vishalmishra434 / rpms / openssh

Forked from rpms/openssh 3 months ago
Clone
Petr Lautrbach 9fe1af
diff -up openssh-6.1p1/configure.ac.vendor openssh-6.1p1/configure.ac
Petr Lautrbach 9fe1af
--- openssh-6.1p1/configure.ac.vendor	2012-09-14 20:36:49.153085211 +0200
Petr Lautrbach 9fe1af
+++ openssh-6.1p1/configure.ac	2012-09-14 20:36:49.559088133 +0200
Petr Lautrbach 9fe1af
@@ -4303,6 +4303,12 @@ AC_ARG_WITH([lastlog],
Jan F. Chadima 69dd72
 		fi
Jan F. Chadima 69dd72
 	]
Jan F. Chadima 69dd72
 )
Jan F. Chadima 69dd72
+AC_ARG_ENABLE(vendor-patchlevel,
Jan F. Chadima 69dd72
+  [  --enable-vendor-patchlevel=TAG  specify a vendor patch level],
Jan F. Chadima 69dd72
+  [AC_DEFINE_UNQUOTED(SSH_VENDOR_PATCHLEVEL,[SSH_RELEASE "-" "$enableval"],[Define to your vendor patch level, if it has been modified from the upstream source release.])
Jan F. Chadima 69dd72
+   SSH_VENDOR_PATCHLEVEL="$enableval"],
Jan F. Chadima 69dd72
+  [AC_DEFINE(SSH_VENDOR_PATCHLEVEL,SSH_RELEASE,[Define to your vendor patch level, if it has been modified from the upstream source release.])
Jan F. Chadima 69dd72
+   SSH_VENDOR_PATCHLEVEL=none])
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 dnl lastlog, [uw]tmpx? detection
Jan F. Chadima 69dd72
 dnl  NOTE: set the paths in the platform section to avoid the
Petr Lautrbach 9fe1af
@@ -4529,6 +4535,7 @@ echo "           Translate v4 in v6 hack
Jan F. Chadima 69dd72
 echo "                  BSD Auth support: $BSD_AUTH_MSG"
Jan F. Chadima 69dd72
 echo "              Random number source: $RAND_MSG"
Jan F. Chadima 69dd72
 echo "             Privsep sandbox style: $SANDBOX_STYLE"
Jan F. Chadima 69dd72
+echo "                Vendor patch level: $SSH_VENDOR_PATCHLEVEL"
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
 echo ""
Jan F. Chadima 69dd72
 
