c openssh-3.6.1p2/misc.c >--- openssh-3.6.1p2-orig/misc.c 2004-01-07 09:42:39.000000000 -0800 >+++ openssh-3.6.1p2/misc.c 2004-01-07 10:46:44.000000000 -0800 >@@ -111,7 +111,8 @@ > } > > /* Characters considered whitespace in strsep calls. */ >-#define WHITESPACE " \t\r\n" >+#define LINEEND "\r\n" >+#define WHITESPACE " \t" LINEEND > > /* return next token in configuration line */ > char * >@@ -141,6 +142,30 @@ > return (old); > } > >+char * >+strlineend(char **s) >+{ >+ char *old; >+ int wspace = 0; >+ >+ if (*s == NULL) >+ return NULL; >+ >+ old = *s; >+ >+ *s = strpbrk(*s, LINEEND); >+ if (*s == NULL) >+ return (old); >+ >+ *s[0] = '\0'; >+ >+ *s += strspn(*s + 1, LINEEND) + 1; >+ if (*s[0] == '=' && !wspace) >+ *s += strspn(*s + 1, LINEEND) + 1; >+ >+ return (old); >+} >+ > struct passwd * > pwcopy(struct passwd *pw) > { >diff -ur openssh-3.6.1p2-orig/misc.h openssh-3.6.1p2/misc.h >--- openssh-3.6.1p2-orig/misc.h 2002-03-21 18:54:25.000000000 -0800 >+++ openssh-3.6.1p2/misc.h 2004-01-07 10:46:58.000000000 -0800 >@@ -14,6 +14,7 @@ > > char *chop(char *); > char *strdelim(char **); >+char *strlineend(char **); > void set_nonblock(int); > void unset_nonblock(int); > void set_nodelay(int); >diff -ur openssh-3.6.1p2-orig/servconf.c openssh-3.6.1p2/servconf.c >--- openssh-3.6.1p2-orig/servconf.c 2004-01-07 09:47:44.000000000 -0800 >+++ openssh-3.6.1p2/servconf.c 2004-01-07 11:36:47.000000000 -0800 >@@ -118,6 +118,10 @@ > options->max_startups_rate = -1; > options->max_startups = -1; > options->banner = NULL; >+ options->proto_version_minor = -1; >+ options->proto_version_major = -1; >+ options->software_version = NULL; >+ options->version_comments = NULL; > options->verify_reverse_mapping = -1; > options->client_alive_interval = -1; > options->client_alive_count_max = -1; >@@ -301,6 +305,8 @@ > sBanner, sVerifyReverseMapping, sHostbasedAuthentication, > sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, > sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, >+ sProtoVersionMinor, sProtoVersionMajor, >+ sSoftwareVersion, sVersionComments, > sUsePrivilegeSeparation, > sDeprecated > } ServerOpCodes; >@@ -380,6 +386,10 @@ > { "authorizedkeysfile", sAuthorizedKeysFile }, > { "authorizedkeysfile2", sAuthorizedKeysFile2 }, > { "useprivilegeseparation", sUsePrivilegeSeparation}, >+ { "protoversionminor", sProtoVersionMinor}, >+ { "protoversionmajor", sProtoVersionMajor}, >+ { "softwareversion", sSoftwareVersion}, >+ { "versioncomments", sVersionComments}, > { NULL, sBadOption } > }; > >@@ -697,6 +707,24 @@ > intptr = &options->x11_display_offset; > goto parse_int; > >+ case sProtoVersionMajor: >+ intptr = &options->proto_version_major; >+ goto parse_int; >+ >+ case sProtoVersionMinor: >+ intptr = &options->proto_version_minor; >+ goto parse_int; >+ >+ case sSoftwareVersion: >+ arg = strdelim(&cp); >+ options->software_version = xstrdup(arg); >+ break; >+ >+ case sVersionComments: >+ arg = strlineend(&cp); >+ options->version_comments = xstrdup(arg); >+ break; >+ > case sX11UseLocalhost: > intptr = &options->x11_use_localhost; > goto parse_flag; >diff -ur openssh-3.6.1p2-orig/servconf.h openssh-3.6.1p2/servconf.h >--- openssh-3.6.1p2-orig/servconf.h 2002-07-31 18:28:39.000000000 -0700 >+++ openssh-3.6.1p2/servconf.h 2004-01-07 10:17:30.000000000 -0800 >@@ -114,6 +114,12 @@ > char *subsystem_name[MAX_SUBSYSTEMS]; > char *subsystem_command[MAX_SUBSYSTEMS]; > >+ /* allow