Call for testing: OpenSSH 10.0
Colin Watson
cjwatson at debian.org
Sat Apr 5 02:35:40 AEDT 2025
On Wed, Apr 02, 2025 at 09:19:37AM +1100, Darren Tucker wrote:
> * This release has the version number 10.0 and announces itself
> as "SSH-2.0-OpenSSH_10.0". Software that naively matches
> versions using patterns like "OpenSSH_1*" may be confused by
> this.
While this won't be a problem for a long time, I note that OpenSSH's own
compat.c has:
{ "OpenSSH_2*,"
"OpenSSH_3*,"
"OpenSSH_4*", SSH_BUG_SIGTYPE },
{ "OpenSSH_5*", SSH_NEW_OPENSSH|SSH_BUG_DYNAMIC_RPORT|
SSH_BUG_SIGTYPE},
Should these be changed to 2.* etc. to avoid future problems?
(Incidentally, unless I've misunderstood OpenSSH's historical versioning
arrangements, I don't think that either the "OpenSSH_2*" or "OpenSSH_3*"
patterns there can ever legitimately match, because there are previous
"OpenSSH_2.*" and "OpenSSH_3.*" patterns that will always match first.)
--
Colin Watson (he/him) [cjwatson at debian.org]
More information about the openssh-unix-dev
mailing list