Report DebianBanner setting in "sshd -G/-T" output

Thanks, Rasmus Villemoes. Closes: #1053555
author: Colin Watson <cjwatson@debian.org> 2023-11-23 17:15:05 +0000
committer: Colin Watson <cjwatson@debian.org> 2023-11-23 17:15:05 +0000
commit: 7cc9efcd2d63ab30ae74983f471e16a7bdb5201d (patch)
tree: cbeac5200dcac636a6e6ee054b4633f11184ded4
parent: f541f94af16ea68c9a09501c221cd935455cb95d (diff)
parent: f3fe3c9a0addd5891e7e2153360f6cbbf8b7f11d (diff)
18 files changed, 39 insertions, 28 deletions
diff --git a/debian/.git-dpm b/debian/.git-dpm
index f0117a1c5..9feff7105 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,6 +1,6 @@
 # see git-dpm(1) from git-dpm package
-bb22a42a9113c67c028ff3610a2f280110e35635
-bb22a42a9113c67c028ff3610a2f280110e35635
+f3fe3c9a0addd5891e7e2153360f6cbbf8b7f11d
+f3fe3c9a0addd5891e7e2153360f6cbbf8b7f11d
 170fbc0d96720baaf781dbf3db22bd896def4bbe
 170fbc0d96720baaf781dbf3db22bd896def4bbe
 openssh_9.5p1.orig.tar.gz
diff --git a/debian/changelog b/debian/changelog
index c07f2e201..7ef8c2644 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -39,6 +39,8 @@ openssh (1:9.5p1-1) UNRELEASED; urgency=medium
     - ssh(1): fix regression in OpenSSH 9.4 (mux.c r1.99) that caused
       multiplexed sessions to ignore SIGINT under some circumstances.
   * Build-depend on dh-sequence-movetousr.
+  * Report DebianBanner setting in "sshd -G/-T" output (thanks, Rasmus
+    Villemoes; closes: #1053555).
 
  -- Colin Watson <cjwatson@debian.org>  Thu, 05 Oct 2023 10:42:39 +0100
 
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch
index 2d3bfc368..1f46860e9 100644
--- a/debian/patches/authorized-keys-man-symlink.patch
+++ b/debian/patches/authorized-keys-man-symlink.patch
@@ -1,4 +1,4 @@
-From 24073b6c3ef7b86bb0437148b4ce8ef13ea97c0b Mon Sep 17 00:00:00 2001
+From a3d3a562eeff647f23ef5ce7714bfd39ec23f4f9 Mon Sep 17 00:00:00 2001
 From: Tomas Pospisek <tpo_deb@sourcepole.ch>
 Date: Sun, 9 Feb 2014 16:10:07 +0000
 Subject: Install authorized_keys(5) as a symlink to sshd(8)
diff --git a/debian/patches/conch-ssh-rsa.patch b/debian/patches/conch-ssh-rsa.patch
index 9b6b2d414..519de5b33 100644
--- a/debian/patches/conch-ssh-rsa.patch
+++ b/debian/patches/conch-ssh-rsa.patch
@@ -1,4 +1,4 @@
-From 7e525133be5c7643ceb5a01c9254a89f17c2ecab Mon Sep 17 00:00:00 2001
+From 5d40c11cc50dd9c8b7863b297ed6bf5d4b377e22 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Tue, 15 Feb 2022 18:25:35 +0000
 Subject: Work around RSA SHA-2 signature issues in conch
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index b6475daff..2189cb3f7 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -1,4 +1,4 @@
-From 2660ad359cb567d470cef661f4e904dc7f4b7cd6 Mon Sep 17 00:00:00 2001
+From aeb069fb60df77517e5cd5196eeaa080bf1e5ce5 Mon Sep 17 00:00:00 2001
 From: Kees Cook <kees@debian.org>
 Date: Sun, 9 Feb 2014 16:10:06 +0000
 Subject: Add DebianBanner server configuration option
@@ -8,18 +8,18 @@ initial protocol handshake, for those scared by package-versioning.patch.
 
 Bug-Debian: http://bugs.debian.org/562048
 Forwarded: not-needed
-Last-Update: 2023-01-02
+Last-Update: 2023-11-23
 
 Patch-Name: debian-banner.patch
 ---
- kex.c         | 5 +++--
- kex.h         | 2 +-
- servconf.c    | 9 +++++++++
- servconf.h    | 2 ++
- sshconnect.c  | 2 +-
- sshd.c        | 2 +-
- sshd_config.5 | 5 +++++
- 7 files changed, 22 insertions(+), 5 deletions(-)
+ kex.c         |  5 +++--
+ kex.h         |  2 +-
+ servconf.c    | 10 ++++++++++
+ servconf.h    |  2 ++
+ sshconnect.c  |  2 +-
+ sshd.c        |  2 +-
+ sshd_config.5 |  5 +++++
+ 7 files changed, 23 insertions(+), 5 deletions(-)
 
