devel/openssh/openssh-5.2p1-vendor.patch

diff -up openssh-5.2p1/configure.ac.vendor openssh-5.2p1/configure.ac
--- openssh-5.2p1/configure.ac.vendor	2008-07-23 14:13:22.000000000 +0200
+++ openssh-5.2p1/configure.ac	2008-07-23 14:13:22.000000000 +0200
@@ -3890,6 +3890,12 @@ AC_ARG_WITH(lastlog,
 		fi
 	]
 )
+AC_ARG_ENABLE(vendor-patchlevel,
+  [  --enable-vendor-patchlevel=TAG  specify a vendor patch level],
+  [AC_DEFINE_UNQUOTED(SSH_VENDOR_PATCHLEVEL,[SSH_RELEASE "-" "$enableval"],[Define to your vendor patch level, if it has been modified from the upstream source release.])
+   SSH_VENDOR_PATCHLEVEL="$enableval"],
+  [AC_DEFINE(SSH_VENDOR_PATCHLEVEL,SSH_RELEASE,[Define to your vendor patch level, if it has been modified from the upstream source release.])
+   SSH_VENDOR_PATCHLEVEL=none])
 
 dnl lastlog, [uw]tmpx? detection
 dnl  NOTE: set the paths in the platform section to avoid the
@@ -4146,6 +4152,7 @@ echo "       IP address in \$DISPLAY hac
 echo "           Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
 echo "                  BSD Auth support: $BSD_AUTH_MSG"
 echo "              Random number source: $RAND_MSG"
+echo "                Vendor patch level: $SSH_VENDOR_PATCHLEVEL"
 if test ! -z "$USE_RAND_HELPER" ; then
 echo "     ssh-rand-helper collects from: $RAND_HELPER_MSG"
 fi
diff -up openssh-5.2p1/sshd_config.5.vendor openssh-5.2p1/sshd_config.5
--- openssh-5.2p1/sshd_config.5.vendor	2008-07-23 14:13:22.000000000 +0200
+++ openssh-5.2p1/sshd_config.5	2008-07-23 14:19:23.000000000 +0200
@@ -812,6 +812,14 @@ This option applies to protocol version 
 .It Cm ServerKeyBits
 Defines the number of bits in the ephemeral protocol version 1 server key.
 The minimum value is 512, and the default is 1024.
+.It Cm ShowPatchLevel 
+Specifies whether 
+.Nm sshd 
+will display the patch level of the binary in the identification string. 
+The patch level is set at compile-time. 
+The default is 
+.Dq no . 
+This option applies to protocol version 1 only. 
 .It Cm StrictModes
 Specifies whether
 .Xr sshd 8
diff -up openssh-5.2p1/servconf.h.vendor openssh-5.2p1/servconf.h
--- openssh-5.2p1/servconf.h.vendor	2008-06-10 15:01:51.000000000 +0200
+++ openssh-5.2p1/servconf.h	2008-07-23 14:13:22.000000000 +0200
@@ -126,6 +126,7 @@ typedef struct {
 	int	max_authtries;
 	int	max_sessions;
 	char   *banner;			/* SSH-2 banner message */
+	int	show_patchlevel;	/* Show vendor patch level to clients */
 	int	use_dns;
 	int	client_alive_interval;	/*
 					 * poke the client this often to
diff -up openssh-5.2p1/servconf.c.vendor openssh-5.2p1/servconf.c
--- openssh-5.2p1/servconf.c.vendor	2008-07-04 05:51:12.000000000 +0200
+++ openssh-5.2p1/servconf.c	2008-07-23 14:32:27.000000000 +0200
@@ -117,6 +117,7 @@ initialize_server_options(ServerOptions 
 	options->max_authtries = -1;
 	options->max_sessions = -1;
 	options->banner = NULL;
+	options->show_patchlevel = -1;
 	options->use_dns = -1;
 	options->client_alive_interval = -1;
 	options->client_alive_count_max = -1;
@@ -262,6 +263,9 @@ fill_default_server_options(ServerOption
 	if (options->zero_knowledge_password_authentication == -1)
 		options->zero_knowledge_password_authentication = 0;
 
