Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2019-06-05 Patch-Name: package-versioning.patch
author: Matthew Vernon <matthew@debian.org> 2014-02-09 16:10:05 +0000
committer: Colin Watson <cjwatson@debian.org> 2020-02-21 12:07:18 +0000
commit: a4f868858c3395cacb59c58786b501317b9a3d03 (patch)
tree: b96e7cd5053127d3a46b04b4c430ed9c1d1a97fe /kex.c
parent: c18e3c8125fc4553951705a1da8c86395d219bb1 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/kex.c b/kex.c
index 574c76093..f638942d3 100644
--- a/kex.c
+++ b/kex.c
@@ -1244,7 +1244,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
        if (version_addendum != NULL && *version_addendum == '\0')
                version_addendum = NULL;
        if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
-           PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
+           PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
            version_addendum == NULL ? "" : " ",
            version_addendum == NULL ? "" : version_addendum)) != 0) {
                error("%s: sshbuf_putf: %s", __func__, ssh_err(r));
author	Matthew Vernon <matthew@debian.org>	2014-02-09 16:10:05 +0000
committer	Colin Watson <cjwatson@debian.org>	2020-02-21 12:07:18 +0000
commit	a4f868858c3395cacb59c58786b501317b9a3d03 (patch)
tree	b96e7cd5053127d3a46b04b4c430ed9c1d1a97fe /kex.c
parent	c18e3c8125fc4553951705a1da8c86395d219bb1 (diff)

diff --git a/kex.c b/kex.c index 574c76093..f638942d3 100644 --- a/kex.c +++ b/kex.c
@@ -1244,7 +1244,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
1244	if (version_addendum != NULL && *version_addendum == '\0')	1244	if (version_addendum != NULL && *version_addendum == '\0')
1245	version_addendum = NULL;	1245	version_addendum = NULL;
1246	if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",	1246	if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
1247	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,	1247	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
1248	version_addendum == NULL ? "" : " ",	1248	version_addendum == NULL ? "" : " ",
1249	version_addendum == NULL ? "" : version_addendum)) != 0) {	1249	version_addendum == NULL ? "" : version_addendum)) != 0) {
1250	error("%s: sshbuf_putf: %s", __func__, ssh_err(r));	1250	error("%s: sshbuf_putf: %s", __func__, ssh_err(r));