diff options
Diffstat (limited to 'debian/patches/package-versioning.patch')
-rw-r--r-- | debian/patches/package-versioning.patch | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch new file mode 100644 index 000000000..392afc073 --- /dev/null +++ b/debian/patches/package-versioning.patch | |||
@@ -0,0 +1,54 @@ | |||
1 | Description: Include the Debian version in our identification | ||
2 | This makes it easier to audit networks for versions patched against | ||
3 | security vulnerabilities. It has little detrimental effect, as attackers | ||
4 | will generally just try attacks rather than bothering to scan for | ||
5 | vulnerable-looking version strings. (However, see debian-banner.patch.) | ||
6 | Author: Matthew Vernon <matthew@debian.org> | ||
7 | Forwarded: not-needed | ||
8 | Last-Update: 2013-09-14 | ||
9 | |||
10 | Index: b/sshconnect.c | ||
11 | =================================================================== | ||
12 | --- a/sshconnect.c | ||
13 | +++ b/sshconnect.c | ||
14 | @@ -442,10 +442,10 @@ | ||
15 | /* Send our own protocol version identification. */ | ||
16 | if (compat20) { | ||
17 | xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n", | ||
18 | - PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION); | ||
19 | + PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE); | ||
20 | } else { | ||
21 | xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n", | ||
22 | - PROTOCOL_MAJOR_1, minor1, SSH_VERSION); | ||
23 | + PROTOCOL_MAJOR_1, minor1, SSH_RELEASE); | ||
24 | } | ||
25 | if (roaming_atomicio(vwrite, connection_out, client_version_string, | ||
26 | strlen(client_version_string)) != strlen(client_version_string)) | ||
27 | Index: b/sshd.c | ||
28 | =================================================================== | ||
29 | --- a/sshd.c | ||
30 | +++ b/sshd.c | ||
31 | @@ -440,7 +440,7 @@ | ||
32 | } | ||
33 | |||
34 | xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s", | ||
35 | - major, minor, SSH_VERSION, | ||
36 | + major, minor, SSH_RELEASE, | ||
37 | *options.version_addendum == '\0' ? "" : " ", | ||
38 | options.version_addendum, newline); | ||
39 | |||
40 | Index: b/version.h | ||
41 | =================================================================== | ||
42 | --- a/version.h | ||
43 | +++ b/version.h | ||
44 | @@ -3,4 +3,9 @@ | ||
45 | #define SSH_VERSION "OpenSSH_6.4" | ||
46 | |||
47 | #define SSH_PORTABLE "p1" | ||
48 | -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE | ||
49 | +#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE | ||
50 | +#ifdef SSH_EXTRAVERSION | ||
51 | +#define SSH_RELEASE SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION | ||
52 | +#else | ||
53 | +#define SSH_RELEASE SSH_RELEASE_MINIMUM | ||
54 | +#endif | ||