mirror of https://gitee.com/openkylin/openssh.git
Include the Debian version in our identification
This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2019-06-05 Patch-Name: package-versioning.patch Gbp-Pq: Name package-versioning.patch
This commit is contained in:
parent
02aa38bee0
commit
01585ac808
2
kex.c
2
kex.c
|
@ -1244,7 +1244,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
|
||||||
if (version_addendum != NULL && *version_addendum == '\0')
|
if (version_addendum != NULL && *version_addendum == '\0')
|
||||||
version_addendum = NULL;
|
version_addendum = NULL;
|
||||||
if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
|
if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
|
||||||
PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION,
|
PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
|
||||||
version_addendum == NULL ? "" : " ",
|
version_addendum == NULL ? "" : " ",
|
||||||
version_addendum == NULL ? "" : version_addendum)) != 0) {
|
version_addendum == NULL ? "" : version_addendum)) != 0) {
|
||||||
error("%s: sshbuf_putf: %s", __func__, ssh_err(r));
|
error("%s: sshbuf_putf: %s", __func__, ssh_err(r));
|
||||||
|
|
|
@ -3,4 +3,9 @@
|
||||||
#define SSH_VERSION "OpenSSH_8.2"
|
#define SSH_VERSION "OpenSSH_8.2"
|
||||||
|
|
||||||
#define SSH_PORTABLE "p1"
|
#define SSH_PORTABLE "p1"
|
||||||
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
|
#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE
|
||||||
|
#ifdef SSH_EXTRAVERSION
|
||||||
|
#define SSH_RELEASE SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION
|
||||||
|
#else
|
||||||
|
#define SSH_RELEASE SSH_RELEASE_MINIMUM
|
||||||
|
#endif
|
||||||
|
|
Loading…
Reference in New Issue