Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
author: Matthew Vernon <matthew@debian.org> 2014-02-09 16:10:05 +0000
committer: Colin Watson <cjwatson@debian.org> 2014-02-10 02:40:17 +0000
commit: 03b1ae877da1db4c517747bee89f1a494cce8566 (patch)
tree: d8abfd987071bf1d91d3313d6d5b86a7a536b2cd /sshconnect.c
parent: 9c6deb4e89ad1ac2c2046b1371f378a80b0b4dec (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/sshconnect.c b/sshconnect.c
index 4ff5c73bc..a2fbf9e65 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -517,10 +517,10 @@ send_client_banner(int connection_out, int minor1)
        /* Send our own protocol version identification. */
        if (compat20) {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
-                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
+                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
        } else {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
-                    PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
+                    PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
        }
        if (roaming_atomicio(vwrite, connection_out, client_version_string,
            strlen(client_version_string)) != strlen(client_version_string))
author	Matthew Vernon <matthew@debian.org>	2014-02-09 16:10:05 +0000
committer	Colin Watson <cjwatson@debian.org>	2014-02-10 02:40:17 +0000
commit	03b1ae877da1db4c517747bee89f1a494cce8566 (patch)
tree	d8abfd987071bf1d91d3313d6d5b86a7a536b2cd /sshconnect.c
parent	9c6deb4e89ad1ac2c2046b1371f378a80b0b4dec (diff)

diff --git a/sshconnect.c b/sshconnect.c index 4ff5c73bc..a2fbf9e65 100644 --- a/sshconnect.c +++ b/sshconnect.c
@@ -517,10 +517,10 @@ send_client_banner(int connection_out, int minor1)
517	/* Send our own protocol version identification. */	517	/* Send our own protocol version identification. */
518	if (compat20) {	518	if (compat20) {
519	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",	519	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
520	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);	520	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
521	} else {	521	} else {
522	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",	522	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
523	PROTOCOL_MAJOR_1, minor1, SSH_VERSION);	523	PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
524	}	524	}
525	if (roaming_atomicio(vwrite, connection_out, client_version_string,	525	if (roaming_atomicio(vwrite, connection_out, client_version_string,
526	strlen(client_version_string)) != strlen(client_version_string))	526	strlen(client_version_string)) != strlen(client_version_string))