1 files changed, 81 insertions, 123 deletions
diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index 646f787874..516a09bf6a 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -433,6 +433,12 @@ key_exchange(#ssh_msg_kex_dh_gex_request{} = Msg,
     send_msg(GexGroup, State),
     {next_state, key_exchange_dh_gex_init, next_packet(State#state{ssh_params = Ssh})};
 
+key_exchange(#ssh_msg_kex_dh_gex_request_old{} = Msg, 
+	     #state{ssh_params = #ssh{role = server} = Ssh0} = State) ->
+    {ok, GexGroup, Ssh} = ssh_transport:handle_kex_dh_gex_request(Msg, Ssh0),
+    send_msg(GexGroup, State),
+    {next_state, key_exchange_dh_gex_init, next_packet(State#state{ssh_params = Ssh})};
+
 key_exchange(#ssh_msg_kex_dh_gex_group{} = Msg, 
 	     #state{ssh_params = #ssh{role = client} = Ssh0} = State) ->
     {ok, KexGexInit, Ssh} = ssh_transport:handle_kex_dh_gex_group(Msg, Ssh0),
@@ -530,7 +536,7 @@ userauth(#ssh_msg_userauth_request{service = "ssh-connection",
 		    Pid ! ssh_connected,
 		    connected_fun(User, Address, Method, Opts),
 		    {next_state, connected, 
-		     next_packet(State#state{auth_user = User, ssh_params = Ssh})};
+		     next_packet(State#state{auth_user = User, ssh_params = Ssh#ssh{authenticated = true}})};
 		{not_authorized, {User, Reason}, {Reply, Ssh}} when Method == "keyboard-interactive" ->
 		    retry_fun(User, Address, Reason, Opts),
 		    send_msg(Reply, State),
@@ -622,19 +628,29 @@ userauth_keyboard_interactive(#ssh_msg_userauth_info_response{} = Msg,
 	    Pid ! ssh_connected,
 	    connected_fun(User, Address, "keyboard-interactive", Opts),
 	    {next_state, connected, 
-	     next_packet(State#state{auth_user = User, ssh_params = Ssh})};
+	     next_packet(State#state{auth_user = User, ssh_params = Ssh#ssh{authenticated = true}})};
 	{not_authorized, {User, Reason}, {Reply, Ssh}} ->
 	    retry_fun(User, Address, Reason, Opts),
 	    send_msg(Reply, State),
 	    {next_state, userauth, next_packet(State#state{ssh_params = Ssh})} 
-    end.
-			
+    end;
+userauth_keyboard_interactive(Msg = #ssh_msg_userauth_failure{},
+			      #state{ssh_params = Ssh0 =
+					 #ssh{role = client,
+					      userauth_preference = Prefs0}} 
+			      = State) ->
+    Prefs = [{Method,M,F,A} || {Method,M,F,A} <- Prefs0,
+			       Method =/= "keyboard-interactive"],
+    userauth(Msg, State#state{ssh_params = Ssh0#ssh{userauth_preference=Prefs}}).
 
 
-userauth_keyboard_interactive_info_response(Msg=#ssh_msg_userauth_failure{}, State) ->
+
+userauth_keyboard_interactive_info_response(Msg=#ssh_msg_userauth_failure{},
+					    #state{ssh_params = #ssh{role = client}} = State) ->
     userauth(Msg, State);
 
-userauth_keyboard_interactive_info_response(Msg=#ssh_msg_userauth_success{}, State) ->
+userauth_keyboard_interactive_info_response(Msg=#ssh_msg_userauth_success{},
+					    #state{ssh_params = #ssh{role = client}} = State) ->
     userauth(Msg, State).
 
 %%--------------------------------------------------------------------
@@ -721,13 +737,28 @@ handle_event({adjust_window, ChannelId, Bytes}, StateName,
 			#connection{channel_cache = Cache}} = State0) ->
     State =
 	case ssh_channel:cache_lookup(Cache, ChannelId) of
-	    #channel{recv_window_size = WinSize, remote_id = Id} = Channel ->
-		ssh_channel:cache_update(Cache, Channel#channel{recv_window_size =
-					       WinSize + Bytes}),
-		Msg = ssh_connection:channel_adjust_window_msg(Id, Bytes),
+	    #channel{recv_window_size = WinSize,
+		     recv_window_pending = Pending,
+		     recv_packet_size = PktSize} = Channel
+	      when (WinSize-Bytes) >= 2*PktSize ->
+		%% The peer can send at least two more *full* packet, no hurry.
+		ssh_channel:cache_update(Cache, 
+					 Channel#channel{recv_window_pending = Pending + Bytes}),
+		State0;
+
+	    #channel{recv_window_size = WinSize,
+		     recv_window_pending = Pending,
+		     remote_id = Id} = Channel ->
+		%% Now we have to update the window - we can't receive so many more pkts
+		ssh_channel:cache_update(Cache, 
+					 Channel#channel{recv_window_size =
+							     WinSize + Bytes + Pending,
+							 recv_window_pending = 0}),
+		Msg = ssh_connection:channel_adjust_window_msg(Id, Bytes + Pending),
 		send_replies([{connection_reply, Msg}], State0);
-	undefined ->
-	    State0
+
+	    undefined ->
+		State0
 	end,
     {next_state, StateName, next_packet(State)};
 
