ssh: New option 'preferred_algorithms'

This option enables the user to define which algorithms that
are to be used as well as their precedences in the negotiation
between server and client.

1 files changed, 89 insertions, 42 deletions

diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl
index d6414bab6c..95840c94ad 100644
--- a/lib/ssh/src/ssh_transport.erl
+++ b/lib/ssh/src/ssh_transport.erl
@@ -31,6 +31,8 @@
 
 -export([versions/2, hello_version_msg/1]).
 -export([next_seqnum/1, decrypt_first_block/2, decrypt_blocks/3,
+	 supported_algorithms/0, supported_algorithms/1,
+	 default_algorithms/0, default_algorithms/1,
 	 is_valid_mac/3,
 	 handle_hello_version/1,
 	 key_exchange_init_msg/1,
@@ -42,6 +44,68 @@
 	 unpack/3, decompress/2, ssh_packet/2, pack/2, msg_data/1,
 	 sign/3, verify/4]).
 
+%%%----------------------------------------------------------------------------
+%%%
+%%% There is a difference between supported and default algorithms. The
+%%% SUPPORTED algorithms can be handled (maybe untested...). The DEFAULT ones
+%%% are announced in ssh_msg_kexinit and in ssh:default_algorithms/0 to the
+%%% user.
+%%%
+%%% A supported algorithm can be requested in the option 'preferred_algorithms',
+%%% but may give unexpected results because of being promoted to default.
+%%%
+%%% This makes it possible to add experimental algorithms (in supported_algorithms)
+%%% and test them without letting the default users know about them.
+%%%
+
+default_algorithms() -> [{K,default_algorithms(K)} || K <- algo_classes()].
+
+algo_classes() -> [kex, public_key, cipher, mac, compression].
+
+default_algorithms(compression) ->
+    %% Do not announce '[email protected]' because there seem to be problems
+    supported_algorithms(compression, same(['[email protected]']));
+default_algorithms(Alg) ->
+    supported_algorithms(Alg).
+
+
+supported_algorithms() -> [{K,supported_algorithms(K)} || K <- algo_classes()].
+
+supported_algorithms(kex) ->
+    ['diffie-hellman-group1-sha1'];
+supported_algorithms(public_key) ->
+    ssh_auth:default_public_key_algorithms();
+supported_algorithms(cipher) ->
+    Supports = crypto:supports(),
+    CipherAlgos = [{aes_ctr, 'aes128-ctr'}, {aes_cbc128, 'aes128-cbc'}, {des3_cbc, '3des-cbc'}],
+    Algs = [SshAlgo ||
+	       {CryptoAlgo, SshAlgo} <- CipherAlgos,
+	       lists:member(CryptoAlgo, proplists:get_value(ciphers, Supports, []))],
+    same(Algs);
+supported_algorithms(mac) ->
+    Supports = crypto:supports(),
+    HashAlgos = [{sha256, 'hmac-sha2-256'}, {sha, 'hmac-sha1'}],
+    Algs = [SshAlgo ||
+	       {CryptoAlgo, SshAlgo} <- HashAlgos,
+	       lists:member(CryptoAlgo, proplists:get_value(hashs, Supports, []))],
+    same(Algs);
+supported_algorithms(compression) ->
+    same(['none','zlib','[email protected]']).
+
+
+supported_algorithms(Key, [{client2server,BL1},{server2client,BL2}]) ->
+    [{client2server,As1},{server2client,As2}] = supported_algorithms(Key),
+    [{client2server,As1--BL1},{server2client,As2--BL2}];
+supported_algorithms(Key, BlackList) ->
+    supported_algorithms(Key) -- BlackList.
+
+    
+
+
+same(Algs) ->  [{client2server,Algs}, {server2client,Algs}].
+
+
+%%%----------------------------------------------------------------------------
 versions(client, Options)->
     Vsn = proplists:get_value(vsn, Options, ?DEFAULT_CLIENT_VERSION),
     {Vsn, format_version(Vsn, software_version(Options))};
@@ -128,62 +192,45 @@ key_exchange_init_msg(Ssh0) ->
 
 kex_init(#ssh{role = Role, opts = Opts, available_host_keys = HostKeyAlgs}) ->
     Random = ssh_bits:random(16),
-    Compression = case proplists:get_value(compression, Opts, none) of
-		      openssh_zlib -> ["[email protected]", "none"];
-		      zlib -> ["zlib", "none"];
-		      none -> ["none", "zlib"]
-		  end,
-    kexinit_messsage(Role, Random, Compression, HostKeyAlgs).
+    PrefAlgs =
+	case proplists:get_value(preferred_algorithms,Opts) of
+	    undefined -> 
+		default_algorithms();
+	    Algs0 ->
+		Algs0
+	end,
+    kexinit_message(Role, Random, PrefAlgs, HostKeyAlgs).
 
 key_init(client, Ssh, Value) ->
     Ssh#ssh{c_keyinit = Value};
 key_init(server, Ssh, Value) ->
     Ssh#ssh{s_keyinit = Value}.
 
