diff -ur openssh-3.6.1p2-orig/misc.c openssh-3.6.1p2/misc.c --- openssh-3.6.1p2-orig/misc.c 2004-01-07 09:42:39.000000000 -0800 +++ openssh-3.6.1p2/misc.c 2004-01-07 10:46:44.000000000 -0800 @@ -111,7 +111,8 @@ } /* Characters considered whitespace in strsep calls. */ -#define WHITESPACE " \t\r\n" +#define LINEEND "\r\n" +#define WHITESPACE " \t" LINEEND /* return next token in configuration line */ char * @@ -141,6 +142,30 @@ return (old); } +char * +strlineend(char **s) +{ + char *old; + int wspace = 0; + + if (*s == NULL) + return NULL; + + old = *s; + + *s = strpbrk(*s, LINEEND); + if (*s == NULL) + return (old); + + *s[0] = '\0'; + + *s += strspn(*s + 1, LINEEND) + 1; + if (*s[0] == '=' && !wspace) + *s += strspn(*s + 1, LINEEND) + 1; + + return (old); +} + struct passwd * pwcopy(struct passwd *pw) { diff -ur openssh-3.6.1p2-orig/misc.h openssh-3.6.1p2/misc.h --- openssh-3.6.1p2-orig/misc.h 2002-03-21 18:54:25.000000000 -0800 +++ openssh-3.6.1p2/misc.h 2004-01-07 10:46:58.000000000 -0800 @@ -14,6 +14,7 @@ char *chop(char *); char *strdelim(char **); +char *strlineend(char **); void set_nonblock(int); void unset_nonblock(int); void set_nodelay(int); diff -ur openssh-3.6.1p2-orig/servconf.c openssh-3.6.1p2/servconf.c --- openssh-3.6.1p2-orig/servconf.c 2004-01-07 09:47:44.000000000 -0800 +++ openssh-3.6.1p2/servconf.c 2004-01-07 11:36:47.000000000 -0800 @@ -118,6 +118,10 @@ options->max_startups_rate = -1; options->max_startups = -1; options->banner = NULL; + options->proto_version_minor = -1; + options->proto_version_major = -1; + options->software_version = NULL; + options->version_comments = NULL; options->verify_reverse_mapping = -1; options->client_alive_interval = -1; options->client_alive_count_max = -1; @@ -301,6 +305,8 @@ sBanner, sVerifyReverseMapping, sHostbasedAuthentication, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, + sProtoVersionMinor, sProtoVersionMajor, + sSoftwareVersion, sVersionComments, sUsePrivilegeSeparation, sDeprecated } ServerOpCodes; @@ -380,6 +386,10 @@ { "authorizedkeysfile", sAuthorizedKeysFile }, { "authorizedkeysfile2", sAuthorizedKeysFile2 }, { "useprivilegeseparation", sUsePrivilegeSeparation}, + { "protoversionminor", sProtoVersionMinor}, + { "protoversionmajor", sProtoVersionMajor}, + { "softwareversion", sSoftwareVersion}, + { "versioncomments", sVersionComments}, { NULL, sBadOption } }; @@ -697,6 +707,24 @@ intptr = &options->x11_display_offset; goto parse_int; + case sProtoVersionMajor: + intptr = &options->proto_version_major; + goto parse_int; + + case sProtoVersionMinor: + intptr = &options->proto_version_minor; + goto parse_int; + + case sSoftwareVersion: + arg = strdelim(&cp); + options->software_version = xstrdup(arg); + break; + + case sVersionComments: + arg = strlineend(&cp); + options->version_comments = xstrdup(arg); + break; + case sX11UseLocalhost: intptr = &options->x11_use_localhost; goto parse_flag; diff -ur openssh-3.6.1p2-orig/servconf.h openssh-3.6.1p2/servconf.h --- openssh-3.6.1p2-orig/servconf.h 2002-07-31 18:28:39.000000000 -0700 +++ openssh-3.6.1p2/servconf.h 2004-01-07 10:17:30.000000000 -0800 @@ -114,6 +114,12 @@ char *subsystem_name[MAX_SUBSYSTEMS]; char *subsystem_command[MAX_SUBSYSTEMS]; + /* allow configurable version information overrides */ + int proto_version_major; + int proto_version_minor; + char *software_version; + char *version_comments; + int max_startups_begin; int max_startups_rate; int max_startups; diff -ur openssh-3.6.1p2-orig/sshd.c openssh-3.6.1p2/sshd.c --- openssh-3.6.1p2-orig/sshd.c 2004-01-07 09:42:39.000000000 -0800 +++ openssh-3.6.1p2/sshd.c 2004-01-07 10:16:28.000000000 -0800 @@ -353,6 +353,8 @@ int i, mismatch; int remote_major, remote_minor; int major, minor; + char *software_version=SSH_VERSION; + char *version_comments=NULL; char *s; char buf[256]; /* Must not be larger than remote_version. */ char remote_version[256]; /* Must be at least as big as buf. */ @@ -368,7 +370,22 @@ major = PROTOCOL_MAJOR_1; minor = PROTOCOL_MINOR_1; } - snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", major, minor, SSH_VERSION); + if (options.proto_version_major>=0) { + major = options.proto_version_major; + } + if (options.proto_version_minor>=0) { + minor = options.proto_version_minor; + } + if (options.software_version) { + software_version = options.software_version; + } + if (options.version_comments) { + version_comments = options.version_comments; + } + snprintf(buf, sizeof buf, "SSH-%d.%d-%s%s%s\n", major, minor, + software_version, + version_comments ? " " : "", + version_comments ? version_comments : ""); server_version_string = xstrdup(buf); if (client_version_string == NULL) { diff -ur openssh-3.6.1p2-orig/sshd_config openssh-3.6.1p2/sshd_config --- openssh-3.6.1p2-orig/sshd_config 2002-09-26 20:21:58.000000000 -0700 +++ openssh-3.6.1p2/sshd_config 2004-01-07 10:53:48.000000000 -0800 @@ -91,3 +91,9 @@ # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server + +# override reported version information +#ProtoVersionMajor 1 +#ProtoVersionMinor 99 +#SoftwareVersion 3.6.1p2 +#VersionComments Your friendly neighborhood SSH server diff -ur openssh-3.6.1p2-orig/sshd_config.5 openssh-3.6.1p2/sshd_config.5 --- openssh-3.6.1p2-orig/sshd_config.5 2003-04-01 03:42:14.000000000 -0800 +++ openssh-3.6.1p2/sshd_config.5 2004-01-07 11:05:53.000000000 -0800 @@ -529,6 +529,12 @@ .Dq 2,1 is identical to .Dq 1,2 . +.It Cm ProtoVersionMajor +Specifies the major version claimed in the handshake banner. +The default is the true major version. +.It Cm ProtoVersionMinor +Specifies the minor version claimed in the handshake banner. +The default is the true minor version. .It Cm PubkeyAuthentication Specifies whether public key authentication is allowed. The default is @@ -559,6 +565,9 @@ .It Cm ServerKeyBits Defines the number of bits in the ephemeral protocol version 1 server key. The minimum value is 512, and the default is 768. +.It Cm SoftwareVersion +Specifies the software version claimed in the handshake banner. +The default is the true software version. .It Cm StrictModes Specifies whether .Nm sshd @@ -623,6 +632,9 @@ very same IP address. The default is .Dq no . +.It Cm VersionComments +Specifies the text following the software version in the handshake banner. +The default is empty. .It Cm X11DisplayOffset Specifies the first display number available for .Nm sshd Ns 's