Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
author: Matthew Vernon <matthew@debian.org> 2014-02-09 16:10:05 +0000
committer: Colin Watson <cjwatson@debian.org> 2015-08-19 16:33:33 +0100
commit: 9f6aded97671ee8b9164f0524b3ac622d827dcde (patch)
tree: caff580375570cf6fba707c7931ae61956e0bf86 /sshconnect.c
parent: aedcf9cb37f512b929ce895ba1fccc9ca39166b0 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/sshconnect.c b/sshconnect.c
index 6065dffa4..a6c9e20ed 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -524,10 +524,10 @@ send_client_banner(int connection_out, int minor1)
        /* Send our own protocol version identification. */
        if (compat20) {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
-                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
+                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
        } else {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
-                    PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
+                    PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
        }
        if (roaming_atomicio(vwrite, connection_out, client_version_string,
            strlen(client_version_string)) != strlen(client_version_string))
author	Matthew Vernon <matthew@debian.org>	2014-02-09 16:10:05 +0000
committer	Colin Watson <cjwatson@debian.org>	2015-08-19 16:33:33 +0100
commit	9f6aded97671ee8b9164f0524b3ac622d827dcde (patch)
tree	caff580375570cf6fba707c7931ae61956e0bf86 /sshconnect.c
parent	aedcf9cb37f512b929ce895ba1fccc9ca39166b0 (diff)

diff --git a/sshconnect.c b/sshconnect.c index 6065dffa4..a6c9e20ed 100644 --- a/sshconnect.c +++ b/sshconnect.c
@@ -524,10 +524,10 @@ send_client_banner(int connection_out, int minor1)
524	/* Send our own protocol version identification. */	524	/* Send our own protocol version identification. */
525	if (compat20) {	525	if (compat20) {
526	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",	526	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
527	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);	527	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
528	} else {	528	} else {
529	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",	529	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
530	PROTOCOL_MAJOR_1, minor1, SSH_VERSION);	530	PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
531	}	531	}
532	if (roaming_atomicio(vwrite, connection_out, client_version_string,	532	if (roaming_atomicio(vwrite, connection_out, client_version_string,
533	strlen(client_version_string)) != strlen(client_version_string))	533	strlen(client_version_string)) != strlen(client_version_string))