Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
author: Matthew Vernon <matthew@debian.org> 2014-02-09 16:10:05 +0000
committer: Colin Watson <cjwatson@debian.org> 2015-08-19 17:11:48 +0100
commit: c3a4906692ddd85d8530d2fdb74822ae793f18db (patch)
tree: 2b5f3ff1f5907b79f029dd91ea4bbbb95f984b3c /sshconnect.c
parent: f948cb2d089ebf70b70db3d483d09ad97a0cf371 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/sshconnect.c b/sshconnect.c
index 0c9fc6c36..988f4efe6 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -524,10 +524,10 @@ send_client_banner(int connection_out, int minor1)
        /* Send our own protocol version identification. */
        if (compat20) {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
-                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
+                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
        } else {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
-                    PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
+                    PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
        }
        if (roaming_atomicio(vwrite, connection_out, client_version_string,
            strlen(client_version_string)) != strlen(client_version_string))
author	Matthew Vernon <matthew@debian.org>	2014-02-09 16:10:05 +0000
committer	Colin Watson <cjwatson@debian.org>	2015-08-19 17:11:48 +0100
commit	c3a4906692ddd85d8530d2fdb74822ae793f18db (patch)
tree	2b5f3ff1f5907b79f029dd91ea4bbbb95f984b3c /sshconnect.c
parent	f948cb2d089ebf70b70db3d483d09ad97a0cf371 (diff)

diff --git a/sshconnect.c b/sshconnect.c index 0c9fc6c36..988f4efe6 100644 --- a/sshconnect.c +++ b/sshconnect.c
@@ -524,10 +524,10 @@ send_client_banner(int connection_out, int minor1)
524	/* Send our own protocol version identification. */	524	/* Send our own protocol version identification. */
525	if (compat20) {	525	if (compat20) {
526	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",	526	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
527	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);	527	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
528	} else {	528	} else {
529	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",	529	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
530	PROTOCOL_MAJOR_1, minor1, SSH_VERSION);	530	PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
531	}	531	}
532	if (roaming_atomicio(vwrite, connection_out, client_version_string,	532	if (roaming_atomicio(vwrite, connection_out, client_version_string,
533	strlen(client_version_string)) != strlen(client_version_string))	533	strlen(client_version_string)) != strlen(client_version_string))