summaryrefslogtreecommitdiff
path: root/kex.c
diff options
context:
space:
mode:
authorMatthew Vernon <matthew@debian.org>2014-02-09 16:10:05 +0000
committerColin Watson <cjwatson@debian.org>2020-02-21 12:07:18 +0000
commita4f868858c3395cacb59c58786b501317b9a3d03 (patch)
treeb96e7cd5053127d3a46b04b4c430ed9c1d1a97fe /kex.c
parentc18e3c8125fc4553951705a1da8c86395d219bb1 (diff)
Include the Debian version in our identification
This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2019-06-05 Patch-Name: package-versioning.patch
Diffstat (limited to 'kex.c')
-rw-r--r--kex.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/kex.c b/kex.c
index 574c76093..f638942d3 100644
--- a/kex.c
+++ b/kex.c
@@ -1244,7 +1244,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
1244 if (version_addendum != NULL && *version_addendum == '\0') 1244 if (version_addendum != NULL && *version_addendum == '\0')
1245 version_addendum = NULL; 1245 version_addendum = NULL;
1246 if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", 1246 if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
1247 PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, 1247 PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
1248 version_addendum == NULL ? "" : " ", 1248 version_addendum == NULL ? "" : " ",
1249 version_addendum == NULL ? "" : version_addendum)) != 0) { 1249 version_addendum == NULL ? "" : version_addendum)) != 0) {
1250 error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); 1250 error("%s: sshbuf_putf: %s", __func__, ssh_err(r));