1 files changed, 64 insertions, 57 deletions
diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index 65208ae158..3bdca4ba94 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -33,7 +33,7 @@
 -include("ssh_transport.hrl").
 -include("ssh_auth.hrl").
 -include("ssh_connect.hrl").
-
+-compile(export_all).
 -export([start_link/3]).
 
 %% Internal application API
@@ -333,22 +333,25 @@ info(ConnectionHandler, ChannelProcess) ->
 hello(socket_control, #state{socket = Socket, ssh_params = Ssh} = State) ->
     VsnMsg = ssh_transport:hello_version_msg(string_version(Ssh)),
     send_msg(VsnMsg, State),
-    {ok, [{recbuf, Size}]} = inet:getopts(Socket, [recbuf]),
-    inet:setopts(Socket, [{packet, line}, {active, once}, {recbuf, ?MAX_PROTO_VERSION}]),
-    {next_state, hello, State#state{recbuf = Size}};
+    case getopt(recbuf, Socket) of
+	{ok, Size} ->
+	    inet:setopts(Socket, [{packet, line}, {active, once}, {recbuf, ?MAX_PROTO_VERSION}]),
+	    {next_state, hello, State#state{recbuf = Size}};
+	{error, Reason} ->
+	    {stop, {shutdown, Reason}, State}
+    end;
 
 hello({info_line, _Line},#state{role = client, socket = Socket} = State) ->
     %% The server may send info lines before the version_exchange
     inet:setopts(Socket, [{active, once}]),
     {next_state, hello, State};
 
-hello({info_line, _Line},#state{role = server} = State) ->
-    DisconnectMsg =
-	#ssh_msg_disconnect{code =
-				?SSH_DISCONNECT_PROTOCOL_ERROR,
-			    description = "Did not receive expected protocol version exchange",
-			    language = "en"},
-    handle_disconnect(DisconnectMsg, State);
+hello({info_line, _Line},#state{role = server,
+				socket = Socket,
+				transport_cb = Transport } = State) ->
+    %% as openssh
+    Transport:send(Socket, "Protocol mismatch."),
+    {stop, {shutdown,"Protocol mismatch in version exchange."}, State};
 
 hello({version_exchange, Version}, #state{ssh_params = Ssh0,
 					  socket = Socket,
@@ -501,10 +504,21 @@ userauth(#ssh_msg_userauth_info_request{} = Msg,
     {next_state, userauth, next_packet(State#state{ssh_params = Ssh})};
 
 userauth(#ssh_msg_userauth_info_response{} = Msg, 
-	 #state{ssh_params = #ssh{role = server} = Ssh0} = State) ->
-    {ok, {Reply, Ssh}} = ssh_auth:handle_userauth_info_response(Msg, Ssh0),
-    send_msg(Reply, State),
-    {next_state, userauth, next_packet(State#state{ssh_params = Ssh})};
+	 #state{ssh_params = #ssh{role = server,
+				  peer = {_, Address}} = Ssh0,
+		opts = Opts, starter = Pid} = State) ->
+    case ssh_auth:handle_userauth_info_response(Msg, Ssh0) of
+	{authorized, User, {Reply, Ssh}} ->
+	    send_msg(Reply, State),
+	    Pid ! ssh_connected,
+	    connected_fun(User, Address, "keyboard-interactive", Opts),
+	    {next_state, connected, 
+	     next_packet(State#state{auth_user = User, ssh_params = Ssh})};
+	{not_authorized, {User, Reason}, {Reply, Ssh}} ->
+	    retry_fun(User, Address, Reason, Opts),
+	    send_msg(Reply, State),
+	    {next_state, userauth, next_packet(State#state{ssh_params = Ssh})} 
+    end;
 			
 userauth(#ssh_msg_userauth_success{}, #state{ssh_params = #ssh{role = client} = Ssh,
 					     starter = Pid} = State) ->
@@ -1156,54 +1170,38 @@ init_ssh(server = Role, Vsn, Version, Options, Socket) ->
 
 supported_host_keys(client, _, Options) ->
     try
-	case extract_algs(proplists:get_value(pref_public_key_algs, Options, false), []) of
-	    false ->
-		["ssh-rsa", "ssh-dss"];
-	    Algs ->
-		Algs
+	case proplists:get_value(public_key, 
+				 proplists:get_value(preferred_algorithms,Options,[])
+				) of
+	    undefined -> 
+		ssh_auth:default_public_key_algorithms();
+	    L ->
+		L -- (L--ssh_auth:default_public_key_algorithms())
 	end
+    of
+	[] ->
+	    {stop, {shutdown, "No public key algs"}};
+	Algs ->
+	    [atom_to_list(A) || A<-Algs]
     catch
 	exit:Reason ->
 	    {stop, {shutdown, Reason}}
     end;
 supported_host_keys(server, KeyCb, Options) ->
-    lists:foldl(fun(Type, Acc) ->
-			case available_host_key(KeyCb, Type, Options) of
-			    {error, _} ->
-				Acc;
-			    Alg ->
-				[Alg | Acc]
-			end
-		end, [],
-		%% Prefered alg last so no need to reverse
-		["ssh-dss", "ssh-rsa"]).
-extract_algs(false, _) ->
-    false;
-extract_algs([],[]) ->
-    false;
-extract_algs([], NewList) ->
-    lists:reverse(NewList);
-extract_algs([H|T], NewList) ->
-    case H of
-	'ssh-dss' ->
-	    extract_algs(T, ["ssh-dss"|NewList]);
-	'ssh-rsa' ->
-	    extract_algs(T, ["ssh-rsa"|NewList])
-    end.
-available_host_key(KeyCb, "ssh-dss"= Alg, Opts) ->
-    case KeyCb:host_key('ssh-dss', Opts) of
-	{ok, _} ->
-	    Alg;
-	Other ->
-	    Other
-    end;
-available_host_key(KeyCb, "ssh-rsa" = Alg, Opts) ->
-    case KeyCb:host_key('ssh-rsa', Opts) of
-	{ok, _} ->
-	    Alg;
-	Other ->
-	    Other
-    end.
+    Algs=
+    [atom_to_list(A) || A <- proplists:get_value(public_key, 
+						 proplists:get_value(preferred_algorithms,Options,[]),
+						 ssh_auth:default_public_key_algorithms()
+						),
+			available_host_key(KeyCb, A, Options)
+    ],
+    Algs.
+
+
+%% Alg :: atom()
+available_host_key(KeyCb, Alg, Opts) ->
+    element(1, catch KeyCb:host_key(Alg, Opts)) == ok.
+
 
 send_msg(Msg, #state{socket = Socket, transport_cb = Transport}) ->
     Transport:send(Socket, Msg).
@@ -1779,3 +1777,12 @@ start_timeout(_,_, infinity) ->
     ok;
 start_timeout(Channel, From, Time) ->
     erlang:send_after(Time, self(), {timeout, {Channel, From}}).
+
+getopt(Opt, Socket) ->
+    case inet:getopts(Socket, [Opt]) of
+	{ok, [{Opt, Value}]} ->
+	    {ok, Value};
+	Other ->
+	    {error, {unexpected_getopts_return, Other}}
+    end.
+