vishalmishra434 / rpms / openssh

Forked from rpms/openssh 3 months ago
Clone
Petr Lautrbach d9e618
diff -up openssh-5.9p1/configure.ac.vendor openssh-5.9p1/configure.ac
Petr Lautrbach d9e618
--- openssh-5.9p1/configure.ac.vendor	2012-02-06 17:35:37.439855272 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/configure.ac	2012-02-06 17:35:37.510219862 +0100
Petr Lautrbach d9e618
@@ -4135,6 +4135,12 @@ AC_ARG_WITH([lastlog],
Jan F. Chadima 69dd72
 		fi
Jan F. Chadima 69dd72
 	]
Jan F. Chadima 69dd72
 )
Jan F. Chadima 69dd72
+AC_ARG_ENABLE(vendor-patchlevel,
Jan F. Chadima 69dd72
+  [  --enable-vendor-patchlevel=TAG  specify a vendor patch level],
Jan F. Chadima 69dd72
+  [AC_DEFINE_UNQUOTED(SSH_VENDOR_PATCHLEVEL,[SSH_RELEASE "-" "$enableval"],[Define to your vendor patch level, if it has been modified from the upstream source release.])
Jan F. Chadima 69dd72
+   SSH_VENDOR_PATCHLEVEL="$enableval"],
Jan F. Chadima 69dd72
+  [AC_DEFINE(SSH_VENDOR_PATCHLEVEL,SSH_RELEASE,[Define to your vendor patch level, if it has been modified from the upstream source release.])
Jan F. Chadima 69dd72
+   SSH_VENDOR_PATCHLEVEL=none])
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 dnl lastlog, [uw]tmpx? detection
Jan F. Chadima 69dd72
 dnl  NOTE: set the paths in the platform section to avoid the
Petr Lautrbach d9e618
@@ -4361,6 +4367,7 @@ echo "           Translate v4 in v6 hack
Jan F. Chadima 69dd72
 echo "                  BSD Auth support: $BSD_AUTH_MSG"
Jan F. Chadima 69dd72
 echo "              Random number source: $RAND_MSG"
Jan F. Chadima 69dd72
 echo "             Privsep sandbox style: $SANDBOX_STYLE"
Jan F. Chadima 69dd72
+echo "                Vendor patch level: $SSH_VENDOR_PATCHLEVEL"
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 echo ""
Jan F. Chadima 69dd72
 
Petr Lautrbach d9e618
diff -up openssh-5.9p1/servconf.c.vendor openssh-5.9p1/servconf.c
Petr Lautrbach d9e618
--- openssh-5.9p1/servconf.c.vendor	2012-02-06 17:35:37.432972267 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/servconf.c	2012-02-06 17:37:58.806272833 +0100
Petr Lautrbach d9e618
@@ -125,6 +125,7 @@ initialize_server_options(ServerOptions 
Jan F. Chadima 69dd72
 	options->max_authtries = -1;
Jan F. Chadima 69dd72
 	options->max_sessions = -1;
Jan F. Chadima 69dd72
 	options->banner = NULL;
Jan F. Chadima 69dd72
+	options->show_patchlevel = -1;
Jan F. Chadima 69dd72
 	options->use_dns = -1;
Jan F. Chadima 69dd72
 	options->client_alive_interval = -1;
Jan F. Chadima 69dd72
 	options->client_alive_count_max = -1;
Petr Lautrbach d9e618
@@ -283,6 +284,8 @@ fill_default_server_options(ServerOption
Jan F. Chadima 69dd72
 		options->ip_qos_interactive = IPTOS_LOWDELAY;
Jan F. Chadima 69dd72
 	if (options->ip_qos_bulk == -1)
Jan F. Chadima 69dd72
 		options->ip_qos_bulk = IPTOS_THROUGHPUT;
Jan F. Chadima 69dd72
+	if (options->show_patchlevel == -1)
Jan F. Chadima 69dd72
+ 		options->show_patchlevel = 0;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 	/* Turn privilege separation on by default */
Jan F. Chadima 69dd72
 	if (use_privsep == -1)
Petr Lautrbach d9e618
@@ -321,7 +324,7 @@ typedef enum {
Jan F. Chadima 69dd72
 	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
Jan F. Chadima 69dd72
 	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
Jan F. Chadima 69dd72
 	sMaxStartups, sMaxAuthTries, sMaxSessions,
Jan F. Chadima 69dd72
-	sBanner, sUseDNS, sHostbasedAuthentication,
Jan F. Chadima 69dd72
+	sBanner, sShowPatchLevel, sUseDNS, sHostbasedAuthentication,
Petr Lautrbach d9e618
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
Petr Lautrbach d9e618
 	sClientAliveCountMax, sAuthorizedKeysFile,
