Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
author: Matthew Vernon <matthew@debian.org> 2014-02-09 16:10:05 +0000
committer: Colin Watson <cjwatson@debian.org> 2016-12-23 11:25:03 +0000
commit: cdce59c8c54d6d19ca0aa86cb4a62f6df94c7245 (patch)
tree: ede94e59e1fb7fd0254133e98e9b456cf4682faf /sshconnect.c
parent: e39bf0e814394fb5a14094b651f3bf9ddec0a782 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/sshconnect.c b/sshconnect.c
index 1cc556e86..c64c51bbb 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -526,10 +526,10 @@ send_client_banner(int connection_out, int minor1)
        /* Send our own protocol version identification. */
        if (compat20) {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
-                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
+                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
        } else {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
-                    PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
+                    PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
        }
        if (atomicio(vwrite, connection_out, client_version_string,
            strlen(client_version_string)) != strlen(client_version_string))
author	Matthew Vernon <matthew@debian.org>	2014-02-09 16:10:05 +0000
committer	Colin Watson <cjwatson@debian.org>	2016-12-23 11:25:03 +0000
commit	cdce59c8c54d6d19ca0aa86cb4a62f6df94c7245 (patch)
tree	ede94e59e1fb7fd0254133e98e9b456cf4682faf /sshconnect.c
parent	e39bf0e814394fb5a14094b651f3bf9ddec0a782 (diff)

diff --git a/sshconnect.c b/sshconnect.c index 1cc556e86..c64c51bbb 100644 --- a/sshconnect.c +++ b/sshconnect.c
@@ -526,10 +526,10 @@ send_client_banner(int connection_out, int minor1)
526	/* Send our own protocol version identification. */	526	/* Send our own protocol version identification. */
527	if (compat20) {	527	if (compat20) {
528	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",	528	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
529	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);	529	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
530	} else {	530	} else {
531	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",	531	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
532	PROTOCOL_MAJOR_1, minor1, SSH_VERSION);	532	PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
533	}	533	}
534	if (atomicio(vwrite, connection_out, client_version_string,	534	if (atomicio(vwrite, connection_out, client_version_string,
535	strlen(client_version_string)) != strlen(client_version_string))	535	strlen(client_version_string)) != strlen(client_version_string))