1 files changed, 179 insertions, 56 deletions
diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index 86804c4436..fdb9d3b3e6 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2008-2013. All Rights Reserved.
+%% Copyright Ericsson AB 2008-2014. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -41,14 +41,16 @@
 	 global_request/4, send/5, send_eof/2, info/1, info/2,
 	 connection_info/2, channel_info/3,
 	 adjust_window/3, close/2, stop/1, renegotiate/1, renegotiate_data/1,
-	 start_connection/4]).
+	 start_connection/4,
+	 get_print_info/1]).
 
 %% gen_fsm callbacks
 -export([hello/2, kexinit/2, key_exchange/2, new_keys/2,
-	 userauth/2, connected/2]).
+	 userauth/2, connected/2,
+	 error/2]).
 
 -export([init/1, handle_event/3,
-	 handle_sync_event/4, handle_info/3, terminate/3, code_change/4]).
+	 handle_sync_event/4, handle_info/3, terminate/3, format_status/2, code_change/4]).
 
 -record(state, {
 	  role,
@@ -71,7 +73,8 @@
 	  connection_queue,
 	  address,
 	  port,
-	  opts
+	  opts,
+	  recbuf
 	 }). 
 
 -type state_name()           :: hello | kexinit | key_exchange | new_keys | userauth | connection.
@@ -103,12 +106,22 @@ start_connection(client = Role, Socket, Options, Timeout) ->
     end;
 
 start_connection(server = Role, Socket, Options, Timeout) ->
+    SSH_Opts = proplists:get_value(ssh_opts, Options, []),
     try
-	case proplists:get_value(parallel_login, Options, false) of
+	case proplists:get_value(parallel_login, SSH_Opts, false) of
 	    true ->
-		spawn(fun() -> start_server_connection(Role, Socket, Options, Timeout) end);
+		HandshakerPid = 
+		    spawn_link(fun() -> 
+				       receive
+					   {do_handshake, Pid} ->
+					       handshake(Pid, erlang:monitor(process,Pid), Timeout)
+				       end
+			       end),
+		ChildPid = start_the_connection_child(HandshakerPid, Role, Socket, Options),
+		HandshakerPid ! {do_handshake, ChildPid};
 	    false ->
-		start_server_connection(Role, Socket, Options, Timeout)
+		ChildPid = start_the_connection_child(self(), Role, Socket, Options),
+		handshake(ChildPid, erlang:monitor(process,ChildPid), Timeout)
 	end
     catch
 	exit:{noproc, _} ->
@@ -117,16 +130,14 @@ start_connection(server = Role, Socket, Options, Timeout) ->
 	    {error, Error}
     end.
 
-
-start_server_connection(server = Role, Socket, Options, Timeout) ->
+start_the_connection_child(UserPid, Role, Socket, Options) ->
     Sups = proplists:get_value(supervisors, Options),
     ConnectionSup = proplists:get_value(connection_sup, Sups),
-    Opts = [{supervisors, Sups}, {user_pid, self()} | proplists:get_value(ssh_opts, Options, [])],
+    Opts = [{supervisors, Sups}, {user_pid, UserPid} | proplists:get_value(ssh_opts, Options, [])],
     {ok, Pid} = ssh_connection_sup:start_child(ConnectionSup, [Role, Socket, Opts]),
     {_, Callback, _} =  proplists:get_value(transport, Options, {tcp, gen_tcp, tcp_closed}),
     socket_control(Socket, Pid, Callback),
-    Ref = erlang:monitor(process, Pid),
-    handshake(Pid, Ref, Timeout).
+    Pid.
 
 
 start_link(Role, Socket, Options) ->
@@ -162,9 +173,23 @@ init([Role, Socket, SshOpts]) ->
 			       State#state{ssh_params = Ssh})
     catch
 	_:Error ->
-	    gen_fsm:enter_loop(?MODULE, [], error, {Error, State0})
+	    gen_fsm:enter_loop(?MODULE, [], error, {Error, State})
     end.
 
