Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
author: Matthew Vernon <matthew@debian.org> 2014-02-09 16:10:05 +0000
committer: Colin Watson <cjwatson@debian.org> 2014-02-09 16:18:42 +0000
commit: da3ff9786c4c03b2aac4936b28f06b3c152e230d (patch)
tree: 48072289f38ce3cbcccb8e64d72e0a57548cc5a6 /sshconnect.c
parent: 7a20ce0712e7b7174a0c079e84568a9e8321c42b (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/sshconnect.c b/sshconnect.c
index bda83b25e..ad960fdbf 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -442,10 +442,10 @@ send_client_banner(int connection_out, int minor1)
        /* Send our own protocol version identification. */
        if (compat20) {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
-                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
+                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
        } else {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
-                    PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
+                    PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
        }
        if (roaming_atomicio(vwrite, connection_out, client_version_string,
            strlen(client_version_string)) != strlen(client_version_string))
author	Matthew Vernon <matthew@debian.org>	2014-02-09 16:10:05 +0000
committer	Colin Watson <cjwatson@debian.org>	2014-02-09 16:18:42 +0000
commit	da3ff9786c4c03b2aac4936b28f06b3c152e230d (patch)
tree	48072289f38ce3cbcccb8e64d72e0a57548cc5a6 /sshconnect.c
parent	7a20ce0712e7b7174a0c079e84568a9e8321c42b (diff)

diff --git a/sshconnect.c b/sshconnect.c index bda83b25e..ad960fdbf 100644 --- a/sshconnect.c +++ b/sshconnect.c
@@ -442,10 +442,10 @@ send_client_banner(int connection_out, int minor1)
442	/* Send our own protocol version identification. */	442	/* Send our own protocol version identification. */
443	if (compat20) {	443	if (compat20) {
444	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",	444	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
445	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);	445	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
446	} else {	446	} else {
447	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",	447	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
448	PROTOCOL_MAJOR_1, minor1, SSH_VERSION);	448	PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
449	}	449	}
450	if (roaming_atomicio(vwrite, connection_out, client_version_string,	450	if (roaming_atomicio(vwrite, connection_out, client_version_string,
451	strlen(client_version_string)) != strlen(client_version_string))	451	strlen(client_version_string)) != strlen(client_version_string))