Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
author: Matthew Vernon <matthew@debian.org> 2014-02-09 16:10:05 +0000
committer: Colin Watson <cjwatson@debian.org> 2015-11-29 17:26:17 +0000
commit: 4e80e6a84e57783718ca225021a597713c44c2a2 (patch)
tree: e216894c3361d448fa779085d4d573f0d6b17714 /sshconnect.c
parent: 20ba3686f33c1dbb34583b8731582fdc7181a831 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/sshconnect.c b/sshconnect.c
index 4aff104b8..2999061b3 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -524,10 +524,10 @@ send_client_banner(int connection_out, int minor1)
        /* Send our own protocol version identification. */
        if (compat20) {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
-                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
+                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
        } else {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
-                    PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
+                    PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
        }
        if (roaming_atomicio(vwrite, connection_out, client_version_string,
            strlen(client_version_string)) != strlen(client_version_string))
author	Matthew Vernon <matthew@debian.org>	2014-02-09 16:10:05 +0000
committer	Colin Watson <cjwatson@debian.org>	2015-11-29 17:26:17 +0000
commit	4e80e6a84e57783718ca225021a597713c44c2a2 (patch)
tree	e216894c3361d448fa779085d4d573f0d6b17714 /sshconnect.c
parent	20ba3686f33c1dbb34583b8731582fdc7181a831 (diff)

diff --git a/sshconnect.c b/sshconnect.c index 4aff104b8..2999061b3 100644 --- a/sshconnect.c +++ b/sshconnect.c
@@ -524,10 +524,10 @@ send_client_banner(int connection_out, int minor1)
524	/* Send our own protocol version identification. */	524	/* Send our own protocol version identification. */
525	if (compat20) {	525	if (compat20) {
526	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",	526	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
527	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);	527	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
528	} else {	528	} else {
529	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",	529	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
530	PROTOCOL_MAJOR_1, minor1, SSH_VERSION);	530	PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
531	}	531	}
532	if (roaming_atomicio(vwrite, connection_out, client_version_string,	532	if (roaming_atomicio(vwrite, connection_out, client_version_string,
533	strlen(client_version_string)) != strlen(client_version_string))	533	strlen(client_version_string)) != strlen(client_version_string))