@@ -960,57 +991,39 @@ handle_info({Protocol, Socket, Info}, hello,
 		   transport_protocol = Protocol} = State) -> 
     event({info_line, Info}, hello, State);
 
-handle_info({Protocol, Socket, Data}, Statename, 
+handle_info({Protocol, Socket, Data}, StateName, 
 	    #state{socket = Socket,
 		   transport_protocol = Protocol,
-		   ssh_params = #ssh{decrypt_block_size = BlockSize,
-				     recv_mac_size = MacSize} = Ssh0,
-		   decoded_data_buffer = <<>>,
-		   encoded_data_buffer = EncData0} = State0) ->
-
-    %% Implementations SHOULD decrypt the length after receiving the
-    %% first 8 (or cipher block size, whichever is larger) bytes of a
-    %% packet. (RFC 4253: Section 6 - Binary Packet Protocol)
-    case size(EncData0) + size(Data) >= erlang:max(8, BlockSize) of
-	true ->
-	    {Ssh, SshPacketLen, DecData, EncData} = 
-
-		ssh_transport:decrypt_first_block(<<EncData0/binary, 
-						   Data/binary>>, Ssh0),
-	     case SshPacketLen > ?SSH_MAX_PACKET_SIZE of
- 		true ->
-  		    DisconnectMsg = 
-  			#ssh_msg_disconnect{code = 
-					    ?SSH_DISCONNECT_PROTOCOL_ERROR,
-  					    description = "Bad packet length " 
-					    ++ integer_to_list(SshPacketLen),
-  					    language = "en"},
-  		    handle_disconnect(DisconnectMsg, State0);
-  		false ->
-		    RemainingSshPacketLen = 
-			(SshPacketLen + ?SSH_LENGHT_INDICATOR_SIZE) - 
-			BlockSize + MacSize,
-		    State = State0#state{ssh_params = Ssh},
-		    handle_ssh_packet_data(RemainingSshPacketLen, 
-					   DecData, EncData, Statename,
-					   State)
-	     end;
-	false  ->
-	    {next_state, Statename, 
-	     next_packet(State0#state{encoded_data_buffer = 
-				      <<EncData0/binary, Data/binary>>})}
+		   ssh_params = Ssh0,
+		   decoded_data_buffer = DecData0,
+		   encoded_data_buffer = EncData0,
+		   undecoded_packet_length = RemainingSshPacketLen0} = State0) ->
+    Encoded = <<EncData0/binary, Data/binary>>,
+    case ssh_transport:handle_packet_part(DecData0, Encoded, RemainingSshPacketLen0, Ssh0) of
+	{get_more, DecBytes, EncDataRest, RemainingSshPacketLen, Ssh1} ->
+	    {next_state, StateName,
+	     next_packet(State0#state{encoded_data_buffer = EncDataRest,
+				      decoded_data_buffer = DecBytes,
+				      undecoded_packet_length = RemainingSshPacketLen,
+				      ssh_params = Ssh1})};
+	{decoded, MsgBytes, EncDataRest, Ssh1} ->
+	    generate_event(MsgBytes, StateName,
+			   State0#state{ssh_params = Ssh1,
+					%% Important to be set for
+					%% next_packet
+%%% FIXME: the following three seem to always be set in generate_event!
+					decoded_data_buffer = <<>>,
+					undecoded_packet_length = undefined,
+					encoded_data_buffer = EncDataRest},
+			   EncDataRest);
+	{bad_mac, Ssh1} ->
+	    DisconnectMsg = 
+		    #ssh_msg_disconnect{code = ?SSH_DISCONNECT_PROTOCOL_ERROR,
+					description = "Bad mac",
+					language = ""},
+	    handle_disconnect(DisconnectMsg, State0#state{ssh_params=Ssh1})
     end;
-
-handle_info({Protocol, Socket, Data}, Statename, 
-	    #state{socket = Socket,
-		   transport_protocol = Protocol,
-		   decoded_data_buffer = DecData, 
-		   encoded_data_buffer = EncData,
-		   undecoded_packet_length = Len} = 
-	    State) when is_integer(Len) ->
-    handle_ssh_packet_data(Len, DecData, <<EncData/binary, Data/binary>>, 
-			   Statename, State);
-
+		
 handle_info({CloseTag, _Socket}, _StateName, 
 	    #state{transport_close_tag = CloseTag,
 		   ssh_params = #ssh{role = _Role, opts = _Opts}} = State) ->
@@ -1088,7 +1101,7 @@ handle_info(UnexpectedMessage, StateName, #state{opts = Opts,
 terminate(normal, _, #state{transport_cb = Transport,
 			    connection_state = Connection,
 			    socket = Socket}) ->
-    terminate_subsytem(Connection),
+    terminate_subsystem(Connection),
     (catch Transport:close(Socket)),
     ok;
 
@@ -1117,7 +1130,7 @@ terminate({shutdown, _}, StateName, State) ->
 
 terminate(Reason, StateName, #state{ssh_params = Ssh0, starter = _Pid,
 				   connection_state = Connection} = State) ->
-    terminate_subsytem(Connection),
+    terminate_subsystem(Connection),
     log_error(Reason),
     DisconnectMsg = 
 	#ssh_msg_disconnect{code = ?SSH_DISCONNECT_BY_APPLICATION,
@@ -1128,10 +1141,10 @@ terminate(Reason, StateName, #state{ssh_params = Ssh0, starter = _Pid,
     terminate(normal, StateName, State#state{ssh_params = Ssh}).
 
 
-terminate_subsytem(#connection{system_supervisor = SysSup,
+terminate_subsystem(#connection{system_supervisor = SysSup,
 			       sub_system_supervisor = SubSysSup}) when is_pid(SubSysSup) ->
     ssh_system_sup:stop_subsystem(SysSup, SubSysSup);
-terminate_subsytem(_) ->
+terminate_subsystem(_) ->
     ok.
 
 format_status(normal, [_, State]) ->
@@ -1266,9 +1279,9 @@ supported_host_keys(client, _, Options) ->
 				 proplists:get_value(preferred_algorithms,Options,[])
 				) of
 	    undefined -> 
-		ssh_auth:default_public_key_algorithms();
+		ssh_transport:default_algorithms(public_key);
 	    L ->
-		L -- (L--ssh_auth:default_public_key_algorithms())
+		L -- (L--ssh_transport:default_algorithms(public_key))
 	end
     of
 	[] ->
@@ -1280,21 +1293,17 @@ supported_host_keys(client, _, Options) ->
 	    {stop, {shutdown, Reason}}
     end;
 supported_host_keys(server, KeyCb, Options) ->
-    Algs=
     [atom_to_list(A) || A <- proplists:get_value(public_key, 
 						 proplists:get_value(preferred_algorithms,Options,[]),
-						 ssh_auth:default_public_key_algorithms()
+						 ssh_transport:default_algorithms(public_key)
 						),
 			available_host_key(KeyCb, A, Options)
-    ],
-    Algs.
-
+    ].
 
 %% Alg :: atom()
 available_host_key(KeyCb, Alg, Opts) ->
     element(1, catch KeyCb:host_key(Alg, Opts)) == ok.
 
-
 send_msg(Msg, #state{socket = Socket, transport_cb = Transport}) ->
     Transport:send(Socket, Msg).
 
@@ -1625,57 +1634,6 @@ after_new_keys_events({connection_reply, _Data} = Reply, {StateName, State}) ->
     NewState = send_replies([Reply], State),
     {next_state, StateName, NewState}.
 
-handle_ssh_packet_data(RemainingSshPacketLen, DecData, EncData, StateName, 
-		       State) ->
-    EncSize =  size(EncData), 
-    case RemainingSshPacketLen > EncSize of
-	true ->
-	    {next_state, StateName, 
-	     next_packet(State#state{decoded_data_buffer = DecData,
-				     encoded_data_buffer = EncData,
-				     undecoded_packet_length = 
-				     RemainingSshPacketLen})};
-	false ->
-	    handle_ssh_packet(RemainingSshPacketLen, StateName,
-			      State#state{decoded_data_buffer = DecData,
-					  encoded_data_buffer = EncData})
-    
-    end.    
-
-handle_ssh_packet(Length, StateName, #state{decoded_data_buffer = DecData0,
-					    encoded_data_buffer = EncData0,
-					    ssh_params = Ssh0,
-					    transport_protocol = _Protocol,
-					    socket = _Socket} = State0) ->
-    try 
-	{Ssh1, DecData, EncData, Mac} = 
-	    ssh_transport:unpack(EncData0, Length, Ssh0),
-	SshPacket = <<DecData0/binary, DecData/binary>>,
-	case ssh_transport:is_valid_mac(Mac, SshPacket, Ssh1) of
-	    true ->
-		PacketData = ssh_transport:msg_data(SshPacket),
-		{Ssh1, Msg} = ssh_transport:decompress(Ssh1, PacketData),
-		generate_event(Msg, StateName, 
-			       State0#state{ssh_params = Ssh1,
-					    %% Important to be set for
-					    %% next_packet
-					    decoded_data_buffer = <<>>},
-			       EncData);
-	    false ->
-		DisconnectMsg = 
-		    #ssh_msg_disconnect{code = ?SSH_DISCONNECT_PROTOCOL_ERROR,
-					description = "Bad mac",
-					language = "en"},
-		handle_disconnect(DisconnectMsg, State0)
-	end
-    catch _:_ ->
-	    Disconnect = 
-		#ssh_msg_disconnect{code = ?SSH_DISCONNECT_PROTOCOL_ERROR,
-				    description = "Bad input",
-				    language = "en"},
-	    handle_disconnect(Disconnect, State0) 
-    end.  
-
 
 handle_disconnect(DisconnectMsg, State) ->
     handle_disconnect(own, DisconnectMsg, State).