Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
author: Matthew Vernon <matthew@debian.org> 2014-02-09 16:10:05 +0000
committer: Colin Watson <cjwatson@debian.org> 2014-03-20 00:32:29 +0000
commit: 6de70b95f5005447ae23532d4f3ee41a9338479f (patch)
tree: ce486678e9a32d0b1ba927087bf735d81ee2ffd2 /sshconnect.c
parent: 8ab8f1465980856291f215c7b7184a4456398fb4 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/sshconnect.c b/sshconnect.c
index e0a5db9a3..87c3770c0 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -520,10 +520,10 @@ send_client_banner(int connection_out, int minor1)
        /* Send our own protocol version identification. */
        if (compat20) {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
-                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
+                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
        } else {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
-                    PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
+                    PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
        }
        if (roaming_atomicio(vwrite, connection_out, client_version_string,
            strlen(client_version_string)) != strlen(client_version_string))
author	Matthew Vernon <matthew@debian.org>	2014-02-09 16:10:05 +0000
committer	Colin Watson <cjwatson@debian.org>	2014-03-20 00:32:29 +0000
commit	6de70b95f5005447ae23532d4f3ee41a9338479f (patch)
tree	ce486678e9a32d0b1ba927087bf735d81ee2ffd2 /sshconnect.c
parent	8ab8f1465980856291f215c7b7184a4456398fb4 (diff)

diff --git a/sshconnect.c b/sshconnect.c index e0a5db9a3..87c3770c0 100644 --- a/sshconnect.c +++ b/sshconnect.c
@@ -520,10 +520,10 @@ send_client_banner(int connection_out, int minor1)
520	/* Send our own protocol version identification. */	520	/* Send our own protocol version identification. */
521	if (compat20) {	521	if (compat20) {
522	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",	522	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
523	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);	523	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
524	} else {	524	} else {
525	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",	525	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
526	PROTOCOL_MAJOR_1, minor1, SSH_VERSION);	526	PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
527	}	527	}
528	if (roaming_atomicio(vwrite, connection_out, client_version_string,	528	if (roaming_atomicio(vwrite, connection_out, client_version_string,
529	strlen(client_version_string)) != strlen(client_version_string))	529	strlen(client_version_string)) != strlen(client_version_string))