Merge branch 'hans/ssh/rekey_problem/OTP-13972' into maint-19

* hans/ssh/rekey_problem/OTP-13972:
  ssh: fix renegotiation problem
  ssh: test case for renegotiation with openssh client

3 files changed, 50 insertions, 3 deletions

diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index ced049f0d0..dd414894d4 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -671,8 +671,9 @@ handle_event(_, #ssh_msg_newkeys{} = Msg, {new_keys,Role,init}, D) ->
     {next_state, {service_request,Role}, D#data{ssh_params=Ssh}};
 
 %% Subsequent key exchange rounds (renegotiation):
-handle_event(_, #ssh_msg_newkeys{}, {new_keys,Role,renegotiate}, D) ->
-    {next_state, {connected,Role}, D};
+handle_event(_, #ssh_msg_newkeys{} = Msg, {new_keys,Role,renegotiate}, D) ->
+    {ok, Ssh} = ssh_transport:handle_new_keys(Msg, D#data.ssh_params),
+    {next_state, {connected,Role}, D#data{ssh_params=Ssh}};
 
 %%% ######## {service_request, client|server}
 
diff --git a/lib/ssh/test/ssh_test_lib.erl b/lib/ssh/test/ssh_test_lib.erl
index c43c6519f9..6fd401d182 100644
--- a/lib/ssh/test/ssh_test_lib.erl
+++ b/lib/ssh/test/ssh_test_lib.erl
@@ -208,6 +208,16 @@ reply(TestCase, Result) ->
 
 rcv_expected(Expect, SshPort, Timeout) ->
     receive
+	{SshPort, Recvd} when is_function(Expect) ->
+	    case Expect(Recvd) of
+		true ->
+		    ct:log("Got expected ~p from ~p",[Recvd,SshPort]),
+		    catch port_close(SshPort),
+		    rcv_lingering(50);
+		false ->
+		    ct:log("Got UNEXPECTED ~p~n",[Recvd]),
+		    rcv_expected(Expect, SshPort, Timeout)
+	    end;
 	{SshPort, Expect} ->
 	    ct:log("Got expected ~p from ~p",[Expect,SshPort]),
 	    catch port_close(SshPort),
diff --git a/lib/ssh/test/ssh_to_openssh_SUITE.erl b/lib/ssh/test/ssh_to_openssh_SUITE.erl
index a914938c41..f481e9c1ce 100644
--- a/lib/ssh/test/ssh_to_openssh_SUITE.erl
+++ b/lib/ssh/test/ssh_to_openssh_SUITE.erl
@@ -58,7 +58,8 @@ groups() ->
 			  erlang_client_openssh_server_nonexistent_subsystem
 			 ]},
      {erlang_server, [], [erlang_server_openssh_client_public_key_dsa,
-			  erlang_server_openssh_client_public_key_rsa
+			  erlang_server_openssh_client_public_key_rsa,
+			  erlang_server_openssh_client_renegotiate
 			 ]}
     ].
 
@@ -386,6 +387,41 @@ erlang_server_openssh_client_public_key_X(Config, PubKeyAlg) ->
     ssh:stop_daemon(Pid).
 
 %%--------------------------------------------------------------------
+%% Test that the Erlang/OTP server can renegotiate with openSSH
+erlang_server_openssh_client_renegotiate(Config) ->
+    PubKeyAlg = ssh_rsa,
+    SystemDir = proplists:get_value(data_dir, Config),
+    PrivDir = proplists:get_value(priv_dir, Config),
+    KnownHosts = filename:join(PrivDir, "known_hosts"),
+    {Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir},
+					     {public_key_alg, PubKeyAlg},
+					     {failfun, fun ssh_test_lib:failfun/2}]),
+
+    ct:sleep(500),
+
+    DataFile = filename:join(PrivDir, "renegotiate_openssh_client.data"),
+    Data =  lists:duplicate(32000, $a),
+    ok = file:write_file(DataFile, Data),
+
+    Cmd = "ssh -p " ++ integer_to_list(Port) ++
+	" -o UserKnownHostsFile=" ++ KnownHosts ++
+	" -o RekeyLimit=20K" ++
+	" " ++ Host ++ " < " ++ DataFile,
+    OpenSsh = ssh_test_lib:open_port({spawn, Cmd}),
+
+    Expect = fun({data,R}) -> 
+		     try lists:prefix(binary_to_list(R), Data)
+		     catch
+			 _:_ -> false
+		     end;
+		(_) ->
+		     false
+	     end,
+
+    ssh_test_lib:rcv_expected(Expect, OpenSsh, ?TIMEOUT),
+    ssh:stop_daemon(Pid).
+
+%%--------------------------------------------------------------------
 erlang_client_openssh_server_password() ->
     [{doc, "Test client password option"}].
 erlang_client_openssh_server_password(Config) when is_list(Config) ->