 diff --git a/kex.c b/kex.c
 index 284742c68..0c140685b 100644
@@ -58,7 +58,7 @@ index e27855ede..935faeb0c 100644
  struct kex *kex_new(void);
  int	 kex_ready(struct ssh *, char *[PROPOSAL_MAX]);
 diff --git a/servconf.c b/servconf.c
-index 8de1ba5be..3a282873a 100644
+index 8de1ba5be..d79435500 100644
 --- a/servconf.c
 +++ b/servconf.c
 @@ -201,6 +201,7 @@ initialize_server_options(ServerOptions *options)
@@ -105,6 +105,14 @@ index 8de1ba5be..3a282873a 100644
  	case sDeprecated:
  	case sIgnore:
  	case sUnsupported:
+@@ -3163,6 +3172,7 @@ dump_config(ServerOptions *o)
+ 	dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink);
+ 	dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash);
+ 	dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info);
++	dump_cfg_fmtint(sDebianBanner, o->debian_banner);
+ 
+ 	/* string arguments */
+ 	dump_cfg_string(sPidFile, o->pid_file);
 diff --git a/servconf.h b/servconf.h
 index 2ce4ae0ad..e0c0af903 100644
 --- a/servconf.h
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index 3801c4638..3aff41a5b 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -1,4 +1,4 @@
-From a20211755ed4ea2e00903089e7bb4cce7fd4b477 Mon Sep 17 00:00:00 2001
+From b64ae82ca4312ff1cfb909354ff351509ff6ee5e Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:18 +0000
 Subject: Various Debian-specific configuration changes
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch
index 448090819..1547aed1b 100644
--- a/debian/patches/doc-hash-tab-completion.patch
+++ b/debian/patches/doc-hash-tab-completion.patch
@@ -1,4 +1,4 @@
-From 5b7424ae6fd47f1bfbc01c19b62b17c71493affd Mon Sep 17 00:00:00 2001
+From d64483eb95c03d94ded26b5be77bda843202a844 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:11 +0000
 Subject: Document that HashKnownHosts may break tab-completion
diff --git a/debian/patches/gnome-ssh-askpass2-icon.patch b/debian/patches/gnome-ssh-askpass2-icon.patch
index fe77257b2..fc1013916 100644
--- a/debian/patches/gnome-ssh-askpass2-icon.patch
+++ b/debian/patches/gnome-ssh-askpass2-icon.patch
@@ -1,4 +1,4 @@
-From 3de546b3775ddb527e9f793d8d0b982bed49b6a5 Mon Sep 17 00:00:00 2001
+From 9d14ff053c26668fbcdc4e53c283e33b01e2132a Mon Sep 17 00:00:00 2001
 From: Vincent Untz <vuntz@ubuntu.com>
 Date: Sun, 9 Feb 2014 16:10:16 +0000
 Subject: Give the ssh-askpass-gnome window a default icon
diff --git a/debian/patches/maxhostnamelen.patch b/debian/patches/maxhostnamelen.patch
index 55abe3425..d10570b71 100644
--- a/debian/patches/maxhostnamelen.patch
+++ b/debian/patches/maxhostnamelen.patch
@@ -1,4 +1,4 @@
-From 0ab4ba64b5b519dc4c62b3f71a5fc86296846dc3 Mon Sep 17 00:00:00 2001
+From 11081f46aae4f8f98165fe6c08fd99a8362a6193 Mon Sep 17 00:00:00 2001
 From: Svante Signell <svante.signell@gmail.com>
 Date: Fri, 5 Nov 2021 23:22:53 +0000
 Subject: Define MAXHOSTNAMELEN on GNU/Hurd
diff --git a/debian/patches/no-openssl-version-status.patch b/debian/patches/no-openssl-version-status.patch
index d32d022c6..dad4f83e2 100644
--- a/debian/patches/no-openssl-version-status.patch
+++ b/debian/patches/no-openssl-version-status.patch
@@ -1,4 +1,4 @@
-From 895b2d8195c672366957ff72c033301e45e8de0b Mon Sep 17 00:00:00 2001
+From c70900cb267ee8712db79b7956440ea6dca2453d Mon Sep 17 00:00:00 2001
 From: Kurt Roeckx <kurt@roeckx.be>
 Date: Sun, 9 Feb 2014 16:10:14 +0000
 Subject: Don't check the status field of the OpenSSL version
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch
index f58f69f09..f603953b6 100644
--- a/debian/patches/openbsd-docs.patch
+++ b/debian/patches/openbsd-docs.patch
@@ -1,4 +1,4 @@
-From 8831046338e096d941ae121eae40e25694a0fbe4 Mon Sep 17 00:00:00 2001
+From 435a62c9b7c4295fdc42415d740c956a083af16e Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:09 +0000
 Subject: Adjust various OpenBSD-specific references in manual pages
diff --git a/debian/patches/restore-authorized_keys2.patch b/debian/patches/restore-authorized_keys2.patch
index 672faa45d..7c5b64000 100644
--- a/debian/patches/restore-authorized_keys2.patch
+++ b/debian/patches/restore-authorized_keys2.patch
@@ -1,4 +1,4 @@
-From ff685b7a3d7da3549d910bcf2215fcc0a2f42f78 Mon Sep 17 00:00:00 2001
+From 3f9060a4361f207c5fc2446d347c046b2bc6d179 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 5 Mar 2017 02:02:11 +0000
 Subject: Restore reading authorized_keys2 by default
diff --git a/debian/patches/revert-ipqos-defaults.patch b/debian/patches/revert-ipqos-defaults.patch
index 033c03853..75739d2e1 100644
--- a/debian/patches/revert-ipqos-defaults.patch
+++ b/debian/patches/revert-ipqos-defaults.patch
@@ -1,4 +1,4 @@
-From a7d92f4b5bcca4cce584dabdbc36d369aa754a97 Mon Sep 17 00:00:00 2001
+From 138905777f5a042d69bdb0681c8b21c3c603fd48 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Mon, 8 Apr 2019 10:46:29 +0100
 Subject: Revert "upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP
@@ -40,7 +40,7 @@ index dedc113fb..fbd605677 100644
  		options->request_tty = REQUEST_TTY_AUTO;
  	if (options->session_type == -1)
 diff --git a/servconf.c b/servconf.c
-index 3a282873a..d15813e86 100644
+index d79435500..27acc7081 100644
 --- a/servconf.c
 +++ b/servconf.c
 @@ -439,9 +439,9 @@ fill_default_server_options(ServerOptions *options)
diff --git a/debian/patches/ssh-agent-setgid.patch b/debian/patches/ssh-agent-setgid.patch
index 2a5f62bf1..69d1d842a 100644
--- a/debian/patches/ssh-agent-setgid.patch
+++ b/debian/patches/ssh-agent-setgid.patch
@@ -1,4 +1,4 @@
-From 49b85e01ef2a359ce95b1508b2674e7b4051c642 Mon Sep 17 00:00:00 2001
+From bc60f9ae51fcb8f2757a3608bfe7930cd43b0423 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:13 +0000
 Subject: Document consequences of ssh-agent being setgid in ssh-agent(1)
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch
index 204571f97..5214dd9e4 100644
--- a/debian/patches/ssh-argv0.patch
+++ b/debian/patches/ssh-argv0.patch
@@ -1,4 +1,4 @@
-From c8e5ffb107bc047f0333f16e6adb74bae2c93a27 Mon Sep 17 00:00:00 2001
+From aae6c3c485de5b04b268fdc0f2c10451f123a299 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:10:10 +0000
 Subject: ssh(1): Refer to ssh-argv0(1)
diff --git a/debian/patches/systemd-readiness.patch b/debian/patches/systemd-readiness.patch
index 7f3cacf7c..3b1910bf2 100644
--- a/debian/patches/systemd-readiness.patch
+++ b/debian/patches/systemd-readiness.patch
@@ -1,4 +1,4 @@
-From 21dc953bdaf3353e46a4d34642af52e4366f0c5f Mon Sep 17 00:00:00 2001
+From 9f398a371cb6e9e5ce3475187d1712e6cdeab0f8 Mon Sep 17 00:00:00 2001
 From: Michael Biebl <biebl@debian.org>
 Date: Mon, 21 Dec 2015 16:08:47 +0000
 Subject: Add systemd readiness notification support
diff --git a/debian/patches/systemd-socket-activation.patch b/debian/patches/systemd-socket-activation.patch
index 95fce5235..5c1a0c1e4 100644
--- a/debian/patches/systemd-socket-activation.patch
+++ b/debian/patches/systemd-socket-activation.patch
@@ -1,4 +1,4 @@
-From bb22a42a9113c67c028ff3610a2f280110e35635 Mon Sep 17 00:00:00 2001
+From f3fe3c9a0addd5891e7e2153360f6cbbf8b7f11d Mon Sep 17 00:00:00 2001
 From: Steve Langasek <steve.langasek@ubuntu.com>
 Date: Thu, 1 Sep 2022 16:03:37 +0100
 Subject: Support systemd socket activation
diff --git a/servconf.c b/servconf.c
index d15813e86..27acc7081 100644
--- a/servconf.c
+++ b/servconf.c
@@ -3172,6 +3172,7 @@ dump_config(ServerOptions *o)
 	dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink);
 	dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash);
 	dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info);
+	dump_cfg_fmtint(sDebianBanner, o->debian_banner);
 
 	/* string arguments */
 	dump_cfg_string(sPidFile, o->pid_file);
author	Colin Watson <cjwatson@debian.org>	2023-11-23 17:15:05 +0000
committer	Colin Watson <cjwatson@debian.org>	2023-11-23 17:15:05 +0000
commit	7cc9efcd2d63ab30ae74983f471e16a7bdb5201d (patch)
tree	cbeac5200dcac636a6e6ee054b4633f11184ded4
parent	f541f94af16ea68c9a09501c221cd935455cb95d (diff)
parent	f3fe3c9a0addd5891e7e2153360f6cbbf8b7f11d (diff)