Petr Lautrbach 9fe1af
diff -up openssh-6.1p1/servconf.c.vendor openssh-6.1p1/servconf.c
Petr Lautrbach 9fe1af
--- openssh-6.1p1/servconf.c.vendor	2012-09-14 20:36:49.124085002 +0200
Petr Lautrbach 9fe1af
+++ openssh-6.1p1/servconf.c	2012-09-14 20:50:34.995972516 +0200
Petr Lautrbach 9fe1af
@@ -128,6 +128,7 @@ initialize_server_options(ServerOptions
Jan F. Chadima 69dd72
 	options->max_authtries = -1;
Jan F. Chadima 69dd72
 	options->max_sessions = -1;
Jan F. Chadima 69dd72
 	options->banner = NULL;
Jan F. Chadima 69dd72
+	options->show_patchlevel = -1;
Jan F. Chadima 69dd72
 	options->use_dns = -1;
Jan F. Chadima 69dd72
 	options->client_alive_interval = -1;
Jan F. Chadima 69dd72
 	options->client_alive_count_max = -1;
Petr Lautrbach 9fe1af
@@ -289,6 +290,9 @@ fill_default_server_options(ServerOption
Jan F. Chadima 69dd72
 		options->ip_qos_bulk = IPTOS_THROUGHPUT;
Petr Lautrbach 9fe1af
 	if (options->version_addendum == NULL)
Petr Lautrbach 9fe1af
 		options->version_addendum = xstrdup("");
Jan F. Chadima 69dd72
+	if (options->show_patchlevel == -1)
Petr Lautrbach 9fe1af
+		options->show_patchlevel = 0;
Petr Lautrbach 9fe1af
+
Jan F. Chadima 69dd72
 	/* Turn privilege separation on by default */
Jan F. Chadima 69dd72
 	if (use_privsep == -1)
Petr Lautrbach 9fe1af
 		use_privsep = PRIVSEP_NOSANDBOX;
Petr Lautrbach 9fe1af
@@ -326,7 +330,7 @@ typedef enum {
Jan F. Chadima 69dd72
 	sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
Jan F. Chadima 69dd72
 	sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
Jan F. Chadima 69dd72
 	sMaxStartups, sMaxAuthTries, sMaxSessions,
Jan F. Chadima 69dd72
-	sBanner, sUseDNS, sHostbasedAuthentication,
Jan F. Chadima 69dd72
+	sBanner, sShowPatchLevel, sUseDNS, sHostbasedAuthentication,
Petr Lautrbach d9e618
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
Petr Lautrbach d9e618
 	sClientAliveCountMax, sAuthorizedKeysFile,
Petr Lautrbach d9e618
 	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
Petr Lautrbach 9fe1af
@@ -441,6 +445,7 @@ static struct {
Jan F. Chadima 69dd72
 	{ "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
Jan F. Chadima 69dd72
 	{ "maxsessions", sMaxSessions, SSHCFG_ALL },
Jan F. Chadima 69dd72
 	{ "banner", sBanner, SSHCFG_ALL },
Jan F. Chadima 69dd72
+	{ "showpatchlevel", sShowPatchLevel, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
 	{ "usedns", sUseDNS, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
 	{ "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
Jan F. Chadima 69dd72
 	{ "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
Petr Lautrbach 9fe1af
@@ -1162,6 +1167,10 @@ process_server_config_line(ServerOptions
Jan F. Chadima 69dd72
 		multistate_ptr = multistate_privsep;
Jan F. Chadima 69dd72
 		goto parse_multistate;
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+	case sShowPatchLevel:
Jan F. Chadima 69dd72
+		intptr = &options->show_patchlevel;
Jan F. Chadima 69dd72
+		goto parse_flag;
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
 	case sAllowUsers:
Jan F. Chadima 69dd72
 		while ((arg = strdelim(&cp)) && *arg != '\0') {
Jan F. Chadima 69dd72
 			if (options->num_allow_users >= MAX_ALLOW_USERS)
Petr Lautrbach 9fe1af
@@ -1956,6 +1965,7 @@ dump_config(ServerOptions *o)
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sUseLogin, o->use_login);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sCompression, o->compression);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
Jan F. Chadima 69dd72
+	dump_cfg_fmtint(sShowPatchLevel, o->show_patchlevel);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sUseDNS, o->use_dns);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
Jan F. Chadima 69dd72
 	dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
Petr Lautrbach 9fe1af
diff -up openssh-6.1p1/servconf.h.vendor openssh-6.1p1/servconf.h
Petr Lautrbach 9fe1af
--- openssh-6.1p1/servconf.h.vendor	2012-09-14 20:36:49.125085009 +0200
Petr Lautrbach 9fe1af
+++ openssh-6.1p1/servconf.h	2012-09-14 20:36:49.564088168 +0200
Petr Lautrbach d9e618
@@ -140,6 +140,7 @@ typedef struct {
Jan F. Chadima 69dd72
 	int	max_authtries;
Jan F. Chadima 69dd72
 	int	max_sessions;
Jan F. Chadima 69dd72
 	char   *banner;			/* SSH-2 banner message */
Jan F. Chadima 69dd72
+	int	show_patchlevel;	/* Show vendor patch level to clients */
Jan F. Chadima 69dd72
 	int	use_dns;
Jan F. Chadima 69dd72
 	int	client_alive_interval;	/*
Jan F. Chadima 69dd72
 					 * poke the client this often to
Petr Lautrbach 9fe1af
diff -up openssh-6.1p1/sshd_config.vendor openssh-6.1p1/sshd_config
Petr Lautrbach 9fe1af
--- openssh-6.1p1/sshd_config.vendor	2012-09-14 20:36:49.507087759 +0200
Petr Lautrbach 9fe1af
+++ openssh-6.1p1/sshd_config	2012-09-14 20:36:49.565088175 +0200
Petr Lautrbach 9fe1af
@@ -114,6 +114,7 @@ UsePrivilegeSeparation sandbox		# Defaul
Petr Lautrbach d9e618
 #Compression delayed
Petr Lautrbach d9e618
 #ClientAliveInterval 0
Petr Lautrbach d9e618
 #ClientAliveCountMax 3
Petr Lautrbach d9e618
+#ShowPatchLevel no
Petr Lautrbach d9e618
 #UseDNS yes
Petr Lautrbach d9e618
 #PidFile /var/run/sshd.pid
Petr Lautrbach d9e618
 #MaxStartups 10
Petr Lautrbach 9fe1af
diff -up openssh-6.1p1/sshd_config.0.vendor openssh-6.1p1/sshd_config.0
Petr Lautrbach 9fe1af
--- openssh-6.1p1/sshd_config.0.vendor	2012-09-14 20:36:49.510087780 +0200
Petr Lautrbach 9fe1af
+++ openssh-6.1p1/sshd_config.0	2012-09-14 20:36:49.567088190 +0200
Petr Lautrbach 9fe1af
@@ -558,6 +558,11 @@ DESCRIPTION
Jan F. Chadima 69dd72
              Defines the number of bits in the ephemeral protocol version 1
Jan F. Chadima 69dd72
              server key.  The minimum value is 512, and the default is 1024.
Jan F. Chadima 69dd72
 
Jan F. Chadima 69dd72
+     ShowPatchLevel
Jan F. Chadima 69dd72
+	     Specifies whether sshd will display the specific patch level of
Jan F. Chadima 69dd72
+	     the binary in the server identification string.  The patch level
Jan F. Chadima 69dd72
+	     is set at compile-time.  The default is M-bM-^@M-^\noM-bM-^@M-^].
Jan F. Chadima 69dd72
+
Jan F. Chadima 69dd72
      StrictModes
Jan F. Chadima 69dd72
              Specifies whether sshd(8) should check file modes and ownership
Jan F. Chadima 69dd72
              of the user's files and home directory before accepting login.
Petr Lautrbach 9fe1af
diff -up openssh-6.1p1/sshd_config.5.vendor openssh-6.1p1/sshd_config.5
Petr Lautrbach 9fe1af
--- openssh-6.1p1/sshd_config.5.vendor	2012-09-14 20:36:49.512087794 +0200
Petr Lautrbach 9fe1af
+++ openssh-6.1p1/sshd_config.5	2012-09-14 20:36:49.568088198 +0200
Petr Lautrbach 9fe1af
@@ -978,6 +978,14 @@ This option applies to protocol version
Jan F. Chadima 69dd72
 .It Cm ServerKeyBits
Jan F. Chadima 69dd72
 Defines the number of bits in the ephemeral protocol version 1 server key.
Jan F. Chadima 69dd72
 The minimum value is 512, and the default is 1024.
Jan F. Chadima 69dd72
+.It Cm ShowPatchLevel 
Jan F. Chadima 69dd72
+Specifies whether 
Jan F. Chadima 69dd72
+.Nm sshd 
Jan F. Chadima 69dd72
+will display the patch level of the binary in the identification string. 
Jan F. Chadima 69dd72
+The patch level is set at compile-time. 
Jan F. Chadima 69dd72
+The default is 
Jan F. Chadima 69dd72
+.Dq no . 
Jan F. Chadima 69dd72
+This option applies to protocol version 1 only. 
Jan F. Chadima 69dd72
 .It Cm StrictModes
Jan F. Chadima 69dd72
 Specifies whether
Jan F. Chadima 69dd72
 .Xr sshd 8
Petr Lautrbach 9fe1af
diff -up openssh-6.1p1/sshd.c.vendor openssh-6.1p1/sshd.c
Petr Lautrbach 9fe1af
--- openssh-6.1p1/sshd.c.vendor	2012-09-14 20:36:49.399086981 +0200
Petr Lautrbach 9fe1af
+++ openssh-6.1p1/sshd.c	2012-09-14 20:47:30.696088744 +0200
Petr Lautrbach 9fe1af
@@ -433,7 +433,7 @@ sshd_exchange_identification(int sock_in
Petr Lautrbach d9e618
 	}
Petr Lautrbach d9e618
 
Petr Lautrbach 9fe1af
 	xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s",
Petr Lautrbach 9fe1af
-	    major, minor, SSH_VERSION,
Petr Lautrbach 9fe1af
+	    major, minor, (options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_VERSION,
Petr Lautrbach 9fe1af
 	    *options.version_addendum == '\0' ? "" : " ",
Petr Lautrbach 9fe1af
 	    options.version_addendum, newline);
Petr Lautrbach 9fe1af
 
Petr Lautrbach 9fe1af
@@ -1635,7 +1635,8 @@ main(int ac, char **av)
Petr Lautrbach d9e618
 		exit(1);
Petr Lautrbach d9e618
 	}
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
-	debug("sshd version %.100s", SSH_RELEASE);
Petr Lautrbach d9e618
+	debug("sshd version %.100s",
Petr Lautrbach d9e618
+	      (options.show_patchlevel == 1) ? SSH_VENDOR_PATCHLEVEL : SSH_RELEASE);
Petr Lautrbach d9e618
 
Petr Lautrbach d9e618
 	/* Store privilege separation user for later use if required. */
Petr Lautrbach d9e618
 	if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {