Support SSH key callback module options

This patch allows extra callback options to be passed to the module
implementing the SSH callback module behaviour.

A module implementing the SSH key callback API is used to customize
the handling of public key. This patch allows extra callback options
to be passed to the module implementing the SSH callback module
behaviour.

The key_cb option has been changed:

  {key_cb, atom()} -> {key_cb, key_cb()}

  Where:
	key_cb() :: atom() | {atom(), list()}

The callback options, if specified, is made available to the callback
module via the options passed to it under the key 'key_cb_private'.

More details and some backgorund is available here[1].

[1]: http://erlang.org/pipermail/erlang-patches/2015-November/004800.html

4 files changed, 156 insertions, 2 deletions

diff --git a/lib/ssh/test/Makefile b/lib/ssh/test/Makefile
index 96c74c6c8a..781a876723 100644
--- a/lib/ssh/test/Makefile
+++ b/lib/ssh/test/Makefile
@@ -47,6 +47,8 @@ MODULES= \
 	ssh_to_openssh_SUITE \
 	ssh_upgrade_SUITE \
 	ssh_test_lib \
+	ssh_key_cb \
+	ssh_key_cb_options \
 	ssh_trpt_test_lib \
 	ssh_echo_server \
 	ssh_peername_sockname_server \
diff --git a/lib/ssh/test/ssh_basic_SUITE.erl b/lib/ssh/test/ssh_basic_SUITE.erl
index 0a5964c560..d4cb03f2f2 100644
--- a/lib/ssh/test/ssh_basic_SUITE.erl
+++ b/lib/ssh/test/ssh_basic_SUITE.erl
@@ -54,8 +54,10 @@
 	 send/1,
 	 shell/1,
 	 shell_no_unicode/1,
-	 shell_unicode_string/1, 
-	 ssh_info_print/1
+	 shell_unicode_string/1,
+	 ssh_info_print/1,
+	 key_callback/1,
+	 key_callback_options/1
 	]).
 
 %%% Common test callbacks
@@ -84,6 +86,7 @@ all() ->
      {group, ecdsa_sha2_nistp521_key},
      {group, dsa_pass_key},
      {group, rsa_pass_key},
+     {group, key_cb},
      {group, internal_error},
      daemon_already_started,
      double_close,
@@ -101,6 +104,7 @@ groups() ->
      {ecdsa_sha2_nistp521_key, [], basic_tests()},
      {dsa_pass_key, [], [pass_phrase]},
      {rsa_pass_key, [], [pass_phrase]},
+     {key_cb, [], [key_callback, key_callback_options]},
      {internal_error, [], [internal_error]}
     ].
 
@@ -180,6 +184,11 @@ init_per_group(dsa_pass_key, Config) ->
     PrivDir = ?config(priv_dir, Config),
     ssh_test_lib:setup_dsa_pass_pharse(DataDir, PrivDir, "Password"),
     [{pass_phrase, {dsa_pass_phrase, "Password"}}| Config];
+init_per_group(key_cb, Config) ->
+    DataDir = ?config(data_dir, Config),
+    PrivDir = ?config(priv_dir, Config),
+    ssh_test_lib:setup_dsa(DataDir, PrivDir),
+    Config;
 init_per_group(internal_error, Config) ->
     DataDir = ?config(data_dir, Config),
     PrivDir = ?config(priv_dir, Config),
@@ -247,6 +256,10 @@ end_per_group(rsa_pass_key, Config) ->
     PrivDir = ?config(priv_dir, Config),
     ssh_test_lib:clean_rsa(PrivDir),
     Config;
+end_per_group(key_cb, Config) ->
+    PrivDir = ?config(priv_dir, Config),
+    ssh_test_lib:clean_dsa(PrivDir),
+    Config;
 end_per_group(internal_error, Config) ->
     PrivDir = ?config(priv_dir, Config),
     ssh_test_lib:clean_dsa(PrivDir),
@@ -575,6 +588,56 @@ pass_phrase(Config) when is_list(Config) ->
     {ok, _ChannelId} = ssh_connection:session_channel(ConnectionRef, infinity),
     ssh:stop_daemon(Pid).
 
+%%--------------------------------------------------------------------
+%%% Test that we can use key callback
+key_callback(Config) when is_list(Config) ->
+    process_flag(trap_exit, true),
+    SystemDir = filename:join(?config(priv_dir, Config), system),
+    UserDir = ?config(priv_dir, Config),
+    NoPubKeyDir = filename:join(UserDir, "nopubkey"),
+    file:make_dir(NoPubKeyDir),
+
+    {Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir},
+					     {user_dir, UserDir},
+					     {failfun, fun ssh_test_lib:failfun/2}]),
+
+    ConnectOpts = [{silently_accept_hosts, true},
+                   {user_dir, NoPubKeyDir},
+                   {user_interaction, false},
+                   {key_cb, ssh_key_cb}],
+
+    ConnectionRef = ssh_test_lib:connect(Host, Port, ConnectOpts),
+
+    {ok, _ChannelId} = ssh_connection:session_channel(ConnectionRef, infinity),
+    ssh:stop_daemon(Pid).
+
+
+%%--------------------------------------------------------------------
+%%% Test that we can use key callback with callback options
+key_callback_options(Config) when is_list(Config) ->
+    process_flag(trap_exit, true),
+    SystemDir = filename:join(?config(priv_dir, Config), system),
+    UserDir = ?config(priv_dir, Config),
+
+    NoPubKeyDir = filename:join(UserDir, "nopubkey"),
+    file:make_dir(NoPubKeyDir),
+
+    {Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir},
+                                             {user_dir, UserDir},
+                                             {failfun, fun ssh_test_lib:failfun/2}]),
+
+    {ok, PrivKey} = file:read_file(filename:join(UserDir, "id_dsa")),
+
+    ConnectOpts = [{silently_accept_hosts, true},
+                   {user_dir, NoPubKeyDir},
+                   {user_interaction, false},
+                   {key_cb, {ssh_key_cb_options, [{priv_key, PrivKey}]}}],
+
+    ConnectionRef = ssh_test_lib:connect(Host, Port, ConnectOpts),
+
+    {ok, _ChannelId} = ssh_connection:session_channel(ConnectionRef, infinity),
+    ssh:stop_daemon(Pid).
+
 
 %%--------------------------------------------------------------------
 %%% Test that client does not hang if disconnects due to internal error
diff --git a/lib/ssh/test/ssh_key_cb.erl b/lib/ssh/test/ssh_key_cb.erl
new file mode 100644
index 0000000000..388ec2ecc1
--- /dev/null
+++ b/lib/ssh/test/ssh_key_cb.erl
@@ -0,0 +1,45 @@
+%%
+%% %CopyrightBegin%
+%%
+%% Copyright Ericsson AB 2015. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%
+%% %CopyrightEnd%
+%%
+
+%%
+%%----------------------------------------------------------------------
+
+%% Note: This module is used by ssh_basic_SUITE
+
+-module(ssh_key_cb).
+-behaviour(ssh_client_key_api).
+-compile(export_all).
+
+add_host_key(_, _, _) ->
+    ok.
+
+is_host_key(_, _, _, _) ->
+    true.
+
+user_key('ssh-dss', Opts) ->
+    UserDir = proplists:get_value(user_dir, Opts),
+    KeyFile = filename:join(filename:dirname(UserDir), "id_dsa"),
+    {ok, KeyBin} = file:read_file(KeyFile),
+    [Entry] = public_key:pem_decode(KeyBin),
+    Key = public_key:pem_entry_decode(Entry),
+    {ok, Key};
+
+user_key(_Alg, _Opt) ->
+    {error, "Not Supported"}.
diff --git a/lib/ssh/test/ssh_key_cb_options.erl b/lib/ssh/test/ssh_key_cb_options.erl
new file mode 100644
index 0000000000..afccb34f0f
--- /dev/null
+++ b/lib/ssh/test/ssh_key_cb_options.erl
@@ -0,0 +1,44 @@
+%%
+%% %CopyrightBegin%
+%%
+%% Copyright Ericsson AB 2015. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%
+%% %CopyrightEnd%
+%%
+
+%%
+%%----------------------------------------------------------------------
+
+%% Note: This module is used by ssh_basic_SUITE
+
+-module(ssh_key_cb_options).
+-behaviour(ssh_client_key_api).
+-compile(export_all).
+
+add_host_key(_, _, _) ->
+    ok.
+
+is_host_key(_, _, _, _) ->
+    true.
+
+user_key('ssh-dss', Opts) ->
+    KeyCbOpts = proplists:get_value(key_cb_private, Opts),
+    KeyBin = proplists:get_value(priv_key, KeyCbOpts),
+    [Entry] = public_key:pem_decode(KeyBin),
+    Key = public_key:pem_entry_decode(Entry),
+    {ok, Key};
+
+user_key(_Alg, _Opt) ->
+    {error, "Not Supported"}.