Petr Lautrbach d9e618
 	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
Petr Lautrbach d9e618
@@ -436,6 +439,7 @@ static struct {
Jan F. Chadima 69dd72
 	{ "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
Jan F. Chadima 69dd72
 	{ "maxsessions", sMaxSessions, SSHCFG_ALL },
Jan F. Chadima 69dd72
 	{ "banner", sBanner, SSHCFG_ALL },
Jan F. Chadima 69dd72
+	{ "showpatchlevel", sShowPatchLevel, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
 	{ "usedns", sUseDNS, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
 	{ "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
 	{ "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
Petr Lautrbach d9e618
@@ -1092,6 +1096,10 @@ process_server_config_line(ServerOptions
Jan F. Chadima 69dd72
 		multistate_ptr = multistate_privsep;
Jan F. Chadima 69dd72
 		goto parse_multistate;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	case sShowPatchLevel:
Jan F. Chadima 69dd72
+		intptr = &options->show_patchlevel;
Jan F. Chadima 69dd72
+		goto parse_flag;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	case sAllowUsers:
Jan F. Chadima 69dd72
 		while ((arg = strdelim(&cp)) && *arg != '\0') {
Jan F. Chadima 69dd72
 			if (options->num_allow_users >= MAX_ALLOW_USERS)
Petr Lautrbach d9e618
@@ -1807,6 +1815,7 @@ dump_config(ServerOptions *o)
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sUseLogin, o->use_login);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sCompression, o->compression);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
Jan F. Chadima 69dd72
+	dump_cfg_fmtint(sShowPatchLevel, o->show_patchlevel);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sUseDNS, o->use_dns);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
Petr Lautrbach d9e618
diff -up openssh-5.9p1/servconf.h.vendor openssh-5.9p1/servconf.h
Petr Lautrbach d9e618
--- openssh-5.9p1/servconf.h.vendor	2012-02-06 17:35:37.434095467 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/servconf.h	2012-02-06 17:35:37.512225786 +0100
Petr Lautrbach d9e618
@@ -140,6 +140,7 @@ typedef struct {
Jan F. Chadima 69dd72
 	int	max_authtries;
Jan F. Chadima 69dd72
 	int	max_sessions;
Jan F. Chadima 69dd72
 	char   *banner;			/* SSH-2 banner message */
Jan F. Chadima 69dd72
+	int	show_patchlevel;	/* Show vendor patch level to clients */
Jan F. Chadima 69dd72
 	int	use_dns;
Jan F. Chadima 69dd72
 	int	client_alive_interval;	/*
Jan F. Chadima 69dd72
 					 * poke the client this often to
Petr Lautrbach d9e618
diff -up openssh-5.9p1/sshd_config.vendor openssh-5.9p1/sshd_config
Petr Lautrbach d9e618
--- openssh-5.9p1/sshd_config.vendor	2012-02-06 17:35:37.499226201 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/sshd_config	2012-02-06 17:35:37.515220444 +0100
Petr Lautrbach d9e618
@@ -112,6 +112,7 @@ X11Forwarding yes
Petr Lautrbach d9e618
 #Compression delayed
Petr Lautrbach d9e618
 #ClientAliveInterval 0
Petr Lautrbach d9e618
 #ClientAliveCountMax 3
Petr Lautrbach d9e618
+#ShowPatchLevel no
Petr Lautrbach d9e618
 #UseDNS yes
Petr Lautrbach d9e618
 #PidFile /var/run/sshd.pid
Petr Lautrbach d9e618
 #MaxStartups 10
Petr Lautrbach d9e618
diff -up openssh-5.9p1/sshd_config.0.vendor openssh-5.9p1/sshd_config.0
Petr Lautrbach d9e618
--- openssh-5.9p1/sshd_config.0.vendor	2012-02-06 17:35:37.500225787 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/sshd_config.0	2012-02-06 17:35:37.513225808 +0100
Jan F. Chadima 69dd72
@@ -556,6 +556,11 @@ DESCRIPTION
Jan F. Chadima 69dd72
              Defines the number of bits in the ephemeral protocol version 1
Jan F. Chadima 69dd72
              server key.  The minimum value is 512, and the default is 1024.
