openssh bugs - Jul 2003 - [Bug 610] sshd should display the openssl version string from usage()

http://bugzilla.mindrot.org/show_bug.cgi?id=610

           Summary: sshd should display the openssl version string from
                    usage()
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: mindrot at ee.lbl.gov


It would be nice if "ssh -\?" reported the openssl version string.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=610





------- Additional Comments From mindrot at ee.lbl.gov  2003-07-01 10:23 -------
Created an attachment (id=349)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=349&action=view)
patch to sshd.c




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=610





------- Additional Comments From mindrot at ee.lbl.gov  2003-07-01 10:25 -------
Created an attachment (id=350)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=350&action=view)
proposed output




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=610





------- Additional Comments From dtucker at zip.com.au  2003-07-01 10:32 -------
Perhaps sshd should understand -V same as ssh?  (Hmm, -V appears to be 
already used by sshd for an undocumented option...)



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=610





------- Additional Comments From mindrot at ee.lbl.gov  2003-07-01 11:32 -------
You're right but notice that -V takes an argument and so if you naively run
"sshd -V" it prints out the usage() message and you still get to see
the version
strings.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=610





------- Additional Comments From dtucker at zip.com.au  2003-07-01 11:47 -------
I'm wondering if the undocumented -V option should be either replaced or 
documented.

It sets the client SSH protocol version from the command line when used with 
inetd but I can't figure out what use that might be.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=610





------- Additional Comments From markus at openbsd.org  2003-07-01 18:11 -------
-V is used by the commercial ssh.com v2 implementation to 
execute a ssh v1 capable server in compatibility mode.

its not supposed to be used by anyone else.

but i think we can remove -V now and implement -V similar to ssh(1).



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=610





------- Additional Comments From dtucker at zip.com.au  2003-07-01 20:12 -------
Created an attachment (id=352)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=352&action=view)
Make sshd's -V like ssh's

Ah, that explains it: the v2 sshd would just exec the v1 sshd with that option
after the first line of input.	I didn't know that OpenSSH's sshd could
be used
that way.

Anyway, attached patch (stolen from ssh.c) looks like this:
$ ./sshd -V
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.6b [engine] 9 Jul 2001



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=610





------- Additional Comments From markus at openbsd.org  2003-07-15 23:24 -------
-V has been removed from sshd.

but no new -V option. ssh -V should be enough.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=610

markus at openbsd.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WONTFIX





------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=610

mindrot at ee.lbl.gov changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|WONTFIX                     |



------- Additional Comments From mindrot at ee.lbl.gov  2003-07-16 03:35 -------
(I'm confused; what does ssh -V have to do with the version of openssl sshd
is
using?)

Note that I did not ask for a -V flag; that was proposed by someone else. What I
asked was that sshd display the openssl version from usage(). It already
displays the openssh version and I think being able to verify the version of
openssl used by sshd is a critical security feature.

Please reconsider the patch I submitted (the first attachment to this bug). All
it does is add the openssl version string to the printout of the openssh
version.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.