Merge branch 'maint' into hans/ssh/ssh_dbg_hostkey/OTP-14658

6 files changed, 73 insertions, 12 deletions

diff --git a/lib/ssh/doc/src/notes.xml b/lib/ssh/doc/src/notes.xml
index 4ba75b761f..ef3e94a1e1 100644
--- a/lib/ssh/doc/src/notes.xml
+++ b/lib/ssh/doc/src/notes.xml
@@ -30,6 +30,34 @@
     <file>notes.xml</file>
   </header>
 
+<section><title>Ssh 4.6.1</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Fixed broken printout</p>
+          <p>
+	    Own Id: OTP-14645</p>
+        </item>
+      </list>
+    </section>
+
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Disable aes_gcm ciphers if peer is OpenSSH 6.2 which is
+	    known to have trouble with them in some cases.</p>
+          <p>
+	    Own Id: OTP-14638</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Ssh 4.6</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index 8d3ddb09a4..4158a52a27 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -1357,6 +1357,7 @@ handle_event(info, UnexpectedMessage, StateName, D = #data{ssh_params = Ssh}) ->
 	report ->
 	    Msg = lists:flatten(
 		    io_lib:format(
+                      "*** SSH: "
 		      "Unexpected message '~p' received in state '~p'\n"
 		      "Role: ~p\n"
 		      "Peer: ~p\n"
@@ -1365,7 +1366,7 @@ handle_event(info, UnexpectedMessage, StateName, D = #data{ssh_params = Ssh}) ->
                        StateName,
                        Ssh#ssh.role, 
                        Ssh#ssh.peer,
-                       ?GET_INTERNAL_OPT(address, Ssh#ssh.opts)])),
+                       ?GET_INTERNAL_OPT(address, Ssh#ssh.opts, undefined)])),
 	    error_logger:info_report(Msg),
 	    keep_state_and_data;
 
@@ -1374,7 +1375,8 @@ handle_event(info, UnexpectedMessage, StateName, D = #data{ssh_params = Ssh}) ->
 
 	Other ->
 	    Msg = lists:flatten(
-		    io_lib:format("Call to fun in 'unexpectedfun' failed:~n"
+		    io_lib:format("*** SSH: "
+                                  "Call to fun in 'unexpectedfun' failed:~n"
 				  "Return: ~p\n"
 				  "Message: ~p\n"
 				  "Role: ~p\n"
@@ -1383,8 +1385,8 @@ handle_event(info, UnexpectedMessage, StateName, D = #data{ssh_params = Ssh}) ->
                                   [Other,
                                    UnexpectedMessage,
                                    Ssh#ssh.role,
-                                   element(2,Ssh#ssh.peer),
-                                   ?GET_INTERNAL_OPT(address, Ssh#ssh.opts)]
+                                   Ssh#ssh.peer,
+                                   ?GET_INTERNAL_OPT(address, Ssh#ssh.opts, undefined)]
 				 )),
 	    error_logger:error_report(Msg),
 	    keep_state_and_data
diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl
index b382f2cfa2..46154cf536 100644
--- a/lib/ssh/src/ssh_transport.erl
+++ b/lib/ssh/src/ssh_transport.erl
@@ -251,9 +251,9 @@ key_exchange_init_msg(Ssh0) ->
     {SshPacket, Ssh} = ssh_packet(Msg, Ssh0),
     {Msg, SshPacket, Ssh}.
 
-kex_init(#ssh{role = Role, opts = Opts, available_host_keys = HostKeyAlgs}) ->
+kex_init(#ssh{role = Role, opts = Opts, available_host_keys = HostKeyAlgs} = Ssh) ->
     Random = ssh_bits:random(16),
-    PrefAlgs = ?GET_OPT(preferred_algorithms, Opts),
+    PrefAlgs = adjust_algs_for_peer_version(Role, ?GET_OPT(preferred_algorithms, Opts), Ssh),
     kexinit_message(Role, Random, PrefAlgs, HostKeyAlgs, Opts).
 
 key_init(client, Ssh, Value) ->
@@ -261,7 +261,22 @@ key_init(client, Ssh, Value) ->
 key_init(server, Ssh, Value) ->
     Ssh#ssh{s_keyinit = Value}.
 