+%% Temporary fix for the Nessus error.  SYN->   <-SYNACK  ACK->  RST-> ?
+error(_Event, {Error,State=#state{}}) ->
+    case Error of
+	{badmatch,{error,enotconn}} ->
+	    %% {error,enotconn} probably from inet:peername in
+	    %% init_ssh(server,..)/5 called from init/1
+	    {stop, {shutdown,"TCP connenction to server was prematurely closed by the client"}, State};
+	_ ->
+	    {stop, {shutdown,{init,Error}}, State}
+    end;
+error(Event, State) -> 
+    %% State deliberately not checked beeing #state. This is a panic-clause...
+    {stop, {shutdown,{init,{spurious_error,Event}}}, State}.
+
 %%--------------------------------------------------------------------
 -spec open_channel(pid(), string(), iodata(), integer(), integer(),
 		   timeout()) -> {open, channel_id()} | {error, term()}.
@@ -231,6 +256,9 @@ send_eof(ConnectionHandler, ChannelId) ->
 %%--------------------------------------------------------------------
 -spec connection_info(pid(), [atom()]) -> proplists:proplist().
 %%--------------------------------------------------------------------
+get_print_info(ConnectionHandler) ->
+    sync_send_all_state_event(ConnectionHandler, get_print_info, 1000).
+
 connection_info(ConnectionHandler, Options) ->
     sync_send_all_state_event(ConnectionHandler, {connection_info, Options}).
 
@@ -293,28 +321,39 @@ info(ConnectionHandler, ChannelProcess) ->
 hello(socket_control, #state{socket = Socket, ssh_params = Ssh} = State) ->
     VsnMsg = ssh_transport:hello_version_msg(string_version(Ssh)),
     send_msg(VsnMsg, State),
-    inet:setopts(Socket, [{packet, line}, {active, once}]),
-    {next_state, hello, State};
+    {ok, [{recbuf, Size}]} = inet:getopts(Socket, [recbuf]),
+    inet:setopts(Socket, [{packet, line}, {active, once}, {recbuf, ?MAX_PROTO_VERSION}]),
+    {next_state, hello, State#state{recbuf = Size}};
 
-hello({info_line, _Line},#state{socket = Socket} = State) ->
+hello({info_line, _Line},#state{role = client, socket = Socket} = State) ->
+    %% The server may send info lines before the version_exchange
     inet:setopts(Socket, [{active, once}]),
     {next_state, hello, State};
 
+hello({info_line, _Line},#state{role = server} = State) ->
+    DisconnectMsg =
+	#ssh_msg_disconnect{code =
+				?SSH_DISCONNECT_PROTOCOL_ERROR,
+			    description = "Did not receive expected protocol version exchange",
+			    language = "en"},
+    handle_disconnect(DisconnectMsg, State);
+
 hello({version_exchange, Version}, #state{ssh_params = Ssh0,
-					  socket = Socket} = State) ->
+					  socket = Socket,
+					  recbuf = Size} = State) ->
     {NumVsn, StrVsn} = ssh_transport:handle_hello_version(Version),
     case handle_version(NumVsn, StrVsn, Ssh0) of
 	{ok, Ssh1} ->
-	    inet:setopts(Socket, [{packet,0}, {mode,binary}, {active, once}]),
+	    inet:setopts(Socket, [{packet,0}, {mode,binary}, {active, once}, {recbuf, Size}]),
 	    {KeyInitMsg, SshPacket, Ssh} = ssh_transport:key_exchange_init_msg(Ssh1),
 	    send_msg(SshPacket, State),
 	    {next_state, kexinit, next_packet(State#state{ssh_params = Ssh,
 							  key_exchange_init_msg = 
 							  KeyInitMsg})};
 	not_supported ->
-	   DisconnectMsg =
+	    DisconnectMsg =
 		#ssh_msg_disconnect{code = 
-				    ?SSH_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED,
+					?SSH_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED,
 				    description = "Protocol version " ++  StrVsn 
 				    ++ " not supported",
 				    language = "en"},
@@ -530,7 +569,7 @@ connected({#ssh_msg_kexinit{}, _Payload} = Event, State) ->
 
