ssh: extend 'dh_gex_limits' to server side

OTP-13066
author: Hans Nilsson <[email protected]> 2015-10-26 15:56:13 +0100
committer: Hans Nilsson <[email protected]> 2015-11-04 12:10:06 +0100
commit: 18b9fc4c61f487007c8bff3bbb52f9466f3454ce (patch)
tree: d42ff3d1ce25b36fa1ac1f4563205af786f2b5e1 /lib/ssh/doc/src/ssh.xml
parent: 961bb51d1b73c6ff2ad5f08e0a4c13fbfc2fbb98 (diff)
download: otp-18b9fc4c61f487007c8bff3bbb52f9466f3454ce.tar.gz
otp-18b9fc4c61f487007c8bff3bbb52f9466f3454ce.tar.bz2
otp-18b9fc4c61f487007c8bff3bbb52f9466f3454ce.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/lib/ssh/doc/src/ssh.xml b/lib/ssh/doc/src/ssh.xml
index 1e4dd91eb6..7c1b9ea0dc 100644
--- a/lib/ssh/doc/src/ssh.xml
+++ b/lib/ssh/doc/src/ssh.xml
@@ -475,6 +475,17 @@ kex is implicit but public_key is set explicitly.</p>
 	    </p>
 	  </item>
 
+	  <tag><c><![CDATA[{dh_gex_limits,{Min=integer(),Max=integer()}}]]></c></tag>
+	  <item>
+	    <p>Limits what a client can ask for in diffie-hellman-group-exchange. The effective value will be
+	    <c>MaxUsed = min(MaxClient,Max), MinUsed = max(MinClient,Min)</c>.
+	    </p>
+	    <p>If <c>MaxUsed &lt; MinUses</c> in a key exchange, it will fail with a disconnect.
+	    </p>
+	    <p>See RFC 4419 for the function of the max an min values.
+	    </p>
+	  </item>
+
 	  <tag><c><![CDATA[{pwdfun, fun(User::string(), password::string()) -> boolean()}]]></c></tag>
 	  <item>
 	    <p>Provides a function for password validation. This function is called
author	Hans Nilsson <[email protected]>	2015-10-26 15:56:13 +0100
committer	Hans Nilsson <[email protected]>	2015-11-04 12:10:06 +0100
commit	18b9fc4c61f487007c8bff3bbb52f9466f3454ce (patch)
tree	d42ff3d1ce25b36fa1ac1f4563205af786f2b5e1 /lib/ssh/doc/src/ssh.xml
parent	961bb51d1b73c6ff2ad5f08e0a4c13fbfc2fbb98 (diff)
download	otp-18b9fc4c61f487007c8bff3bbb52f9466f3454ce.tar.gz otp-18b9fc4c61f487007c8bff3bbb52f9466f3454ce.tar.bz2 otp-18b9fc4c61f487007c8bff3bbb52f9466f3454ce.zip