diff options
| author | Hans Nilsson <[email protected]> | 2015-06-30 22:33:27 +0200 |
|---|---|---|
| committer | Hans Nilsson <[email protected]> | 2015-08-03 10:32:09 +0200 |
| commit | 67e156b0472b06a04fd5b1b8ab830efc22e4466d (patch) | |
| tree | 9fa9a546a263daa86602f37d1bf966d51938c9d5 /lib/ssh/test/ssh_basic_SUITE.erl | |
| parent | 98647fcc1632f60871adee20031e294e5d5b6eb0 (diff) | |
| download | otp-67e156b0472b06a04fd5b1b8ab830efc22e4466d.tar.gz otp-67e156b0472b06a04fd5b1b8ab830efc22e4466d.tar.bz2 otp-67e156b0472b06a04fd5b1b8ab830efc22e4466d.zip | |
ssh: Repair/add experimental diffie-hellman-group-exchange-sha1 support
DO NOT USE IN PRODUCTION!!!
This is a bug fixing of the previously partly impelmented kex algorithm.
There are more things to do, for example genrate/select better g,p pair obeying the min||n||max request.
It is not enabled by default, but may be enabled with the option
{preferred_algorithms, [{kex, ['diffie-hellman-group-exchange-sha1']}]}
Diffstat (limited to 'lib/ssh/test/ssh_basic_SUITE.erl')
| -rw-r--r-- | lib/ssh/test/ssh_basic_SUITE.erl | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/lib/ssh/test/ssh_basic_SUITE.erl b/lib/ssh/test/ssh_basic_SUITE.erl index bf9fe54c57..c71463db30 100644 --- a/lib/ssh/test/ssh_basic_SUITE.erl +++ b/lib/ssh/test/ssh_basic_SUITE.erl @@ -42,6 +42,7 @@ suite() -> all() -> [app_test, appup_test, + {group, 'diffie-hellman-group-exchange-sha1'}, {group, dsa_key}, {group, rsa_key}, {group, dsa_pass_key}, @@ -92,6 +93,8 @@ groups() -> max_sessions_sftp_start_channel_parallel, max_sessions_sftp_start_channel_sequential ]}, + {'diffie-hellman-group-exchange-sha1', [], ['diffie-hellman-group-exchange-sha1' + ]}, {dir_options, [], [user_dir_option, system_dir_option]} ]. @@ -146,6 +149,17 @@ init_per_group(internal_error, Config) -> ssh_test_lib:setup_dsa(DataDir, PrivDir), file:delete(filename:join(PrivDir, "system/ssh_host_dsa_key")), Config; +init_per_group('diffie-hellman-group-exchange-sha1', Config) -> + case lists:member('diffie-hellman-group-exchange-sha1', + ssh_transport:supported_algorithms(kex)) of + true -> + DataDir = ?config(data_dir, Config), + PrivDir = ?config(priv_dir, Config), + ssh_test_lib:setup_rsa(DataDir, PrivDir), + Config; + false -> + {skip,"diffie-hellman-group-exchange-sha1 is not supported"} + end; init_per_group(dir_options, Config) -> PrivDir = ?config(priv_dir, Config), %% Make unreadable dir: @@ -818,6 +832,43 @@ ssh_msg_debug_fun_option_client(Config) -> end. %%-------------------------------------------------------------------- +'diffie-hellman-group-exchange-sha1'(Config) -> + process_flag(trap_exit, true), + SystemDir = filename:join(?config(priv_dir, Config), system), + UserDir = ?config(priv_dir, Config), + + {Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir}, + {user_dir, UserDir}, + {user_passwords, [{"foo", "bar"}]}, + {preferred_algorithms, + [{kex, ['diffie-hellman-group-exchange-sha1']}]}, + {failfun, fun ssh_test_lib:failfun/2}]), + + ConnectionRef = + ssh_test_lib:connect(Host, Port, [{silently_accept_hosts, true}, + {user, "foo"}, + {password, "bar"}, + {user_dir, UserDir}, + {preferred_algorithms, + [{kex, ['diffie-hellman-group-exchange-sha1']}]}, + {user_interaction, false}]), + check(ConnectionRef, Pid). + +check(ConnectionRef, Pid) -> + {ok, ChannelId} = ssh_connection:session_channel(ConnectionRef, infinity), + success = ssh_connection:exec(ConnectionRef, ChannelId, + "1+1.", infinity), + Data = {ssh_cm, ConnectionRef, {data, ChannelId, 0, <<"2\n">>}}, + case ssh_test_lib:receive_exec_result(Data) of + expected -> + ok; + Other -> + ct:fail(Other) + end, + ssh_test_lib:receive_exec_end(ConnectionRef, ChannelId), + ssh:stop_daemon(Pid). + +%%-------------------------------------------------------------------- connectfun_disconnectfun_server(Config) -> PrivDir = ?config(priv_dir, Config), UserDir = filename:join(PrivDir, nopubkey), % to make sure we don't use public-key-auth |