diff options
| author | Hans Nilsson <[email protected]> | 2014-04-25 11:13:56 +0200 | 
|---|---|---|
| committer | Hans Nilsson <[email protected]> | 2014-04-25 11:13:56 +0200 | 
| commit | 4d957870d4e5ae98e91b9118f8b2e8319ab4fa33 (patch) | |
| tree | 84bcb7809d73ba1899e8eeee91ccdf3baac90412 /lib/ssh/src | |
| parent | 355c20137b48e1c1b0cd553a63bbcc5d3e8a045f (diff) | |
| parent | 3af70a78b6b84ed1e503d4b8d249ae9e8147eba2 (diff) | |
| download | otp-4d957870d4e5ae98e91b9118f8b2e8319ab4fa33.tar.gz otp-4d957870d4e5ae98e91b9118f8b2e8319ab4fa33.tar.bz2 otp-4d957870d4e5ae98e91b9118f8b2e8319ab4fa33.zip | |
Merge branch 'hans/ssh/max_sessions/OTP-11885' into maint
* hans/ssh/max_sessions/OTP-11885:
  ssh: Doc change on max_session param
  ssh: Add max_session parameter to ssh:daemon
Diffstat (limited to 'lib/ssh/src')
| -rw-r--r-- | lib/ssh/src/ssh.erl | 4 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_acceptor.erl | 47 | 
2 files changed, 40 insertions, 11 deletions
| diff --git a/lib/ssh/src/ssh.erl b/lib/ssh/src/ssh.erl index de6e8cc421..75081b7a61 100644 --- a/lib/ssh/src/ssh.erl +++ b/lib/ssh/src/ssh.erl @@ -332,6 +332,8 @@ handle_option([{idle_time, _} = Opt | Rest], SocketOptions, SshOptions) ->      handle_option(Rest, SocketOptions, [handle_ssh_option(Opt) | SshOptions]);  handle_option([{rekey_limit, _} = Opt|Rest], SocketOptions, SshOptions) ->      handle_option(Rest, SocketOptions, [handle_ssh_option(Opt) | SshOptions]); +handle_option([{max_sessions, _} = Opt|Rest], SocketOptions, SshOptions) -> +    handle_option(Rest, SocketOptions, [handle_ssh_option(Opt) | SshOptions]);  handle_option([{negotiation_timeout, _} = Opt|Rest], SocketOptions, SshOptions) ->      handle_option(Rest, SocketOptions, [handle_ssh_option(Opt) | SshOptions]);  handle_option([{parallel_login, _} = Opt|Rest], SocketOptions, SshOptions) -> @@ -366,6 +368,8 @@ handle_ssh_option({pref_public_key_algs, Value} = Opt) when is_list(Value), leng      end;  handle_ssh_option({connect_timeout, Value} = Opt) when is_integer(Value); Value == infinity ->      Opt; +handle_ssh_option({max_sessions, Value} = Opt) when is_integer(Value), Value>0 -> +    Opt;  handle_ssh_option({negotiation_timeout, Value} = Opt) when is_integer(Value); Value == infinity ->      Opt;  handle_ssh_option({parallel_login, Value} = Opt) when Value==true ; Value==false -> diff --git a/lib/ssh/src/ssh_acceptor.erl b/lib/ssh/src/ssh_acceptor.erl index e57b07cee8..7302196674 100644 --- a/lib/ssh/src/ssh_acceptor.erl +++ b/lib/ssh/src/ssh_acceptor.erl @@ -80,18 +80,36 @@ acceptor_loop(Callback, Port, Address, Opts, ListenSocket, AcceptTimeout) ->  				  ListenSocket, AcceptTimeout)      end. -handle_connection(_Callback, Address, Port, Options, Socket) -> +handle_connection(Callback, Address, Port, Options, Socket) ->      SystemSup = ssh_system_sup:system_supervisor(Address, Port), -    {ok, SubSysSup} = ssh_system_sup:start_subsystem(SystemSup, Options), -    ConnectionSup = ssh_subsystem_sup:connection_supervisor(SubSysSup), -    Timeout = proplists:get_value(negotiation_timeout,  -				  proplists:get_value(ssh_opts, Options, []), -				  2*60*1000), -    ssh_connection_handler:start_connection(server, Socket, -					    [{supervisors, [{system_sup, SystemSup}, -							    {subsystem_sup, SubSysSup}, -							    {connection_sup, ConnectionSup}]} -					     | Options], Timeout). +    SSHopts = proplists:get_value(ssh_opts, Options, []), +    MaxSessions = proplists:get_value(max_sessions,SSHopts,infinity), +    case number_of_connections(SystemSup) < MaxSessions of +	true -> +	    {ok, SubSysSup} = ssh_system_sup:start_subsystem(SystemSup, Options), +	    ConnectionSup = ssh_subsystem_sup:connection_supervisor(SubSysSup), +	    Timeout = proplists:get_value(negotiation_timeout, SSHopts, 2*60*1000), +	    ssh_connection_handler:start_connection(server, Socket, +						    [{supervisors, [{system_sup, SystemSup}, +								    {subsystem_sup, SubSysSup}, +								    {connection_sup, ConnectionSup}]} +						     | Options], Timeout); +	false -> +	    Callback:close(Socket), +	    IPstr = if is_tuple(Address) -> inet:ntoa(Address); +		     true -> Address +		  end, +	    Str = try io_lib:format('~s:~p',[IPstr,Port]) +		  catch _:_ -> "port "++integer_to_list(Port) +		  end, +	    error_logger:info_report("Ssh login attempt to "++Str++" denied due to option " +				     "max_sessions limits to "++ io_lib:write(MaxSessions) ++ +				     " sessions." +				     ), +	    {error,max_sessions} +    end. + +  handle_error(timeout) ->      ok; @@ -117,3 +135,10 @@ handle_error(Reason) ->      String = lists:flatten(io_lib:format("Accept error: ~p", [Reason])),      error_logger:error_report(String),      exit({accept_failed, String}).     + + +number_of_connections(SystemSup) -> +    length([X ||  +	       {R,X,supervisor,[ssh_subsystem_sup]} <- supervisor:which_children(SystemSup), +	       is_reference(R) +	  ]). | 
