On Mon 2016-08-08 03:24:36 -0400, Jakub Jelen wrote: > We got a report [1], that we miss "p1" suffix in the sshd identification > strings in Fedora. I dig in and found out that it is also missing from > portable usptream since 2004, when you were rewriting version.h header > file with this information. > > Debian somehow patched this information back during the time in some > places (ssh_api.c is missing). this is arguably a (very old) bug in debian: https://bugs.debian.org/130876 https://bugs.debian.org/774410 > It does not look like intention to remove the release version > information [2]. Can you clarify? > > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1364595 > [2] https://github.com/openssh/openssh-portable/commit/2aa6d3cf The synopsis of that changeset comment (by Damien Miller) is: Don't divulge portable version in protocol That seems like a pretty clear intent. (and fwiw, i think it's the right thing to do) --dkg
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
