Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
author: Matthew Vernon <matthew@debian.org> 2014-02-09 16:10:05 +0000
committer: Colin Watson <cjwatson@debian.org> 2016-08-07 12:18:43 +0100
commit: c8105413361d3c97b6a2f72c9f1c85da830bed2c (patch)
tree: c3828c403bb6e82bc48cf3b9a25a429f55535452 /sshconnect.c
parent: 6a1979d97fbde734a745b5123130fed669bfb145 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/sshconnect.c b/sshconnect.c
index fd67727b8..07dfc9da1 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -527,10 +527,10 @@ send_client_banner(int connection_out, int minor1)
        /* Send our own protocol version identification. */
        if (compat20) {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
-                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
+                    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
        } else {
                xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
-                    PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
+                    PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
        }
        if (atomicio(vwrite, connection_out, client_version_string,
            strlen(client_version_string)) != strlen(client_version_string))
author	Matthew Vernon <matthew@debian.org>	2014-02-09 16:10:05 +0000
committer	Colin Watson <cjwatson@debian.org>	2016-08-07 12:18:43 +0100
commit	c8105413361d3c97b6a2f72c9f1c85da830bed2c (patch)
tree	c3828c403bb6e82bc48cf3b9a25a429f55535452 /sshconnect.c
parent	6a1979d97fbde734a745b5123130fed669bfb145 (diff)

diff --git a/sshconnect.c b/sshconnect.c index fd67727b8..07dfc9da1 100644 --- a/sshconnect.c +++ b/sshconnect.c
@@ -527,10 +527,10 @@ send_client_banner(int connection_out, int minor1)
527	/* Send our own protocol version identification. */	527	/* Send our own protocol version identification. */
528	if (compat20) {	528	if (compat20) {
529	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",	529	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
530	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);	530	PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
531	} else {	531	} else {
532	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",	532	xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
533	PROTOCOL_MAJOR_1, minor1, SSH_VERSION);	533	PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
534	}	534	}
535	if (atomicio(vwrite, connection_out, client_version_string,	535	if (atomicio(vwrite, connection_out, client_version_string,
536	strlen(client_version_string)) != strlen(client_version_string))	536	strlen(client_version_string)) != strlen(client_version_string))