 %%--------------------------------------------------------------------
 handle_event(#ssh_msg_disconnect{description = Desc} = DisconnectMsg, _StateName, #state{} = State) ->
-    handle_disconnect(DisconnectMsg, State),
+    handle_disconnect(peer, DisconnectMsg, State),
     {stop, {shutdown, Desc}, State};
 
 handle_event(#ssh_msg_ignore{}, StateName, State) ->
@@ -585,7 +624,7 @@ handle_event(renegotiate, connected, #state{ssh_params = Ssh0}
 			     renegotiate = true})};
 
 handle_event(renegotiate, StateName, State) ->
-    timer:apply_after(?REKEY_TIMOUT, gen_fsm, send_all_state_event, [self(), renegotiatie]),
+    timer:apply_after(?REKEY_TIMOUT, gen_fsm, send_all_state_event, [self(), renegotiate]),
     %% Allready in keyexcahange so ignore
     {next_state, StateName, State};
 
@@ -738,6 +777,20 @@ handle_sync_event({recv_window, ChannelId}, _From, StateName,
 	    end,
     {reply, Reply, StateName, next_packet(State)};
 
+handle_sync_event(get_print_info, _From, StateName, State) ->
+    Reply =
+	try
+	    {inet:sockname(State#state.socket),
+	     inet:peername(State#state.socket)
+	    }
+	of
+	    {{ok,Local}, {ok,Remote}} -> {{Local,Remote},io_lib:format("statename=~p",[StateName])};
+	    _ -> {{"-",0},"-"}
+	catch
+	    _:_ -> {{"?",0},"?"}
+	end,
+    {reply, Reply, StateName, State};
+
 handle_sync_event({connection_info, Options}, _From, StateName, State) ->
     Info = ssh_info(Options, State, []),
     {reply, Info, StateName, State};
@@ -916,6 +969,10 @@ terminate(normal, _, #state{transport_cb = Transport,
     (catch Transport:close(Socket)),
     ok;
 
+terminate({shutdown,{init,Reason}}, StateName, State) ->
+    error_logger:info_report(io_lib:format("Erlang ssh in connection handler init: ~p~n",[Reason])),
+    terminate(normal, StateName, State);
+
 %% Terminated by supervisor
 terminate(shutdown, StateName, #state{ssh_params = Ssh0} = State) ->
     DisconnectMsg = 
@@ -931,8 +988,10 @@ terminate({shutdown, #ssh_msg_disconnect{} = Msg}, StateName,
      {SshPacket, Ssh} = ssh_transport:ssh_packet(Msg, Ssh0),
     send_msg(SshPacket, State),
      terminate(normal, StateName, State#state{ssh_params = Ssh});
+
 terminate({shutdown, _}, StateName, State) ->
     terminate(normal, StateName, State);
+
 terminate(Reason, StateName, #state{ssh_params = Ssh0, starter = _Pid,
 				   connection_state = Connection} = State) ->
     terminate_subsytem(Connection),
@@ -945,12 +1004,43 @@ terminate(Reason, StateName, #state{ssh_params = Ssh0, starter = _Pid,
     send_msg(SshPacket, State),
     terminate(normal, StateName, State#state{ssh_params = Ssh}).
 
+
 terminate_subsytem(#connection{system_supervisor = SysSup,
 			       sub_system_supervisor = SubSysSup}) when is_pid(SubSysSup) ->
     ssh_system_sup:stop_subsystem(SysSup, SubSysSup);
 terminate_subsytem(_) ->
     ok.
 
