1 files changed, 74 insertions, 50 deletions

diff --git a/lib/ssh/src/ssh_message.erl b/lib/ssh/src/ssh_message.erl
index 7bd0375521..1f0f6fb15f 100644
--- a/lib/ssh/src/ssh_message.erl
+++ b/lib/ssh/src/ssh_message.erl
@@ -1,18 +1,19 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2013-2013. All Rights Reserved.
+%% Copyright Ericsson AB 2013-2014. All Rights Reserved.
 %%
-%% The contents of this file are subject to the Erlang Public License,
-%% Version 1.1, (the "License"); you may not use this file except in
-%% compliance with the License. You should have received a copy of the
-%% Erlang Public License along with this software. If not, it can be
-%% retrieved online at http://www.erlang.org/.
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
 %%
-%% Software distributed under the License is distributed on an "AS IS"
-%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-%% the License for the specific language governing rights and limitations
-%% under the License.
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
 %%
 %% %CopyrightEnd%
 %%
@@ -120,7 +121,7 @@ encode(#ssh_msg_userauth_request{
 	  data = Data
 	 }) ->
     ssh_bits:encode([?SSH_MSG_USERAUTH_REQUEST, User, Service, Method, Data],
-		    [byte, string, string, string, '...']);
+		    [byte, string_utf8, string, string, '...']);
 encode(#ssh_msg_userauth_failure{
 	  authentications = Auths,
 	  partial_success = Bool
@@ -135,7 +136,7 @@ encode(#ssh_msg_userauth_banner{
        language = Lang
       }) ->
     ssh_bits:encode([?SSH_MSG_USERAUTH_BANNER, Banner, Lang],
-		    [byte, string, string]);
+		    [byte, string_utf8, string]);
 
 encode(#ssh_msg_userauth_pk_ok{
 	  algorithm_name = Alg,
@@ -162,8 +163,15 @@ encode(#ssh_msg_userauth_info_request{
 encode(#ssh_msg_userauth_info_response{
 	  num_responses = Num,
 	  data = Data}) ->
-    ssh_bits:encode([?SSH_MSG_USERAUTH_INFO_RESPONSE, Num, Data],
-		    [byte, uint32, '...']);
+    Responses = lists:map(fun("") ->
+				  <<>>;
+			     (Response) ->
+				  ssh_bits:encode([Response], [string])
+			  end, Data),
+    Start = ssh_bits:encode([?SSH_MSG_USERAUTH_INFO_RESPONSE, Num],
+			    [byte, uint32]),
+    iolist_to_binary([Start, Responses]);
+
 encode(#ssh_msg_disconnect{
 	  code = Code,
 	  description = Desc,
@@ -255,7 +263,7 @@ encode(#ssh_msg_ignore{data = Data}) ->
     ssh_bits:encode([?SSH_MSG_IGNORE, Data], [byte, string]);
 
 encode(#ssh_msg_unimplemented{sequence = Seq}) ->
-    ssh_bits:encode([?SSH_MSG_IGNORE, Seq], [byte, uint32]);
+    ssh_bits:encode([?SSH_MSG_UNIMPLEMENTED, Seq], [byte, uint32]);
 
 encode(#ssh_msg_debug{always_display = Bool,
 		      message = Msg,
@@ -315,8 +323,8 @@ decode(<<?BYTE(?SSH_MSG_CHANNEL_DATA), ?UINT32(Recipient), ?UINT32(Len), Data:Le
        recipient_channel = Recipient,
        data = Data
     };
-decode(<<?BYTE(?SSH_MSG_CHANNEL_EXTENDED_DATA), ?UINT32(Recipient),
-	 ?UINT32(DataType), Data/binary>>) ->
+decode(<<?BYTE(?SSH_MSG_CHANNEL_EXTENDED_DATA), ?UINT32(Recipient), 
+	 ?UINT32(DataType), ?UINT32(Len), Data:Len/binary>>) ->
     #ssh_msg_channel_extended_data{
        recipient_channel = Recipient,
        data_type_code = DataType,
@@ -380,18 +388,6 @@ decode(<<?BYTE(?SSH_MSG_USERAUTH_BANNER),
        language = Lang
       };
 