-
+adjust_algs_for_peer_version(client, PrefAlgs, #ssh{s_version=V}) ->
+    adjust_algs_for_peer_version(V, PrefAlgs);
+adjust_algs_for_peer_version(server, PrefAlgs, #ssh{c_version=V}) ->
+    adjust_algs_for_peer_version(V, PrefAlgs).
+%%
+adjust_algs_for_peer_version("SSH-2.0-OpenSSH_6.2"++_, PrefAlgs) ->
+    C0 = proplists:get_value(cipher, PrefAlgs, same([])),
+    C = [{D,L} || D <- [client2server, server2client],
+                  L <- [[K || K <- proplists:get_value(D, C0, []),
+                              K =/= '[email protected]',
+                              K =/= '[email protected]']]
+        ],
+    lists:keyreplace(cipher, 1, PrefAlgs, {cipher,C});
+adjust_algs_for_peer_version(_, PrefAlgs) ->
+    PrefAlgs.
+    
 kexinit_message(Role, Random, Algs, HostKeyAlgs, Opts) ->
     #ssh_msg_kexinit{
 		  cookie = Random,
diff --git a/lib/ssh/test/Makefile b/lib/ssh/test/Makefile
index 32e76cf077..5ea048a352 100644
--- a/lib/ssh/test/Makefile
+++ b/lib/ssh/test/Makefile
@@ -39,6 +39,7 @@ MODULES= \
 	ssh_bench_SUITE \
 	ssh_connection_SUITE \
 	ssh_protocol_SUITE \
+	ssh_property_test_SUITE \
 	ssh_sftp_SUITE \
 	ssh_sftpd_SUITE \
 	ssh_sftpd_erlclient_SUITE \
diff --git a/lib/ssh/test/ssh_bench_SUITE.erl b/lib/ssh/test/ssh_bench_SUITE.erl
index 2c0cd8fc8e..cd0fe23f4a 100644
--- a/lib/ssh/test/ssh_bench_SUITE.erl
+++ b/lib/ssh/test/ssh_bench_SUITE.erl
@@ -57,12 +57,15 @@ init_per_suite(Config) ->
         ok ->
             DataSize = 1000000,
             SystemDir = proplists:get_value(data_dir, Config),
-            Algs = insert_none(ssh:default_algorithms()),
+%%%            Algs = insert_none(ssh:default_algorithms()),
+            Algs = ssh:default_algorithms(),
             {_ServerPid, _Host, Port} =
                 ssh_test_lib:daemon([{system_dir, SystemDir},
                                      {user_passwords, [{?UID,?PWD}]},
                                      {failfun, fun ssh_test_lib:failfun/2},
                                      {preferred_algorithms, Algs},
+                                     {modify_algorithms,[{prepend,[{cipher,[none]},
+                                                                   {mac,[none]}]}]},
                                      {max_random_length_padding, 0},
                                      {subsystems, [{"/dev/null", {ssh_bench_dev_null,[DataSize]}}]}
                                     ]),
@@ -175,11 +178,23 @@ gen_data(DataSz) ->
 %%              {suite, ?MODULE},
 %%              {name, mk_name(["Transfer 1M bytes ",Cipher,"/",Mac," [µs]"])}]);
 connect_measure(Port, Cipher, Mac, Data, Options) ->
+    AlgOpt = case {Cipher,Mac} of
+                 {none,none} ->
+                     [{modify_algorithms,[{prepend, [{cipher,[Cipher]},
+                                                     {mac,[Mac]}]}]}];
+                 {none,_} ->
+                     [{modify_algorithms,[{prepend, [{cipher,[Cipher]}]}]},
+                      {preferred_algorithms, [{mac,[Mac]}]}];
+                 {_,none} ->
+                     [{modify_algorithms,[{prepend, [{mac,[Mac]}]}]},
+                      {preferred_algorithms, [{cipher,[Cipher]}]}];
+                 _ ->
+                     [{preferred_algorithms, [{cipher,[Cipher]},
+                                              {mac,[Mac]}]}]
+             end,
     Times =
         [begin
-             {ok,C} = ssh:connect("localhost", Port, [{preferred_algorithms, [{cipher,[Cipher]},
-                                                                              {mac,[Mac]}]}
-                                                      |Options]),
+             {ok,C} = ssh:connect("localhost", Port, AlgOpt ++ Options),
              {ok,Ch} = ssh_connection:session_channel(C, 10000),
              success = ssh_connection:subsystem(C, Ch, "/dev/null", 10000),
              {Time,ok} = timer:tc(?MODULE, send_wait_acc, [C, Ch, Data]),
diff --git a/lib/ssh/vsn.mk b/lib/ssh/vsn.mk
index c201e70d82..5154658e8a 100644
--- a/lib/ssh/vsn.mk
+++ b/lib/ssh/vsn.mk
@@ -1,5 +1,5 @@
 #-*-makefile-*-   ; force emacs to enter makefile-mode
 
-SSH_VSN = 4.6
+SSH_VSN = 4.6.1
 
 APP_VSN    = "ssh-$(SSH_VSN)"