Include the Debian version in our identification

This makes it easier to audit networks for versions patched against security
vulnerabilities.  It has little detrimental effect, as attackers will
generally just try attacks rather than bothering to scan for
vulnerable-looking version strings.  (However, see debian-banner.patch.)

Forwarded: not-needed
Last-Update: 2019-06-05

Patch-Name: package-versioning.patch

Gbp-Pq: Name package-versioning.patch
This commit is contained in:
Matthew Vernon 2014-02-09 16:10:05 +00:00 committed by Lu zhiping
parent 02aa38bee0
commit 01585ac808
2 changed files with 7 additions and 2 deletions

2
kex.c
View File

@ -1244,7 +1244,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
if (version_addendum != NULL && *version_addendum == '\0') if (version_addendum != NULL && *version_addendum == '\0')
version_addendum = NULL; version_addendum = NULL;
if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n", if ((r = sshbuf_putf(our_version, "SSH-%d.%d-%.100s%s%s\r\n",
PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE,
version_addendum == NULL ? "" : " ", version_addendum == NULL ? "" : " ",
version_addendum == NULL ? "" : version_addendum)) != 0) { version_addendum == NULL ? "" : version_addendum)) != 0) {
error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); error("%s: sshbuf_putf: %s", __func__, ssh_err(r));

View File

@ -3,4 +3,9 @@
#define SSH_VERSION "OpenSSH_8.2" #define SSH_VERSION "OpenSSH_8.2"
#define SSH_PORTABLE "p1" #define SSH_PORTABLE "p1"
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE #define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE
#ifdef SSH_EXTRAVERSION
#define SSH_RELEASE SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION
#else
#define SSH_RELEASE SSH_RELEASE_MINIMUM
#endif