summaryrefslogtreecommitdiff
path: root/kex.c
diff options
context:
space:
mode:
authorMatthew Vernon <matthew@debian.org>2014-02-09 16:10:05 +0000
committerColin Watson <cjwatson@debian.org>2020-06-07 10:25:35 +0100
commitd66c30698f807ab95aee7ea4a882c192884df047 (patch)
tree82535e1a669430806763cc0d93ab79a9ed19115e /kex.c
parent8ec2f85d03524a6b4954f0a29496b5a301f92080 (diff)
Include the Debian version in our identification
This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2019-06-05 Patch-Name: package-versioning.patch
Diffstat (limited to 'kex.c')
-rw-r--r--kex.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/kex.c b/kex.c
index 144dee512..0e64bf760 100644
--- a/kex.c
+++ b/kex.c
@@ -1243,7 +1243,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
1243 if (version_addendum != NULL && *version_addendum == '\0') 1243 if (version_addendum != NULL && *version_addendum == '\0')
1244 version_addendum = NULL; 1244 version_addendum = NULL;
1245 if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", 1245 if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
1246 PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, 1246 PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
1247 version_addendum == NULL ? "" : " ", 1247 version_addendum == NULL ? "" : " ",
1248 version_addendum == NULL ? "" : version_addendum)) != 0) { 1248 version_addendum == NULL ? "" : version_addendum)) != 0) {
1249 oerrno = errno; 1249 oerrno = errno;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-02 17:35:07 +0000