diff options
| author | Matthew Vernon <matthew@debian.org> | 2014-02-09 16:10:05 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2019-06-05 13:11:52 +0100 |
| commit | 85e700a732e9a308eeee67f5a284e19fd6befbb8 (patch) | |
| tree | 636703f316687b6657870e21984048489ffe0854 /kex.c | |
| parent | 15b7cc25dea4efdef7fdd129d0e3d1a091afd67b (diff) | |
Include the Debian version in our identification
This makes it easier to audit networks for versions patched against security
vulnerabilities. It has little detrimental effect, as attackers will
generally just try attacks rather than bothering to scan for
vulnerable-looking version strings. (However, see debian-banner.patch.)
Forwarded: not-needed
Last-Update: 2019-06-05
Patch-Name: package-versioning.patch
Diffstat (limited to 'kex.c')
| -rw-r--r-- | kex.c | 2 |
1 files changed, 1 insertions, 1 deletions
| @@ -1186,7 +1186,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, | |||
| 1186 | if (version_addendum != NULL && *version_addendum == '\0') | 1186 | if (version_addendum != NULL && *version_addendum == '\0') |
| 1187 | version_addendum = NULL; | 1187 | version_addendum = NULL; |
| 1188 | if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", | 1188 | if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", |
| 1189 | PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, | 1189 | PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE, |
| 1190 | version_addendum == NULL ? "" : " ", | 1190 | version_addendum == NULL ? "" : " ", |
| 1191 | version_addendum == NULL ? "" : version_addendum)) != 0) { | 1191 | version_addendum == NULL ? "" : version_addendum)) != 0) { |
| 1192 | error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); | 1192 | error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); |