aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHans Nilsson <[email protected]>2015-11-26 10:45:13 +0100
committerHans Nilsson <[email protected]>2015-11-26 15:09:28 +0100
commitecf301d7dbd173cc18f86026ecf88597b15a7c69 (patch)
tree993bc5207e0ae7f0a36dfbff6f044b903a139175
parent9b9d1cfa157134d8b14aaa2de5b36db28cb8b17a (diff)
downloadotp-ecf301d7dbd173cc18f86026ecf88597b15a7c69.tar.gz
otp-ecf301d7dbd173cc18f86026ecf88597b15a7c69.tar.bz2
otp-ecf301d7dbd173cc18f86026ecf88597b15a7c69.zip
ssh: Improve group selection
Now it chooses the first found if no exact match.
-rw-r--r--lib/ssh/src/ssh_transport.erl42
1 files changed, 15 insertions, 27 deletions
diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl
index 1fbe50e758..e3ee399b8e 100644
--- a/lib/ssh/src/ssh_transport.erl
+++ b/lib/ssh/src/ssh_transport.erl
@@ -1378,35 +1378,23 @@ dh_gex_default_groups() -> ?dh_default_groups.
dh_gex_group(Min, N, Max, undefined) ->
dh_gex_group(Min, N, Max, dh_gex_default_groups());
dh_gex_group(Min, N, Max, Groups) ->
- %% First try to find an exact match. If not an exact match, select the largest possible.
- {_,Group} =
- lists:foldl(
- fun(_, {I,G}) when I==N ->
- %% If we have an exact match already: use that one
- {I,G};
- ({I,G}, _) when I==N ->
- %% If we now found an exact match: use that very one
- {I,G};
- ({I,G}, {Imax,_Gmax}) when Min=<I,I=<Max, % a) {I,G} fullfills the requirements
- I>Imax -> % b) {I,G} is larger than current max
- %% A group within the limits and better than the one we have
- {I,G};
- (_, IGmax) ->
- %% Keep the one we have
- IGmax
- end, {-1,undefined}, Groups),
-
- case Group of
- undefined ->
- throw(#ssh_msg_disconnect{
- code = ?SSH_DISCONNECT_PROTOCOL_ERROR,
- description = "No possible diffie-hellman-group-exchange group found",
- language = ""});
- _ ->
- Group
+ %% Try to find an exact match. If not an exact match, select the first found.
+ case lists:keyfind(N, 1, Groups) of
+ {N,Grp} ->
+ Grp;
+ false ->
+ case lists:dropwhile(fun({I,_}) -> I < Min-1 orelse I > Max+1 end,
+ Groups) of
+ [{_,Grp}|_] ->
+ Grp;
+ [] ->
+ throw(#ssh_msg_disconnect{
+ code = ?SSH_DISCONNECT_PROTOCOL_ERROR,
+ description = "No possible diffie-hellman-group-exchange group found",
+ language = ""})
+ end
end.
-
generate_key(Algorithm, Args) ->
{Public,Private} = crypto:generate_key(Algorithm, Args),
{crypto:bytes_to_integer(Public), crypto:bytes_to_integer(Private)}.