configurable version information overrides */ >+ int proto_version_major; >+ int proto_version_minor; >+ char *software_version; >+ char *version_comments; >+ > int max_startups_begin; > int max_startups_rate; > int max_startups; >diff -ur openssh-3.6.1p2-orig/sshd.c openssh-3.6.1p2/sshd.c >--- openssh-3.6.1p2-orig/sshd.c 2004-01-07 09:42:39.000000000 -0800 >+++ openssh-3.6.1p2/sshd.c 2004-01-07 10:16:28.000000000 -0800 >@@ -353,6 +353,8 @@ > int i, mismatch; > int remote_major, remote_minor; > int major, minor; >+ char *software_version=SSH_VERSION; >+ char *version_comments=NULL; > char *s; > char buf[256]; /* Must not be larger than remote_version. */ > char remote_version[256]; /* Must be at least as big as buf. */ >@@ -368,7 +370,22 @@ > major = PROTOCOL_MAJOR_1; > minor = PROTOCOL_MINOR_1; > } >- snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", major, minor, SSH_VERSION); >+ if (options.proto_version_major>=0) { >+ major = options.proto_version_major; >+ } >+ if (options.proto_version_minor>=0) { >+ minor = options.proto_version_minor; >+ } >+ if (options.software_version) { >+ software_version = options.software_version; >+ } >+ if (options.version_comments) { >+ version_comments = options.version_comments; >+ } >+ snprintf(buf, sizeof buf, "SSH-%d.%d-%s%s%s\n", major, minor, >+ software_version, >+ version_comments ? " " : "", >+ version_comments ? version_comments : ""); > server_version_string = xstrdup(buf); > > if (client_version_string == NULL) { >diff -ur openssh-3.6.1p2-orig/sshd_config openssh-3.6.1p2/sshd_config >--- openssh-3.6.1p2-orig/sshd_config 2002-09-26 20:21:58.000000000 -0700 >+++ openssh-3.6.1p2/sshd_config 2004-01-07 10:53:48.000000000 -0800 >@@ -91,3 +91,9 @@ > > # override default of no subsystems > Subsystem sftp /usr/libexec/sftp-server >+ >+# override reported version information >+#ProtoVersionMajor 1 >+#ProtoVersionMinor 99 >+#SoftwareVersion 3.6.1p2 >+#VersionComments Your friendly neighborhood SSH server >diff -ur openssh-3.6.1p2-orig/sshd_config.5 openssh-3.6.1p2/sshd_config.5 >--- openssh-3.6.1p2-orig/sshd_config.5 2003-04-01 03:42:14.000000000 -0800 >+++ openssh-3.6.1p2/sshd_config.5 2004-01-07 11:05:53.000000000 -0800 >@@ -529,6 +529,12 @@ > .Dq 2,1 > is identical to > .Dq 1,2 . >+.It Cm ProtoVersionMajor >+Specifies the major version claimed in the handshake banner. >+The default is the true major version. >+.It Cm ProtoVersionMinor >+Specifies the minor version claimed in the handshake banner. >+The default is the true minor version. > .It Cm PubkeyAuthentication > Specifies whether public key authentication is allowed. > The default is >@@ -559,6 +565,9 @@ > .It Cm ServerKeyBits > Defines the number of bits in the ephemeral protocol version 1 server key. > The minimum value is 512, and the default is 768. >+.It Cm SoftwareVersion >+Specifies the software version claimed in the handshake banner. >+The default is the true software version. > .It Cm StrictModes > Specifies whether > .Nm sshd >@@ -623,6 +632,9 @@ > very same IP address. > The default is > .Dq no . >+.It Cm VersionComments >+Specifies the text following the software version in the handshake banner. >+The default is empty. > .It Cm X11DisplayOffset > Specifies the first display number available for > .Nm sshd Ns 's
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=523">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 764
:
523
|
524
|
866