+	if (options->show_patchlevel == -1)
+ 		options->show_patchlevel = 0;
+ 
 	/* Turn privilege separation on by default */
 	if (use_privsep == -1)
 		use_privsep = 1;
@@ -299,7 +303,7 @@ typedef enum {
 	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
 	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
 	sMaxStartups, sMaxAuthTries, sMaxSessions,
-	sBanner, sUseDNS, sHostbasedAuthentication,
+	sBanner, sShowPatchLevel, sUseDNS, sHostbasedAuthentication,
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
 	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
 	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
@@ -410,6 +414,7 @@ static struct {
 	{ "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
 	{ "maxsessions", sMaxSessions, SSHCFG_ALL },
 	{ "banner", sBanner, SSHCFG_ALL },
+	{ "showpatchlevel", sShowPatchLevel, SSHCFG_GLOBAL },
 	{ "usedns", sUseDNS, SSHCFG_GLOBAL },
 	{ "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
 	{ "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
@@ -1033,6 +1038,10 @@ process_server_config_line(ServerOptions
 		intptr = &use_privsep;
 		goto parse_flag;
 
+	case sShowPatchLevel:
+		intptr = &options->show_patchlevel;
+		goto parse_flag;
+
 	case sAllowUsers:
 		while ((arg = strdelim(&cp)) && *arg != '\0') {
 			if (options->num_allow_users >= MAX_ALLOW_USERS)
@@ -1613,6 +1622,7 @@ dump_config(ServerOptions *o)
 	dump_cfg_fmtint(sUseLogin, o->use_login);
 	dump_cfg_fmtint(sCompression, o->compression);
 	dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
+	dump_cfg_fmtint(sShowPatchLevel, o->show_patchlevel);
 	dump_cfg_fmtint(sUseDNS, o->use_dns);
 	dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
 	dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
diff -up openssh-5.2p1/sshd_config.0.vendor openssh-5.2p1/sshd_config.0
--- openssh-5.2p1/sshd_config.0.vendor	2008-07-23 14:13:22.000000000 +0200
+++ openssh-5.2p1/sshd_config.0	2008-07-23 14:13:22.000000000 +0200
@@ -466,6 +466,11 @@ DESCRIPTION
              Defines the number of bits in the ephemeral protocol version 1
              server key.  The minimum value is 512, and the default is 1024.
 
+     ShowPatchLevel
+	     Specifies whether sshd will display the specific patch level of
+	     the binary in the server identification string.  The patch level
+	     is set at compile-time.  The default is M-bM-^@M-^\noM-bM-^@M-^].
+
      StrictModes
              Specifies whether sshd(8) should check file modes and ownership
              of the user's files and home directory before accepting login.
diff -up openssh-5.2p1/sshd_config.vendor openssh-5.2p1/sshd_config
--- openssh-5.2p1/sshd_config.vendor	2008-07-23 14:13:22.000000000 +0200
+++ openssh-5.2p1/sshd_config	2008-07-23 14:13:22.000000000 +0200
@@ -112,6 +112,7 @@ X11Forwarding yes
 #Compression delayed
 #ClientAliveInterval 0
 #ClientAliveCountMax 3
+#ShowPatchLevel no
 #UseDNS yes
 #PidFile /var/run/sshd.pid
 #MaxStartups 10
diff -up openssh-5.2p1/sshd.c.vendor openssh-5.2p1/sshd.c
--- openssh-5.2p1/sshd.c.vendor	2008-07-11 09:36:49.000000000 +0200
+++ openssh-5.2p1/sshd.c	2008-07-23 14:35:43.000000000 +0200
@@ -416,7 +416,7 @@ sshd_exchange_identification(int sock_in
 		minor = PROTOCOL_MINOR_1;
 	}
 	snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s", major, minor,
-	    SSH_VERSION, newline);
+	   (options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_VERSION, newline);
 	server_version_string = xstrdup(buf);
 
 	/* Send our protocol version identification. */
@@ -1484,7 +1484,8 @@ main(int ac, char **av)
 		exit(1);
 	}
 
-	debug("sshd version %.100s", SSH_RELEASE);
+	debug("sshd version %.100s",
+	      (options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_RELEASE);
 
 	/* Store privilege separation user for later use if required. */
 	if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {
1	diff -up openssh-5.2p1/configure.ac.vendor openssh-5.2p1/configure.ac
2	--- openssh-5.2p1/configure.ac.vendor 2008-07-23 14:13:22.000000000 +0200
3	+++ openssh-5.2p1/configure.ac 2008-07-23 14:13:22.000000000 +0200
4	@@ -3890,6 +3890,12 @@ AC_ARG_WITH(lastlog,
5	fi
6	]
7	)
8	+AC_ARG_ENABLE(vendor-patchlevel,
9	+ [ --enable-vendor-patchlevel=TAG specify a vendor patch level],
10	+ [AC_DEFINE_UNQUOTED(SSH_VENDOR_PATCHLEVEL,[SSH_RELEASE "-" "$enableval"],[Define to your vendor patch level, if it has been modified from the upstream source release.])
11	+ SSH_VENDOR_PATCHLEVEL="$enableval"],
12	+ [AC_DEFINE(SSH_VENDOR_PATCHLEVEL,SSH_RELEASE,[Define to your vendor patch level, if it has been modified from the upstream source release.])
13	+ SSH_VENDOR_PATCHLEVEL=none])
14
15	dnl lastlog, [uw]tmpx? detection
16	dnl NOTE: set the paths in the platform section to avoid the
17	@@ -4146,6 +4152,7 @@ echo " IP address in \$DISPLAY hac
18	echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
19	echo " BSD Auth support: $BSD_AUTH_MSG"
20	echo " Random number source: $RAND_MSG"
21	+echo " Vendor patch level: $SSH_VENDOR_PATCHLEVEL"
22	if test ! -z "$USE_RAND_HELPER" ; then
23	echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
24	fi
25	diff -up openssh-5.2p1/sshd_config.5.vendor openssh-5.2p1/sshd_config.5
26	--- openssh-5.2p1/sshd_config.5.vendor 2008-07-23 14:13:22.000000000 +0200
27	+++ openssh-5.2p1/sshd_config.5 2008-07-23 14:19:23.000000000 +0200
28	@@ -812,6 +812,14 @@ This option applies to protocol version
29	.It Cm ServerKeyBits
30	Defines the number of bits in the ephemeral protocol version 1 server key.
31	The minimum value is 512, and the default is 1024.
32	+.It Cm ShowPatchLevel
33	+Specifies whether
34	+.Nm sshd
35	+will display the patch level of the binary in the identification string.
36	+The patch level is set at compile-time.
37	+The default is
38	+.Dq no .
39	+This option applies to protocol version 1 only.
40	.It Cm StrictModes
41	Specifies whether
42	.Xr sshd 8
43	diff -up openssh-5.2p1/servconf.h.vendor openssh-5.2p1/servconf.h
44	--- openssh-5.2p1/servconf.h.vendor 2008-06-10 15:01:51.000000000 +0200
45	+++ openssh-5.2p1/servconf.h 2008-07-23 14:13:22.000000000 +0200
46	@@ -126,6 +126,7 @@ typedef struct {
47	int max_authtries;
48	int max_sessions;
49	char banner; / SSH-2 banner message */
50	+ int show_patchlevel; /* Show vendor patch level to clients */
51	int use_dns;
52	int client_alive_interval; /*
53	* poke the client this often to
54	diff -up openssh-5.2p1/servconf.c.vendor openssh-5.2p1/servconf.c
55	--- openssh-5.2p1/servconf.c.vendor 2008-07-04 05:51:12.000000000 +0200
56	+++ openssh-5.2p1/servconf.c 2008-07-23 14:32:27.000000000 +0200
57	@@ -117,6 +117,7 @@ initialize_server_options(ServerOptions
58	options->max_authtries = -1;
59	options->max_sessions = -1;
60	options->banner = NULL;
61	+ options->show_patchlevel = -1;
62	options->use_dns = -1;
63	options->client_alive_interval = -1;
64	options->client_alive_count_max = -1;
65	@@ -262,6 +263,9 @@ fill_default_server_options(ServerOption
66	if (options->zero_knowledge_password_authentication == -1)
67	options->zero_knowledge_password_authentication = 0;
68
69	+ if (options->show_patchlevel == -1)
70	+ options->show_patchlevel = 0;
71	+
72	/* Turn privilege separation on by default */
73	if (use_privsep == -1)
74	use_privsep = 1;
75	@@ -299,7 +303,7 @@ typedef enum {
76	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
77	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
78	sMaxStartups, sMaxAuthTries, sMaxSessions,
79	- sBanner, sUseDNS, sHostbasedAuthentication,
80	+ sBanner, sShowPatchLevel, sUseDNS, sHostbasedAuthentication,
81	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
82	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
83	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
84	@@ -410,6 +414,7 @@ static struct {
85	{ "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
86	{ "maxsessions", sMaxSessions, SSHCFG_ALL },
87	{ "banner", sBanner, SSHCFG_ALL },
88	+ { "showpatchlevel", sShowPatchLevel, SSHCFG_GLOBAL },
89	{ "usedns", sUseDNS, SSHCFG_GLOBAL },
90	{ "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
91	{ "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
92	@@ -1033,6 +1038,10 @@ process_server_config_line(ServerOptions
93	intptr = &use_privsep;
94	goto parse_flag;
95
96	+ case sShowPatchLevel:
97	+ intptr = &options->show_patchlevel;
98	+ goto parse_flag;
99	+
100	case sAllowUsers:
101	while ((arg = strdelim(&cp)) && *arg != '\0') {
102	if (options->num_allow_users >= MAX_ALLOW_USERS)
103	@@ -1613,6 +1622,7 @@ dump_config(ServerOptions *o)
104	dump_cfg_fmtint(sUseLogin, o->use_login);
105	dump_cfg_fmtint(sCompression, o->compression);
106	dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
107	+ dump_cfg_fmtint(sShowPatchLevel, o->show_patchlevel);
108	dump_cfg_fmtint(sUseDNS, o->use_dns);
109	dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
110	dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
111	diff -up openssh-5.2p1/sshd_config.0.vendor openssh-5.2p1/sshd_config.0
112	--- openssh-5.2p1/sshd_config.0.vendor 2008-07-23 14:13:22.000000000 +0200
113	+++ openssh-5.2p1/sshd_config.0 2008-07-23 14:13:22.000000000 +0200
114	@@ -466,6 +466,11 @@ DESCRIPTION
115	Defines the number of bits in the ephemeral protocol version 1
116	server key. The minimum value is 512, and the default is 1024.
117
118	+ ShowPatchLevel
119	+ Specifies whether sshd will display the specific patch level of
120	+ the binary in the server identification string. The patch level
121	+ is set at compile-time. The default is M-bM-^@M-^\noM-bM-^@M-^].
122	+
123	StrictModes
124	Specifies whether sshd(8) should check file modes and ownership
125	of the user's files and home directory before accepting login.
126	diff -up openssh-5.2p1/sshd_config.vendor openssh-5.2p1/sshd_config
127	--- openssh-5.2p1/sshd_config.vendor 2008-07-23 14:13:22.000000000 +0200
128	+++ openssh-5.2p1/sshd_config 2008-07-23 14:13:22.000000000 +0200
129	@@ -112,6 +112,7 @@ X11Forwarding yes
130	#Compression delayed
131	#ClientAliveInterval 0
132	#ClientAliveCountMax 3
133	+#ShowPatchLevel no
134	#UseDNS yes
135	#PidFile /var/run/sshd.pid
136	#MaxStartups 10
137	diff -up openssh-5.2p1/sshd.c.vendor openssh-5.2p1/sshd.c
138	--- openssh-5.2p1/sshd.c.vendor 2008-07-11 09:36:49.000000000 +0200
139	+++ openssh-5.2p1/sshd.c 2008-07-23 14:35:43.000000000 +0200
140	@@ -416,7 +416,7 @@ sshd_exchange_identification(int sock_in
141	minor = PROTOCOL_MINOR_1;
142	}
143	snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s", major, minor,
144	- SSH_VERSION, newline);
145	+ (options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_VERSION, newline);
146	server_version_string = xstrdup(buf);
147
148	/* Send our protocol version identification. */
149	@@ -1484,7 +1484,8 @@ main(int ac, char **av)
150	exit(1);
151	}
152
153	- debug("sshd version %.100s", SSH_RELEASE);
154	+ debug("sshd version %.100s",
155	+ (options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_RELEASE);
156
157	/* Store privilege separation user for later use if required. */
158	if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {
admin@fedoraproject.org	ViewVC Help
Powered by ViewVC 1.1.2