-decode(<<?BYTE(?SSH_MSG_USERAUTH_PK_OK), ?UINT32(Len), Alg:Len/binary, KeyBlob/binary>>) ->
-    #ssh_msg_userauth_pk_ok{
-       algorithm_name = Alg,
-       key_blob = KeyBlob
-      };
-
-decode(<<?BYTE(?SSH_MSG_USERAUTH_PASSWD_CHANGEREQ), ?UINT32(Len0), Prompt:Len0/binary,
-	 ?UINT32(Len1), Lang:Len1/binary>>) ->
-    #ssh_msg_userauth_passwd_changereq{
-       prompt = Prompt,
-       languge = Lang
-      };
 decode(<<?BYTE(?SSH_MSG_USERAUTH_INFO_REQUEST), ?UINT32(Len0), Name:Len0/binary,
 	 ?UINT32(Len1), Inst:Len1/binary, ?UINT32(Len2), Lang:Len2/binary,
 	 ?UINT32(NumPromtps), Data/binary>>) ->
@@ -402,6 +398,21 @@ decode(<<?BYTE(?SSH_MSG_USERAUTH_INFO_REQUEST), ?UINT32(Len0), Name:Len0/binary,
        num_prompts = NumPromtps,
        data = Data};
 
+%%% Unhandled message, also masked by same 1:st byte value as ?SSH_MSG_USERAUTH_INFO_REQUEST:
+decode(<<?BYTE(?SSH_MSG_USERAUTH_PASSWD_CHANGEREQ), ?UINT32(Len0), Prompt:Len0/binary,
+	 ?UINT32(Len1), Lang:Len1/binary>>) ->
+    #ssh_msg_userauth_passwd_changereq{
+       prompt = Prompt,
+       languge = Lang
+      };
+
+%%% Unhandled message, also masked by same 1:st byte value as ?SSH_MSG_USERAUTH_INFO_REQUEST:
+decode(<<?BYTE(?SSH_MSG_USERAUTH_PK_OK), ?UINT32(Len), Alg:Len/binary, KeyBlob/binary>>) ->
+    #ssh_msg_userauth_pk_ok{
+       algorithm_name = Alg,
+       key_blob = KeyBlob
+      };
+
 decode(<<?BYTE(?SSH_MSG_USERAUTH_INFO_RESPONSE), ?UINT32(Num), Data/binary>>) ->
     #ssh_msg_userauth_info_response{
        num_responses = Num,
@@ -411,8 +422,8 @@ decode(<<?BYTE(?SSH_MSG_USERAUTH_INFO_RESPONSE), ?UINT32(Num), Data/binary>>) ->
 decode(<<?BYTE(?SSH_MSG_KEXINIT), Cookie:128, Data/binary>>) ->
     decode_kex_init(Data, [Cookie, ssh_msg_kexinit], 10);
 
-decode(<<?BYTE(?SSH_MSG_KEXDH_INIT), ?UINT32(Len), E:Len/binary>>) ->
-    #ssh_msg_kexdh_init{e = erlint(Len, E)
+decode(<<?BYTE(?SSH_MSG_KEXDH_INIT), ?UINT32(Len), E:Len/big-signed-integer-unit:8>>) ->
+    #ssh_msg_kexdh_init{e = E
 		       };
 decode(<<?BYTE(?SSH_MSG_KEX_DH_GEX_REQUEST), ?UINT32(Min), ?UINT32(N), ?UINT32(Max)>>) ->
     #ssh_msg_kex_dh_gex_request{
@@ -424,18 +435,19 @@ decode(<<?BYTE(?SSH_MSG_KEX_DH_GEX_REQUEST_OLD), ?UINT32(N)>>) ->
     #ssh_msg_kex_dh_gex_request_old{
        n = N
       };
-decode(<<?BYTE(?SSH_MSG_KEX_DH_GEX_GROUP),  ?UINT32(Len0), Prime:Len0/big-signed-integer,
-	 ?UINT32(Len1), Generator:Len1/big-signed-integer>>) ->
+decode(<<?BYTE(?SSH_MSG_KEX_DH_GEX_GROUP),  
+	 ?UINT32(Len0), Prime:Len0/big-signed-integer-unit:8,
+	 ?UINT32(Len1), Generator:Len1/big-signed-integer-unit:8>>) ->
     #ssh_msg_kex_dh_gex_group{
        p = Prime,
        g = Generator
       };
 decode(<<?BYTE(?SSH_MSG_KEXDH_REPLY), ?UINT32(Len0), Key:Len0/binary,
-	 ?UINT32(Len1), F:Len1/binary,
+	 ?UINT32(Len1), F:Len1/big-signed-integer-unit:8,
 	 ?UINT32(Len2), Hashsign:Len2/binary>>) ->
     #ssh_msg_kexdh_reply{
        public_host_key = decode_host_key(Key),
-       f = erlint(Len1, F),
+       f = F,
        h_sig = decode_sign(Hashsign)
       };
 