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+     ShowPatchLevel
Jan F. Chadima 69dd72
+	     Specifies whether sshd will display the specific patch level of
Jan F. Chadima 69dd72
+	     the binary in the server identification string.  The patch level
Jan F. Chadima 69dd72
+	     is set at compile-time.  The default is M-bM-^@M-^\noM-bM-^@M-^].
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
      StrictModes
Jan F. Chadima 69dd72
              Specifies whether sshd(8) should check file modes and ownership
Jan F. Chadima 69dd72
              of the user's files and home directory before accepting login.
Petr Lautrbach d9e618
diff -up openssh-5.9p1/sshd_config.5.vendor openssh-5.9p1/sshd_config.5
Petr Lautrbach d9e618
--- openssh-5.9p1/sshd_config.5.vendor	2012-02-06 17:35:37.500225787 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/sshd_config.5	2012-02-06 17:35:37.514220449 +0100
Petr Lautrbach d9e618
@@ -982,6 +982,14 @@ This option applies to protocol version 
Jan F. Chadima 69dd72
 .It Cm ServerKeyBits
Jan F. Chadima 69dd72
 Defines the number of bits in the ephemeral protocol version 1 server key.
Jan F. Chadima 69dd72
 The minimum value is 512, and the default is 1024.
Jan F. Chadima 69dd72
+.It Cm ShowPatchLevel 
Jan F. Chadima 69dd72
+Specifies whether 
Jan F. Chadima 69dd72
+.Nm sshd 
Jan F. Chadima 69dd72
+will display the patch level of the binary in the identification string. 
Jan F. Chadima 69dd72
+The patch level is set at compile-time. 
Jan F. Chadima 69dd72
+The default is 
Jan F. Chadima 69dd72
+.Dq no . 
Jan F. Chadima 69dd72
+This option applies to protocol version 1 only. 
Jan F. Chadima 69dd72
 .It Cm StrictModes
Jan F. Chadima 69dd72
 Specifies whether
Jan F. Chadima 69dd72
 .Xr sshd 8
Petr Lautrbach d9e618
diff -up openssh-5.9p1/sshd.c.vendor openssh-5.9p1/sshd.c
Petr Lautrbach d9e618
--- openssh-5.9p1/sshd.c.vendor	2012-02-06 17:35:37.485230832 +0100
Petr Lautrbach d9e618
+++ openssh-5.9p1/sshd.c	2012-02-06 17:35:37.513225808 +0100
Petr Lautrbach d9e618
@@ -431,7 +431,7 @@ sshd_exchange_identification(int sock_in
Petr Lautrbach d9e618
 		minor = PROTOCOL_MINOR_1;
Petr Lautrbach d9e618
 	}
Petr Lautrbach d9e618
 	snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s", major, minor,
Petr Lautrbach d9e618
-	    SSH_VERSION, newline);
Petr Lautrbach d9e618
+	   (options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_VERSION, newline);
Petr Lautrbach d9e618
 	server_version_string = xstrdup(buf);
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 	/* Send our protocol version identification. */
Petr Lautrbach d9e618
@@ -1634,7 +1634,8 @@ main(int ac, char **av)
Petr Lautrbach d9e618
 		exit(1);
Petr Lautrbach d9e618
 	}
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
-	debug("sshd version %.100s", SSH_RELEASE);
Petr Lautrbach d9e618
+	debug("sshd version %.100s",
Petr Lautrbach d9e618
+	      (options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_RELEASE);
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 	/* Store privilege separation user for later use if required. */
Petr Lautrbach d9e618
 	if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {