diff options
author | Colin Watson <cjwatson@debian.org> | 2023-11-23 17:15:05 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2023-11-23 17:15:05 +0000 |
commit | 7cc9efcd2d63ab30ae74983f471e16a7bdb5201d (patch) | |
tree | cbeac5200dcac636a6e6ee054b4633f11184ded4 | |
parent | f541f94af16ea68c9a09501c221cd935455cb95d (diff) | |
parent | f3fe3c9a0addd5891e7e2153360f6cbbf8b7f11d (diff) |
Report DebianBanner setting in "sshd -G/-T" output
Thanks, Rasmus Villemoes.
Closes: #1053555
-rw-r--r-- | debian/.git-dpm | 4 | ||||
-rw-r--r-- | debian/changelog | 2 | ||||
-rw-r--r-- | debian/patches/authorized-keys-man-symlink.patch | 2 | ||||
-rw-r--r-- | debian/patches/conch-ssh-rsa.patch | 2 | ||||
-rw-r--r-- | debian/patches/debian-banner.patch | 30 | ||||
-rw-r--r-- | debian/patches/debian-config.patch | 2 | ||||
-rw-r--r-- | debian/patches/doc-hash-tab-completion.patch | 2 | ||||
-rw-r--r-- | debian/patches/gnome-ssh-askpass2-icon.patch | 2 | ||||
-rw-r--r-- | debian/patches/maxhostnamelen.patch | 2 | ||||
-rw-r--r-- | debian/patches/no-openssl-version-status.patch | 2 | ||||
-rw-r--r-- | debian/patches/openbsd-docs.patch | 2 | ||||
-rw-r--r-- | debian/patches/restore-authorized_keys2.patch | 2 | ||||
-rw-r--r-- | debian/patches/revert-ipqos-defaults.patch | 4 | ||||
-rw-r--r-- | debian/patches/ssh-agent-setgid.patch | 2 | ||||
-rw-r--r-- | debian/patches/ssh-argv0.patch | 2 | ||||
-rw-r--r-- | debian/patches/systemd-readiness.patch | 2 | ||||
-rw-r--r-- | debian/patches/systemd-socket-activation.patch | 2 | ||||
-rw-r--r-- | servconf.c | 1 |
18 files changed, 39 insertions, 28 deletions
diff --git a/debian/.git-dpm b/debian/.git-dpm index f0117a1c5..9feff7105 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm @@ -1,6 +1,6 @@ # see git-dpm(1) from git-dpm package -bb22a42a9113c67c028ff3610a2f280110e35635 -bb22a42a9113c67c028ff3610a2f280110e35635 +f3fe3c9a0addd5891e7e2153360f6cbbf8b7f11d +f3fe3c9a0addd5891e7e2153360f6cbbf8b7f11d 170fbc0d96720baaf781dbf3db22bd896def4bbe 170fbc0d96720baaf781dbf3db22bd896def4bbe openssh_9.5p1.orig.tar.gz diff --git a/debian/changelog b/debian/changelog index c07f2e201..7ef8c2644 100644 --- a/debian/changelog +++ b/debian/changelog @@ -39,6 +39,8 @@ openssh (1:9.5p1-1) UNRELEASED; urgency=medium - ssh(1): fix regression in OpenSSH 9.4 (mux.c r1.99) that caused multiplexed sessions to ignore SIGINT under some circumstances. * Build-depend on dh-sequence-movetousr. + * Report DebianBanner setting in "sshd -G/-T" output (thanks, Rasmus + Villemoes; closes: #1053555). -- Colin Watson <cjwatson@debian.org> Thu, 05 Oct 2023 10:42:39 +0100 diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch index 2d3bfc368..1f46860e9 100644 --- a/debian/patches/authorized-keys-man-symlink.patch +++ b/debian/patches/authorized-keys-man-symlink.patch @@ -1,4 +1,4 @@ -From 24073b6c3ef7b86bb0437148b4ce8ef13ea97c0b Mon Sep 17 00:00:00 2001 +From a3d3a562eeff647f23ef5ce7714bfd39ec23f4f9 Mon Sep 17 00:00:00 2001 From: Tomas Pospisek <tpo_deb@sourcepole.ch> Date: Sun, 9 Feb 2014 16:10:07 +0000 Subject: Install authorized_keys(5) as a symlink to sshd(8) diff --git a/debian/patches/conch-ssh-rsa.patch b/debian/patches/conch-ssh-rsa.patch index 9b6b2d414..519de5b33 100644 --- a/debian/patches/conch-ssh-rsa.patch +++ b/debian/patches/conch-ssh-rsa.patch @@ -1,4 +1,4 @@ -From 7e525133be5c7643ceb5a01c9254a89f17c2ecab Mon Sep 17 00:00:00 2001 +From 5d40c11cc50dd9c8b7863b297ed6bf5d4b377e22 Mon Sep 17 00:00:00 2001 From: Colin Watson <cjwatson@debian.org> Date: Tue, 15 Feb 2022 18:25:35 +0000 Subject: Work around RSA SHA-2 signature issues in conch diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch index b6475daff..2189cb3f7 100644 --- a/debian/patches/debian-banner.patch +++ b/debian/patches/debian-banner.patch @@ -1,4 +1,4 @@ -From 2660ad359cb567d470cef661f4e904dc7f4b7cd6 Mon Sep 17 00:00:00 2001 +From aeb069fb60df77517e5cd5196eeaa080bf1e5ce5 Mon Sep 17 00:00:00 2001 From: Kees Cook <kees@debian.org> Date: Sun, 9 Feb 2014 16:10:06 +0000 Subject: Add DebianBanner server configuration option @@ -8,18 +8,18 @@ initial protocol handshake, for those scared by package-versioning.patch. Bug-Debian: http://bugs.debian.org/562048 Forwarded: not-needed -Last-Update: 2023-01-02 +Last-Update: 2023-11-23 Patch-Name: debian-banner.patch --- - kex.c | 5 +++-- - kex.h | 2 +- - servconf.c | 9 +++++++++ - servconf.h | 2 ++ - sshconnect.c | 2 +- - sshd.c | 2 +- - sshd_config.5 | 5 +++++ - 7 files changed, 22 insertions(+), 5 deletions(-) + kex.c | 5 +++-- + kex.h | 2 +- + servconf.c | 10 ++++++++++ + servconf.h | 2 ++ + sshconnect.c | 2 +- + sshd.c | 2 +- + sshd_config.5 | 5 +++++ + 7 files changed, 23 insertions(+), 5 deletions(-) diff --git a/kex.c b/kex.c index 284742c68..0c140685b 100644 @@ -58,7 +58,7 @@ index e27855ede..935faeb0c 100644 struct kex *kex_new(void); int kex_ready(struct ssh *, char *[PROPOSAL_MAX]); diff --git a/servconf.c b/servconf.c -index 8de1ba5be..3a282873a 100644 +index 8de1ba5be..d79435500 100644 --- a/servconf.c +++ b/servconf.c @@ -201,6 +201,7 @@ initialize_server_options(ServerOptions *options) @@ -105,6 +105,14 @@ index 8de1ba5be..3a282873a 100644 case sDeprecated: case sIgnore: case sUnsupported: +@@ -3163,6 +3172,7 @@ dump_config(ServerOptions *o) + dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); + dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); + dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); ++ dump_cfg_fmtint(sDebianBanner, o->debian_banner); + + /* string arguments */ + dump_cfg_string(sPidFile, o->pid_file); diff --git a/servconf.h b/servconf.h index 2ce4ae0ad..e0c0af903 100644 --- a/servconf.h diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch index 3801c4638..3aff41a5b 100644 --- a/debian/patches/debian-config.patch +++ b/debian/patches/debian-config.patch @@ -1,4 +1,4 @@ -From a20211755ed4ea2e00903089e7bb4cce7fd4b477 Mon Sep 17 00:00:00 2001 +From b64ae82ca4312ff1cfb909354ff351509ff6ee5e Mon Sep 17 00:00:00 2001 From: Colin Watson <cjwatson@debian.org> Date: Sun, 9 Feb 2014 16:10:18 +0000 Subject: Various Debian-specific configuration changes diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch index 448090819..1547aed1b 100644 --- a/debian/patches/doc-hash-tab-completion.patch +++ b/debian/patches/doc-hash-tab-completion.patch @@ -1,4 +1,4 @@ -From 5b7424ae6fd47f1bfbc01c19b62b17c71493affd Mon Sep 17 00:00:00 2001 +From d64483eb95c03d94ded26b5be77bda843202a844 Mon Sep 17 00:00:00 2001 From: Colin Watson <cjwatson@debian.org> Date: Sun, 9 Feb 2014 16:10:11 +0000 Subject: Document that HashKnownHosts may break tab-completion diff --git a/debian/patches/gnome-ssh-askpass2-icon.patch b/debian/patches/gnome-ssh-askpass2-icon.patch index fe77257b2..fc1013916 100644 --- a/debian/patches/gnome-ssh-askpass2-icon.patch +++ b/debian/patches/gnome-ssh-askpass2-icon.patch @@ -1,4 +1,4 @@ -From 3de546b3775ddb527e9f793d8d0b982bed49b6a5 Mon Sep 17 00:00:00 2001 +From 9d14ff053c26668fbcdc4e53c283e33b01e2132a Mon Sep 17 00:00:00 2001 From: Vincent Untz <vuntz@ubuntu.com> Date: Sun, 9 Feb 2014 16:10:16 +0000 Subject: Give the ssh-askpass-gnome window a default icon diff --git a/debian/patches/maxhostnamelen.patch b/debian/patches/maxhostnamelen.patch index 55abe3425..d10570b71 100644 --- a/debian/patches/maxhostnamelen.patch +++ b/debian/patches/maxhostnamelen.patch @@ -1,4 +1,4 @@ -From 0ab4ba64b5b519dc4c62b3f71a5fc86296846dc3 Mon Sep 17 00:00:00 2001 +From 11081f46aae4f8f98165fe6c08fd99a8362a6193 Mon Sep 17 00:00:00 2001 From: Svante Signell <svante.signell@gmail.com> Date: Fri, 5 Nov 2021 23:22:53 +0000 Subject: Define MAXHOSTNAMELEN on GNU/Hurd diff --git a/debian/patches/no-openssl-version-status.patch b/debian/patches/no-openssl-version-status.patch index d32d022c6..dad4f83e2 100644 --- a/debian/patches/no-openssl-version-status.patch +++ b/debian/patches/no-openssl-version-status.patch @@ -1,4 +1,4 @@ -From 895b2d8195c672366957ff72c033301e45e8de0b Mon Sep 17 00:00:00 2001 +From c70900cb267ee8712db79b7956440ea6dca2453d Mon Sep 17 00:00:00 2001 From: Kurt Roeckx <kurt@roeckx.be> Date: Sun, 9 Feb 2014 16:10:14 +0000 Subject: Don't check the status field of the OpenSSL version diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch index f58f69f09..f603953b6 100644 --- a/debian/patches/openbsd-docs.patch +++ b/debian/patches/openbsd-docs.patch @@ -1,4 +1,4 @@ -From 8831046338e096d941ae121eae40e25694a0fbe4 Mon Sep 17 00:00:00 2001 +From 435a62c9b7c4295fdc42415d740c956a083af16e Mon Sep 17 00:00:00 2001 From: Colin Watson <cjwatson@debian.org> Date: Sun, 9 Feb 2014 16:10:09 +0000 Subject: Adjust various OpenBSD-specific references in manual pages diff --git a/debian/patches/restore-authorized_keys2.patch b/debian/patches/restore-authorized_keys2.patch index 672faa45d..7c5b64000 100644 --- a/debian/patches/restore-authorized_keys2.patch +++ b/debian/patches/restore-authorized_keys2.patch @@ -1,4 +1,4 @@ -From ff685b7a3d7da3549d910bcf2215fcc0a2f42f78 Mon Sep 17 00:00:00 2001 +From 3f9060a4361f207c5fc2446d347c046b2bc6d179 Mon Sep 17 00:00:00 2001 From: Colin Watson <cjwatson@debian.org> Date: Sun, 5 Mar 2017 02:02:11 +0000 Subject: Restore reading authorized_keys2 by default diff --git a/debian/patches/revert-ipqos-defaults.patch b/debian/patches/revert-ipqos-defaults.patch index 033c03853..75739d2e1 100644 --- a/debian/patches/revert-ipqos-defaults.patch +++ b/debian/patches/revert-ipqos-defaults.patch @@ -1,4 +1,4 @@ -From a7d92f4b5bcca4cce584dabdbc36d369aa754a97 Mon Sep 17 00:00:00 2001 +From 138905777f5a042d69bdb0681c8b21c3c603fd48 Mon Sep 17 00:00:00 2001 From: Colin Watson <cjwatson@debian.org> Date: Mon, 8 Apr 2019 10:46:29 +0100 Subject: Revert "upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP @@ -40,7 +40,7 @@ index dedc113fb..fbd605677 100644 options->request_tty = REQUEST_TTY_AUTO; if (options->session_type == -1) diff --git a/servconf.c b/servconf.c -index 3a282873a..d15813e86 100644 +index d79435500..27acc7081 100644 --- a/servconf.c +++ b/servconf.c @@ -439,9 +439,9 @@ fill_default_server_options(ServerOptions *options) diff --git a/debian/patches/ssh-agent-setgid.patch b/debian/patches/ssh-agent-setgid.patch index 2a5f62bf1..69d1d842a 100644 --- a/debian/patches/ssh-agent-setgid.patch +++ b/debian/patches/ssh-agent-setgid.patch @@ -1,4 +1,4 @@ -From 49b85e01ef2a359ce95b1508b2674e7b4051c642 Mon Sep 17 00:00:00 2001 +From bc60f9ae51fcb8f2757a3608bfe7930cd43b0423 Mon Sep 17 00:00:00 2001 From: Colin Watson <cjwatson@debian.org> Date: Sun, 9 Feb 2014 16:10:13 +0000 Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch index 204571f97..5214dd9e4 100644 --- a/debian/patches/ssh-argv0.patch +++ b/debian/patches/ssh-argv0.patch @@ -1,4 +1,4 @@ -From c8e5ffb107bc047f0333f16e6adb74bae2c93a27 Mon Sep 17 00:00:00 2001 +From aae6c3c485de5b04b268fdc0f2c10451f123a299 Mon Sep 17 00:00:00 2001 From: Colin Watson <cjwatson@debian.org> Date: Sun, 9 Feb 2014 16:10:10 +0000 Subject: ssh(1): Refer to ssh-argv0(1) diff --git a/debian/patches/systemd-readiness.patch b/debian/patches/systemd-readiness.patch index 7f3cacf7c..3b1910bf2 100644 --- a/debian/patches/systemd-readiness.patch +++ b/debian/patches/systemd-readiness.patch @@ -1,4 +1,4 @@ -From 21dc953bdaf3353e46a4d34642af52e4366f0c5f Mon Sep 17 00:00:00 2001 +From 9f398a371cb6e9e5ce3475187d1712e6cdeab0f8 Mon Sep 17 00:00:00 2001 From: Michael Biebl <biebl@debian.org> Date: Mon, 21 Dec 2015 16:08:47 +0000 Subject: Add systemd readiness notification support diff --git a/debian/patches/systemd-socket-activation.patch b/debian/patches/systemd-socket-activation.patch index 95fce5235..5c1a0c1e4 100644 --- a/debian/patches/systemd-socket-activation.patch +++ b/debian/patches/systemd-socket-activation.patch @@ -1,4 +1,4 @@ -From bb22a42a9113c67c028ff3610a2f280110e35635 Mon Sep 17 00:00:00 2001 +From f3fe3c9a0addd5891e7e2153360f6cbbf8b7f11d Mon Sep 17 00:00:00 2001 From: Steve Langasek <steve.langasek@ubuntu.com> Date: Thu, 1 Sep 2022 16:03:37 +0100 Subject: Support systemd socket activation diff --git a/servconf.c b/servconf.c index d15813e86..27acc7081 100644 --- a/servconf.c +++ b/servconf.c @@ -3172,6 +3172,7 @@ dump_config(ServerOptions *o) dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash); dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info); + dump_cfg_fmtint(sDebianBanner, o->debian_banner); /* string arguments */ dump_cfg_string(sPidFile, o->pid_file); |