Bug#652622: openssh-server: Match block should allow PrintMotd and PrintLastlog

[Michael Stummvoll]

Package: openssh-server
Version: 1:5.9p1-2
Severity: normal
Tags: upstream patch

Hi,

PrintMotd and PrintLastlog is not allowed within a Match block.
Due I needed it for me and didn't see any sense to disallow this 
configuration directive, I saw this as a bug and wrote a patch to fix it. 
This bug also affects the upstream release.

Stable release is also affected, the patch should be applicable also there.

(PS: May other configuration directives are also affected by such a senseless
restriction, but I didn't check them all yet and before wasting time with
something like this I want to see if this patch has a chance to come in.)

Greetings,
Michael

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (700, 'testing'), (650, 'unstable'), (600, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.1.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openssh-server depends on:
ii  adduser                3.113           
ii  debconf [debconf-2.0]  1.5.41          
ii  dpkg                   1.16.1.2        
ii  libc6                  2.13-21         
ii  libcomerr2             1.42-1          
ii  libgssapi-krb5-2       1.9.1+dfsg-3    
ii  libkrb5-3              1.9.1+dfsg-3    
ii  libpam-modules         1.1.3-6         
ii  libpam-runtime         1.1.3-6         
ii  libpam0g               1.1.3-6         
ii  libselinux1            2.1.0-4         
ii  libssl1.0.0            1.0.0e-3        
ii  libwrap0               7.6.q-21        
ii  lsb-base               3.2-28          
ii  openssh-client         1:5.9p1-2       
ii  procps                 1:3.2.8-11      
ii  zlib1g                 1:1.2.3.4.dfsg-3

Versions of packages openssh-server recommends:
ii  openssh-blacklist        0.4.1    
ii  openssh-blacklist-extra  0.4.1    
ii  xauth                    1:1.0.6-1

Versions of packages openssh-server suggests:
pn  molly-guard   <none>     
pn  monkeysphere  <none>     
pn  rssh          2.3.3-1    
pn  ssh-askpass   1:1.2.4.1-9
pn  ufw           <none>     

-- Configuration Files:
/etc/pam.d/sshd changed [not included]

-- debconf information excluded

Index: openssh-5.9p1/servconf.c
===================================================================
--- openssh-5.9p1.orig/servconf.c	2011-12-19 11:32:10.644602022 +0100
+++ openssh-5.9p1/servconf.c	2011-12-19 11:32:18.952708519 +0100
@@ -422,8 +422,8 @@
 	{ "checkmail", sDeprecated, SSHCFG_GLOBAL },
 	{ "listenaddress", sListenAddress, SSHCFG_GLOBAL },
 	{ "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
-	{ "printmotd", sPrintMotd, SSHCFG_GLOBAL },
-	{ "printlastlog", sPrintLastLog, SSHCFG_GLOBAL },
+	{ "printmotd", sPrintMotd, SSHCFG_ALL },
+	{ "printlastlog", sPrintLastLog, SSHCFG_ALL },
 	{ "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL },
 	{ "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },
 	{ "x11forwarding", sX11Forwarding, SSHCFG_ALL },
@@ -1547,6 +1547,8 @@
 	M_CP_INTOPT(allow_agent_forwarding);
 	M_CP_INTOPT(permit_tun);
 	M_CP_INTOPT(gateway_ports);
+	M_CP_INTOPT(print_motd);
+	M_CP_INTOPT(print_lastlog);
 	M_CP_INTOPT(x11_display_offset);
 	M_CP_INTOPT(x11_forwarding);
 	M_CP_INTOPT(x11_use_localhost);