-available_ssh_algos() ->
-    Supports = crypto:supports(),
-    CipherAlgos = [{aes_ctr, "aes128-ctr"}, {aes_cbc128, "aes128-cbc"}, {des3_cbc, "3des-cbc"}],
-    Ciphers = [SshAlgo ||
-	{CryptoAlgo, SshAlgo} <- CipherAlgos,
-	lists:member(CryptoAlgo, proplists:get_value(ciphers, Supports, []))],
-    HashAlgos = [{sha256, "hmac-sha2-256"}, {sha, "hmac-sha1"}],
-    Hashs = [SshAlgo ||
-	{CryptoAlgo, SshAlgo} <- HashAlgos,
-	lists:member(CryptoAlgo, proplists:get_value(hashs, Supports, []))],
-    {Ciphers, Hashs}.
-
-kexinit_messsage(client, Random, Compression, HostKeyAlgs) ->
-    {CipherAlgs, HashAlgs} = available_ssh_algos(),
-    #ssh_msg_kexinit{ 
-		  cookie = Random,
-		  kex_algorithms = ["diffie-hellman-group1-sha1"],
-		  server_host_key_algorithms = HostKeyAlgs,
-		  encryption_algorithms_client_to_server = CipherAlgs,
-		  encryption_algorithms_server_to_client = CipherAlgs,
-		  mac_algorithms_client_to_server = HashAlgs,
-		  mac_algorithms_server_to_client = HashAlgs,
-		  compression_algorithms_client_to_server = Compression,
-		  compression_algorithms_server_to_client = Compression,
-		  languages_client_to_server = [],
-		  languages_server_to_client = []
-		 };
 
-kexinit_messsage(server, Random, Compression, HostKeyAlgs) ->
-    {CipherAlgs, HashAlgs} = available_ssh_algos(),
+kexinit_message(_Role, Random, Algs, HostKeyAlgs) ->
     #ssh_msg_kexinit{
 		  cookie = Random,
-		  kex_algorithms = ["diffie-hellman-group1-sha1"],
+		  kex_algorithms = to_strings( get_algs(kex,Algs) ),
 		  server_host_key_algorithms = HostKeyAlgs,
-		  encryption_algorithms_client_to_server = CipherAlgs,
-		  encryption_algorithms_server_to_client = CipherAlgs,
-		  mac_algorithms_client_to_server = HashAlgs,
-		  mac_algorithms_server_to_client = HashAlgs,
-		  compression_algorithms_client_to_server = Compression,
-		  compression_algorithms_server_to_client = Compression,
+		  encryption_algorithms_client_to_server = c2s(cipher,Algs),
+		  encryption_algorithms_server_to_client = s2c(cipher,Algs),
+		  mac_algorithms_client_to_server = c2s(mac,Algs),
+		  mac_algorithms_server_to_client = s2c(mac,Algs),
+		  compression_algorithms_client_to_server = c2s(compression,Algs),
+		  compression_algorithms_server_to_client = s2c(compression,Algs),
 		  languages_client_to_server = [],
 		  languages_server_to_client = []
 		 }.
 
+c2s(Key, Algs) -> x2y(client2server, Key, Algs).
+s2c(Key, Algs) -> x2y(server2client, Key, Algs).
+
+x2y(DirectionKey, Key, Algs) -> to_strings(proplists:get_value(DirectionKey, get_algs(Key,Algs))).
+
+get_algs(Key, Algs) -> proplists:get_value(Key, Algs, default_algorithms(Key)).
+
+to_strings(L) -> lists:map(fun erlang:atom_to_list/1, L).
+
 new_keys_message(Ssh0) ->
     {SshPacket, Ssh} = 
 	ssh_packet(#ssh_msg_newkeys{}, Ssh0),