@@ -457,10 +469,19 @@ decode(<<?BYTE(?SSH_MSG_DISCONNECT), ?UINT32(Code),
        language = Lang
       };
 
+%% Accept bad disconnects from ancient openssh clients that doesn't send language tag.  Use english as a work-around.
+decode(<<?BYTE(?SSH_MSG_DISCONNECT), ?UINT32(Code),
+       ?UINT32(Len0), Desc:Len0/binary>>) ->
+    #ssh_msg_disconnect{
+       code = Code,
+       description = unicode:characters_to_list(Desc),
+       language = <<"en">>
+      };
+
 decode(<<?SSH_MSG_NEWKEYS>>) ->
     #ssh_msg_newkeys{};
 
-decode(<<?BYTE(?SSH_MSG_IGNORE), Data/binary>>) ->
+decode(<<?BYTE(?SSH_MSG_IGNORE), ?UINT32(Len), Data:Len/binary>>) ->
     #ssh_msg_ignore{data = Data};
 
 decode(<<?BYTE(?SSH_MSG_UNIMPLEMENTED), ?UINT32(Seq)>>) ->
@@ -485,14 +506,16 @@ erl_boolean(1) ->
 
 decode_kex_init(<<?BYTE(Bool), ?UINT32(X)>>, Acc, 0) ->
     list_to_tuple(lists:reverse([X, erl_boolean(Bool) | Acc]));
+decode_kex_init(<<?BYTE(Bool)>>, Acc, 0) ->
+    %% The mandatory trailing UINT32 is missing. Assume the value it anyhow must have
+    %% See rfc 4253 7.1
+    X = 0,
+    list_to_tuple(lists:reverse([X, erl_boolean(Bool) | Acc]));
 decode_kex_init(<<?UINT32(Len), Data:Len/binary, Rest/binary>>, Acc, N) ->
     Names = string:tokens(unicode:characters_to_list(Data), ","),
     decode_kex_init(Rest, [Names | Acc], N -1).
 
-erlint(MPIntSize, MPIntValue) ->
-    Bits = MPIntSize * 8,
-    <<Integer:Bits/integer>> = MPIntValue,
-    Integer.
+
 
 decode_sign(<<?UINT32(Len), _Alg:Len/binary, ?UINT32(_), Signature/binary>>) ->
     Signature.
@@ -500,18 +523,19 @@ decode_sign(<<?UINT32(Len), _Alg:Len/binary, ?UINT32(_), Signature/binary>>) ->
 decode_host_key(<<?UINT32(Len), Alg:Len/binary, Rest/binary>>) ->
     decode_host_key(Alg, Rest).
 
-decode_host_key(<<"ssh-rsa">>, <<?UINT32(Len0), E:Len0/binary,
-				 ?UINT32(Len1), N:Len1/binary>>) ->
-    #'RSAPublicKey'{publicExponent = erlint(Len0, E),
-		    modulus = erlint(Len1, N)};
+decode_host_key(<<"ssh-rsa">>, <<?UINT32(Len0), E:Len0/big-signed-integer-unit:8,
+				 ?UINT32(Len1), N:Len1/big-signed-integer-unit:8>>) ->
+    #'RSAPublicKey'{publicExponent = E,
+		    modulus = N};
 
 decode_host_key(<<"ssh-dss">>,
-		<<?UINT32(Len0), P:Len0/binary,
-		  ?UINT32(Len1), Q:Len1/binary,
-		  ?UINT32(Len2), G:Len2/binary,
-		  ?UINT32(Len3), Y:Len3/binary>>) ->
-    {erlint(Len3, Y), #'Dss-Parms'{p = erlint(Len0, P), q = erlint(Len1, Q),
-				   g = erlint(Len2, G)}}.
+		<<?UINT32(Len0), P:Len0/big-signed-integer-unit:8,
+		  ?UINT32(Len1), Q:Len1/big-signed-integer-unit:8,
+		  ?UINT32(Len2), G:Len2/big-signed-integer-unit:8,
+		  ?UINT32(Len3), Y:Len3/big-signed-integer-unit:8>>) ->
+    {Y, #'Dss-Parms'{p = P,
+		     q = Q,
+		     g = G}}.
 
 encode_host_key(#'RSAPublicKey'{modulus = N, publicExponent = E}) ->
     ssh_bits:encode(["ssh-rsa", E, N], [string, mpint, mpint]);