diff options
Diffstat (limited to 'lib/ssh/src')
| -rw-r--r-- | lib/ssh/src/ssh.hrl | 24 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_connection_handler.erl | 4 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_file.erl | 17 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_options.erl | 12 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_transport.erl | 3 | 
5 files changed, 37 insertions, 23 deletions
| diff --git a/lib/ssh/src/ssh.hrl b/lib/ssh/src/ssh.hrl index 94b9f3a196..f645201c4f 100644 --- a/lib/ssh/src/ssh.hrl +++ b/lib/ssh/src/ssh.hrl @@ -173,7 +173,7 @@  -type common_options() :: [ common_option() ].  -type common_option() ::  -        user_dir_common_option() +        ssh_file:user_dir_common_option()        | profile_common_option()        | max_idle_time_common_option()        | key_cb_common_option() @@ -182,6 +182,7 @@        | ssh_msg_debug_fun_common_option()        | rekey_limit_common_option()        | id_string_common_option() +      | pref_public_key_algs_common_option()        | preferred_algorithms_common_option()        | modify_algorithms_common_option()        | auth_methods_common_option() @@ -191,8 +192,6 @@  -define(COMMON_OPTION, common_option()). - --type user_dir_common_option()      :: {user_dir,  false | string()}.  -type profile_common_option()       :: {profile,   atom() }.  -type max_idle_time_common_option() :: {idle_time, timeout()}.  -type rekey_limit_common_option()   :: {rekey_limit, Bytes::limit_bytes() | @@ -211,6 +210,7 @@          {ssh_msg_debug_fun, fun((ssh:connection_ref(),AlwaysDisplay::boolean(),Msg::binary(),LanguageTag::binary()) -> any()) } .  -type id_string_common_option()           :: {id_string,  string() | random | {random,Nmin::pos_integer(),Nmax::pos_integer()} }. +-type pref_public_key_algs_common_option() :: {pref_public_key_algs, [pubkey_alg()] } .  -type preferred_algorithms_common_option():: {preferred_algorithms, algs_list()}.  -type modify_algorithms_common_option()   :: {modify_algorithms,    modify_algs_list()}.  -type auth_methods_common_option()        :: {auth_methods,         string() }. @@ -223,14 +223,13 @@          {transport, {atom(),atom(),atom()} }        | {vsn, {non_neg_integer(),non_neg_integer()} }        | {tstflg, list(term())} -      | {user_dir_fun, fun()} +      | ssh_file:user_dir_fun_common_option()        | {max_random_length_padding, non_neg_integer()} .  -type client_option()         :: -        pref_public_key_algs_client_option() -      | pubkey_passphrase_client_options() +        ssh_file:pubkey_passphrase_client_options()        | host_accepting_client_options()        | authentication_client_options()        | diffie_hellman_group_exchange_client_option() @@ -244,12 +243,6 @@          {keyboard_interact_fun, fun((term(),term(),term()) -> term())}          | opaque_common_options(). --type pref_public_key_algs_client_option() :: {pref_public_key_algs, [pubkey_alg()] } . - --type pubkey_passphrase_client_options() ::   {dsa_pass_phrase,      string()} -                                            | {rsa_pass_phrase,      string()} -                                            | {ecdsa_pass_phrase,    string()} . -  -type host_accepting_client_options() ::          {silently_accept_hosts, accept_hosts()}        | {user_interaction,     boolean()} @@ -299,8 +292,9 @@  -type 'shell_fun/1'() :: fun((User::string()) -> pid()) .  -type 'shell_fun/2'() :: fun((User::string(),  PeerAddr::inet:ip_address()) -> pid()). --type exec_daemon_option()      :: {exec, 'exec_fun/1'() | 'exec_fun/2'() | 'exec_fun/3'() }. - +-type exec_daemon_option()      :: {exec, exec_spec()} . +-type exec_spec()               :: {direct, exec_fun()} . +-type exec_fun()                :: 'exec_fun/1'() | 'exec_fun/2'() | 'exec_fun/3'().  -type 'exec_fun/1'() :: fun((Cmd::string()) -> exec_result()) .  -type 'exec_fun/2'() :: fun((Cmd::string(), User::string()) -> exec_result()) .  -type 'exec_fun/3'() :: fun((Cmd::string(), User::string(), ClientAddr::ip_port()) -> exec_result()) . @@ -311,7 +305,7 @@  -type send_ext_info_daemon_option() :: {send_ext_info, boolean()} .  -type authentication_daemon_options() :: -        {system_dir, string()} +        ssh_file:system_dir_daemon_option()        | {auth_method_kb_interactive_data, prompt_texts() }        | {user_passwords, [{UserName::string(),Pwd::string()}]}        | {password, string()} diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl index 4b41c10cbb..30eafc2f2a 100644 --- a/lib/ssh/src/ssh_connection_handler.erl +++ b/lib/ssh/src/ssh_connection_handler.erl @@ -983,6 +983,10 @@ handle_event(_, #ssh_msg_userauth_info_request{}, {userauth_keyboard_interactive  %%% ######## {connected, client|server} #### +%% Skip ext_info messages in connected state (for example from OpenSSH >= 7.7) +handle_event(_, #ssh_msg_ext_info{}, {connected,_Role}, D) -> +    {keep_state, D}; +  handle_event(_, {#ssh_msg_kexinit{},_}, {connected,Role}, D0) ->      {KeyInitMsg, SshPacket, Ssh} = ssh_transport:key_exchange_init_msg(D0#data.ssh_params),      D = D0#data{ssh_params = Ssh, diff --git a/lib/ssh/src/ssh_file.erl b/lib/ssh/src/ssh_file.erl index 832952ed52..669b0f9be2 100644 --- a/lib/ssh/src/ssh_file.erl +++ b/lib/ssh/src/ssh_file.erl @@ -39,6 +39,23 @@  	 is_auth_key/3]). +-export_type([system_dir_daemon_option/0, +              user_dir_common_option/0, +              user_dir_fun_common_option/0, +              pubkey_passphrase_client_options/0 +             ]). + +-type system_dir_daemon_option()   :: {system_dir, string()}. +-type user_dir_common_option()     :: {user_dir,  string()}. +-type user_dir_fun_common_option() :: {user_dir_fun, user2dir()}. +-type user2dir() :: fun((RemoteUserName::string()) -> UserDir :: string()) . + +-type pubkey_passphrase_client_options() ::   {dsa_pass_phrase,      string()} +                                            | {rsa_pass_phrase,      string()} +                                            | {ecdsa_pass_phrase,    string()} . + + +  -define(PERM_700, 8#700).  -define(PERM_644, 8#644). diff --git a/lib/ssh/src/ssh_options.erl b/lib/ssh/src/ssh_options.erl index bc9f2156bc..bc9b0b6eda 100644 --- a/lib/ssh/src/ssh_options.erl +++ b/lib/ssh/src/ssh_options.erl @@ -452,12 +452,6 @@ default(client) ->              class => user_options             }, -      {pref_public_key_algs, def} => -          #{default => ssh_transport:default_algorithms(public_key), -            chk => fun check_pref_public_key_algs/1, -            class => user_options -           }, -        {dh_gex_limits, def} =>            #{default => {1024, 6144, 8192},      % FIXME: Is this true nowadays?              chk => fun({Min,I,Max}) -> @@ -523,6 +517,12 @@ default(common) ->               class => user_options              }, +      {pref_public_key_algs, def} => +          #{default => ssh_transport:default_algorithms(public_key), +            chk => fun check_pref_public_key_algs/1, +            class => user_options +           }, +         {preferred_algorithms, def} =>             #{default => ssh:default_algorithms(),               chk => fun check_preferred_algorithms/1, diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl index c5b0704925..7424c9bcaf 100644 --- a/lib/ssh/src/ssh_transport.erl +++ b/lib/ssh/src/ssh_transport.erl @@ -759,8 +759,7 @@ ext_info_message(#ssh{role=server,                        send_ext_info=true,                        opts = Opts} = Ssh0) ->      AlgsList = lists:map(fun erlang:atom_to_list/1, -                         proplists:get_value(public_key, -                                             ?GET_OPT(preferred_algorithms, Opts))), +                         ?GET_OPT(pref_public_key_algs, Opts)),      Msg = #ssh_msg_ext_info{nr_extensions = 1,                              data = [{"server-sig-algs", string:join(AlgsList,",")}]                             }, | 
