Commit da3ff978 authored by Matthew Vernon's avatar Matthew Vernon Committed by Colin Watson

Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security
vulnerabilities.  It has little detrimental effect, as attackers will
generally just try attacks rather than bothering to scan for
vulnerable-looking version strings.  (However, see debian-banner.patch.)

Forwarded: not-needed
Last-Update: 2013-09-14

Patch-Name: package-versioning.patch
parent 7a20ce07
......@@ -442,10 +442,10 @@ send_client_banner(int connection_out, int minor1)
/* Send our own protocol version identification. */
if (compat20) {
xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE);
} else {
xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
PROTOCOL_MAJOR_1, minor1, SSH_RELEASE);
}
if (roaming_atomicio(vwrite, connection_out, client_version_string,
strlen(client_version_string)) != strlen(client_version_string))
......
......@@ -440,7 +440,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
}
xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s",
major, minor, SSH_VERSION,
major, minor, SSH_RELEASE,
*options.version_addendum == '\0' ? "" : " ",
options.version_addendum, newline);
......
......@@ -3,4 +3,9 @@
#define SSH_VERSION "OpenSSH_6.4"
#define SSH_PORTABLE "p1"
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE
#ifdef SSH_EXTRAVERSION
#define SSH_RELEASE SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION
#else
#define SSH_RELEASE SSH_RELEASE_MINIMUM
#endif
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment