In half-duplex setups (or when client/server coalesce the SSH version
line with the KEX packet, get_version() would return UNK as version,
causing a protocol violation. Make this slightly more robust by using
and setting the version which either side had set to continue parsing.
For the special case of SSH-1.99, select SSH-2.0. We could try to peak
into the payload following the packet length field and check for
a KEX_INIT type byte to select SSH2 as a heuristic, but not sure how
to accomplish this.
Slight regression fix for 3769ed6c66
which started to require visibility for client and server version
rather than just the client's version.
This reverts part of commit a0888b7e36 due
to inhibiting analyzer violations when parsing non SSH traffic when
the &restofdata path is entered.
@J-Gras reported the analyzer not being disabled when sending HTTP
traffic on port 22.
This adds the verbose analyzer.log baselines such that future improvements
of these scenarios become visible.