+format_status(normal, [_, State]) ->
+    [{data, [{"StateData", State}]}]; 
+format_status(terminate, [_, State]) ->
+    SshParams0 = (State#state.ssh_params),
+    SshParams = SshParams0#ssh{c_keyinit = "***",
+			       s_keyinit = "***",
+			       send_mac_key = "***",
+			       send_mac_size =  "***",
+			       recv_mac_key = "***",
+			       recv_mac_size = "***",
+			       encrypt_keys = "***",
+			       encrypt_ctx = "***",
+			       decrypt_keys = "***",
+			       decrypt_ctx = "***",
+			       compress_ctx = "***",
+			       decompress_ctx = "***",
+			       shared_secret =  "***",
+			       exchanged_hash =  "***",
+			       session_id =  "***", 
+			       keyex_key =  "***", 
+			       keyex_info = "***", 
+			       available_host_keys = "***"},
+    [{data, [{"StateData", State#state{decoded_data_buffer = "***",
+				       encoded_data_buffer =  "***",
+				       key_exchange_init_msg = "***",
+				       opts =  "***",
+				       recbuf =  "***",
+				       ssh_params = SshParams
+				      }}]}].
+
 %%--------------------------------------------------------------------
 -spec code_change(OldVsn::term(), state_name(), Oldstate::term(), Extra::term()) ->
 			 {ok, state_name(), #state{}}.
@@ -1111,7 +1201,10 @@ send_all_state_event(FsmPid, Event) ->
     gen_fsm:send_all_state_event(FsmPid, Event).
 
 sync_send_all_state_event(FsmPid, Event) ->
-    try gen_fsm:sync_send_all_state_event(FsmPid, Event, infinity)
+    sync_send_all_state_event(FsmPid, Event, infinity).
+
+sync_send_all_state_event(FsmPid, Event, Timeout) ->
+    try gen_fsm:sync_send_all_state_event(FsmPid, Event, Timeout)
     catch
 	exit:{noproc, _} ->
 	    {error, closed};
@@ -1206,15 +1299,25 @@ generate_event(<<?BYTE(Byte), _/binary>> = Msg, StateName,
     end;
 
 generate_event(Msg, StateName, State0, EncData) ->
-    Event = ssh_message:decode(Msg),
-    State = generate_event_new_state(State0, EncData),
-    case Event of
-	#ssh_msg_kexinit{} ->
-	    %% We need payload for verification later.
-	    event({Event, Msg}, StateName, State);
-	_ ->
-	    event(Event, StateName, State)
-    end.
+    try 
+	Event = ssh_message:decode(Msg),
+	State = generate_event_new_state(State0, EncData),
+	case Event of
+	    #ssh_msg_kexinit{} ->
+		%% We need payload for verification later.
+		event({Event, Msg}, StateName, State);
+	    _ ->
+		event(Event, StateName, State)
+	end
+    catch 
+	_:_  ->
+	    DisconnectMsg =
+		#ssh_msg_disconnect{code = ?SSH_DISCONNECT_PROTOCOL_ERROR, 
+				    description = "Encountered unexpected input",
+				    language = "en"},
+	    handle_disconnect(DisconnectMsg, State0)   
+    end.		
+	    
 
 
 handle_request(ChannelPid, ChannelId, Type, Data, WantReply, From,
@@ -1372,37 +1475,57 @@ handle_ssh_packet(Length, StateName, #state{decoded_data_buffer = DecData0,
 					    ssh_params = Ssh0,
 					    transport_protocol = _Protocol,
 					    socket = _Socket} = State0) ->
-    {Ssh1, DecData, EncData, Mac} = 
-	ssh_transport:unpack(EncData0, Length, Ssh0),
-    SshPacket = <<DecData0/binary, DecData/binary>>,
-    case ssh_transport:is_valid_mac(Mac, SshPacket, Ssh1) of
-	true ->
-	    PacketData = ssh_transport:msg_data(SshPacket),
-	    {Ssh1, Msg} = ssh_transport:decompress(Ssh1, PacketData),
-	    generate_event(Msg, StateName, 
-			   State0#state{ssh_params = Ssh1,
-					%% Important to be set for
-					%% next_packet
-					decoded_data_buffer = <<>>}, EncData);
-	false ->
-	    DisconnectMsg = 
+    try 
+	{Ssh1, DecData, EncData, Mac} = 
+	    ssh_transport:unpack(EncData0, Length, Ssh0),
+	SshPacket = <<DecData0/binary, DecData/binary>>,
+	case ssh_transport:is_valid_mac(Mac, SshPacket, Ssh1) of
+	    true ->
+		PacketData = ssh_transport:msg_data(SshPacket),
+		{Ssh1, Msg} = ssh_transport:decompress(Ssh1, PacketData),
+		generate_event(Msg, StateName, 
+			       State0#state{ssh_params = Ssh1,
+					    %% Important to be set for
+					    %% next_packet
+					    decoded_data_buffer = <<>>},
+			       EncData);
+	    false ->
+		DisconnectMsg = 
+		    #ssh_msg_disconnect{code = ?SSH_DISCONNECT_PROTOCOL_ERROR,
+					description = "Bad mac",
+					language = "en"},
+		handle_disconnect(DisconnectMsg, State0)
+	end
+    catch _:_ ->
+	    Disconnect = 
 		#ssh_msg_disconnect{code = ?SSH_DISCONNECT_PROTOCOL_ERROR,
-				    description = "Bad mac",
+				    description = "Bad input",
 				    language = "en"},
-	    handle_disconnect(DisconnectMsg, State0)
-    end.
+	    handle_disconnect(Disconnect, State0) 
+    end.  
+
+
+handle_disconnect(DisconnectMsg, State) ->
+    handle_disconnect(own, DisconnectMsg, State).
 
-handle_disconnect(#ssh_msg_disconnect{description = Desc} = Msg, #state{connection_state = Connection0,
-									role = Role} = State0) ->
+handle_disconnect(#ssh_msg_disconnect{} = DisconnectMsg, State, Error) ->
+    handle_disconnect(own, DisconnectMsg, State, Error);
+handle_disconnect(Type,  #ssh_msg_disconnect{description = Desc} = Msg, #state{connection_state = Connection0,									role = Role} = State0) ->
     {disconnect, _, {{replies, Replies}, Connection}} = ssh_connection:handle_msg(Msg, Connection0, Role),
-    State = send_replies(Replies, State0),
+    State = send_replies(disconnect_replies(Type, Msg, Replies), State0),
     {stop, {shutdown, Desc}, State#state{connection_state = Connection}}.
-handle_disconnect(#ssh_msg_disconnect{description = Desc} = Msg, #state{connection_state = Connection0,
-									role = Role} = State0, ErrorMsg) ->
+
+handle_disconnect(Type, #ssh_msg_disconnect{description = Desc} = Msg, #state{connection_state = Connection0,
+									      role = Role} = State0, ErrorMsg) ->
     {disconnect, _, {{replies, Replies}, Connection}} = ssh_connection:handle_msg(Msg, Connection0, Role),
-    State = send_replies(Replies, State0),
+    State = send_replies(disconnect_replies(Type, Msg, Replies), State0),
     {stop, {shutdown, {Desc, ErrorMsg}}, State#state{connection_state = Connection}}.
 
+disconnect_replies(own, Msg, Replies) ->
+    [{connection_reply, Msg} | Replies];
+disconnect_replies(peer, _, Replies) ->
+    Replies.
+
 counterpart_versions(NumVsn, StrVsn, #ssh{role = server} = Ssh) ->
     Ssh#ssh{c_vsn = NumVsn , c_version = StrVsn};
 counterpart_versions(NumVsn, StrVsn, #ssh{role = client} = Ssh) ->