diff options
Diffstat (limited to 'lib/ssh/src')
| -rw-r--r-- | lib/ssh/src/ssh.appup.src | 30 | ||||
| -rw-r--r-- | lib/ssh/src/ssh.erl | 49 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_acceptor.erl | 10 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_channel.erl | 14 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_cli.erl | 34 | ||||
| -rwxr-xr-x | lib/ssh/src/ssh_connect.hrl | 3 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_connection.erl | 20 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_connection_controler.erl | 8 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_connection_handler.erl | 23 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_connection_manager.erl | 30 | ||||
| -rwxr-xr-x | lib/ssh/src/ssh_file.erl | 42 | ||||
| -rwxr-xr-x | lib/ssh/src/ssh_rsa.erl | 3 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_sftpd.erl | 9 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_system_sup.erl | 20 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_transport.erl | 4 |
15 files changed, 228 insertions, 71 deletions
diff --git a/lib/ssh/src/ssh.appup.src b/lib/ssh/src/ssh.appup.src index 21f7508555..501da8ceb9 100644 --- a/lib/ssh/src/ssh.appup.src +++ b/lib/ssh/src/ssh.appup.src @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2004-2010. All Rights Reserved. +%% Copyright Ericsson AB 2004-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -19,9 +19,35 @@ {"%VSN%", [ + {"2.0.3", [{load_module, ssh_file, soft_purge, soft_purge, []}, + {load_module, ssh, soft_purge, soft_purge, []}, + {load_module, ssh_rsa, soft_purge, soft_purge, []}, + {load_module, ssh_acceptor, soft_purge, soft_purge, []}, + {load_module, ssh_transport, soft_purge, soft_purge, []}, + {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]}, + {"2.0.2", [{load_module, ssh_file, soft_purge, soft_purge, []}, + {load_module, ssh, soft_purge, soft_purge, []}, + {load_module, ssh_rsa, soft_purge, soft_purge, []}, + {load_module, ssh_acceptor, soft_purge, soft_purge, []}, + {load_module, ssh_transport, soft_purge, soft_purge, []}, + {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]}, + {"2.0.1", [{restart_application, ssh}]} ], [ - ] + {"2.0.3", [{load_module, ssh_file, soft_purge, soft_purge, []}, + {load_module, ssh, soft_purge, soft_purge, []}, + {load_module, ssh_rsa, soft_purge, soft_purge, []}, + {load_module, ssh_acceptor, soft_purge, soft_purge, []}, + {load_module, ssh_transport, soft_purge, soft_purge, []}, + {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]}, + {"2.0.2", [{load_module, ssh_file, soft_purge, soft_purge, []}, + {load_module, ssh, soft_purge, soft_purge, []}, + {load_module, ssh_rsa, soft_purge, soft_purge, []}, + {load_module, ssh_acceptor, soft_purge, soft_purge, []}, + {load_module, ssh_transport, soft_purge, soft_purge, []}, + {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]}, + {"2.0.1", [{restart_application, ssh}]} + ] }. diff --git a/lib/ssh/src/ssh.erl b/lib/ssh/src/ssh.erl index 994c77436a..cada109df0 100644 --- a/lib/ssh/src/ssh.erl +++ b/lib/ssh/src/ssh.erl @@ -30,6 +30,8 @@ stop_listener/1, stop_listener/2, stop_daemon/1, stop_daemon/2, shell/1, shell/2, shell/3]). +-export([sign_data/2, verify_data/3]). + %%-------------------------------------------------------------------- %% Function: start([, Type]) -> ok %% @@ -94,11 +96,17 @@ connect(Host, Port, Options, Timeout) -> do_demonitor(MRef, Manager), {error, Other}; {'DOWN', MRef, _, Manager, Reason} when is_pid(Manager) -> + error_logger:warning_report([{ssh, connect}, + {diagnose, + "Connection was closed before properly set up."}, + {host, Host}, + {port, Port}, + {reason, Reason}]), receive %% Clear EXIT message from queue {'EXIT', Manager, _What} -> - {error, Reason} + {error, channel_closed} after 0 -> - {error, Reason} + {error, channel_closed} end after Timeout -> do_demonitor(MRef, Manager), @@ -239,6 +247,43 @@ shell(Host, Port, Options) -> Error end. + +%%-------------------------------------------------------------------- +%% Function: sign_data(Data, Algorithm) -> binary() | +%% {error, Reason} +%% +%% Data = binary() +%% Algorithm = "ssh-rsa" +%% +%% Description: Use SSH key to sign data. +%%-------------------------------------------------------------------- +sign_data(Data, Algorithm) when is_binary(Data) -> + case ssh_file:private_identity_key(Algorithm,[]) of + {ok, Key} when Algorithm == "ssh-rsa" -> + ssh_rsa:sign(Key, Data); + Error -> + Error + end. + +%%-------------------------------------------------------------------- +%% Function: verify_data(Data, Signature, Algorithm) -> ok | +%% {error, Reason} +%% +%% Data = binary() +%% Signature = binary() +%% Algorithm = "ssh-rsa" +%% +%% Description: Use SSH signature to verify data. +%%-------------------------------------------------------------------- +verify_data(Data, Signature, Algorithm) when is_binary(Data), is_binary(Signature) -> + case ssh_file:public_identity_key(Algorithm, []) of + {ok, Key} when Algorithm == "ssh-rsa" -> + ssh_rsa:verify(Key, Data, Signature); + Error -> + Error + end. + + %%-------------------------------------------------------------------- %%% Internal functions %%-------------------------------------------------------------------- diff --git a/lib/ssh/src/ssh_acceptor.erl b/lib/ssh/src/ssh_acceptor.erl index 57229daa27..59fbd24cf5 100644 --- a/lib/ssh/src/ssh_acceptor.erl +++ b/lib/ssh/src/ssh_acceptor.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2008-2010. All Rights Reserved. +%% Copyright Ericsson AB 2008-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -55,6 +55,10 @@ acceptor_init(Parent, Port, Address, SockOpts, Opts, AcceptTimeout) -> do_socket_listen(Callback, Port, Opts) -> case Callback:listen(Port, Opts) of + {error, nxdomain} -> + Callback:listen(Port, lists:delete(inet6, Opts)); + {error, enetunreach} -> + Callback:listen(Port, lists:delete(inet6, Opts)); {error, eafnosupport} -> Callback:listen(Port, lists:delete(inet6, Opts)); Other -> @@ -79,11 +83,11 @@ acceptor_loop(Callback, Port, Address, Opts, ListenSocket, AcceptTimeout) -> handle_connection(Callback, Address, Port, Options, Socket) -> SystemSup = ssh_system_sup:system_supervisor(Address, Port), - ssh_system_sup:start_subsystem(SystemSup, Options), + {ok, SubSysSup} = ssh_system_sup:start_subsystem(SystemSup, Options), ConnectionSup = ssh_system_sup:connection_supervisor(SystemSup), {ok, Pid} = ssh_connection_controler:start_manager_child(ConnectionSup, - [server, Socket, Options]), + [server, Socket, Options, SubSysSup]), Callback:controlling_process(Socket, Pid), SshOpts = proplists:get_value(ssh_opts, Options), Pid ! {start_connection, server, [Address, Port, Socket, SshOpts]}. diff --git a/lib/ssh/src/ssh_channel.erl b/lib/ssh/src/ssh_channel.erl index 8a49a44a6c..dcb2d69290 100644 --- a/lib/ssh/src/ssh_channel.erl +++ b/lib/ssh/src/ssh_channel.erl @@ -238,9 +238,19 @@ handle_info(Msg, #state{cm = ConnectionManager, channel_cb = Module, {noreply, State#state{channel_state = ChannelState}}; {ok, ChannelState, Timeout} -> {noreply, State#state{channel_state = ChannelState}, Timeout}; + {stop, Reason, ChannelState} when is_atom(Reason)-> + {stop, Reason, State#state{close_sent = true, + channel_state = ChannelState}}; {stop, ChannelId, ChannelState} -> - ssh_connection:close(ConnectionManager, ChannelId), - {stop, normal, State#state{close_sent = true, + Reason = + case Msg of + {'EXIT', _Pid, shutdown} -> + shutdown; + _ -> + normal + end, + (catch ssh_connection:close(ConnectionManager, ChannelId)), + {stop, Reason, State#state{close_sent = true, channel_state = ChannelState}} end. diff --git a/lib/ssh/src/ssh_cli.erl b/lib/ssh/src/ssh_cli.erl index 2764ea2e43..cb78acb84c 100644 --- a/lib/ssh/src/ssh_cli.erl +++ b/lib/ssh/src/ssh_cli.erl @@ -327,7 +327,7 @@ window_change(Tty, OldTty, Buf) {[], Buf}; window_change(Tty, OldTty, {Buf, BufTail, Col}) -> M1 = move_cursor(Col, 0, OldTty), - N = max(Tty#ssh_pty.width - OldTty#ssh_pty.width, 0) * 2, + N = erlang:max(Tty#ssh_pty.width - OldTty#ssh_pty.width, 0) * 2, S = lists:reverse(Buf, [BufTail | lists:duplicate(N, $ )]), M2 = move_cursor(length(Buf) + length(BufTail) + N, Col, Tty), {[M1, S | M2], {Buf, BufTail, Col}}. @@ -398,10 +398,6 @@ nthtail(0, A) -> A; nthtail(N, [_ | A]) when N > 0 -> nthtail(N-1, A); nthtail(_, _) -> []. -%%% utils -max(A, B) when A > B -> A; -max(_A, B) -> B. - ifelse(Cond, A, B) -> case Cond of true -> A; @@ -419,14 +415,12 @@ start_shell(ConnectionManager, State) -> Shell = State#state.shell, ShellFun = case is_function(Shell) of true -> + {ok, User} = + ssh_userreg:lookup_user(ConnectionManager), case erlang:fun_info(Shell, arity) of {arity, 1} -> - {ok, User} = - ssh_userreg:lookup_user(ConnectionManager), fun() -> Shell(User) end; {arity, 2} -> - {ok, User} = - ssh_userreg:lookup_user(ConnectionManager), {ok, PeerAddr} = ssh_connection_manager:peer_addr(ConnectionManager), fun() -> Shell(User, PeerAddr) end; @@ -441,10 +435,28 @@ start_shell(ConnectionManager, State) -> State#state{group = Group, buf = empty_buf()}. start_shell(_ConnectionManager, Cmd, #state{exec={M, F, A}} = State) -> - Group = group:start(self(), {M, F, A++[Cmd]}, [{echo,false}]), + Group = group:start(self(), {M, F, A++[Cmd]}, [{echo, false}]), + State#state{group = Group, buf = empty_buf()}; +start_shell(ConnectionManager, Cmd, #state{exec=Shell} = State) when is_function(Shell) -> + {ok, User} = + ssh_userreg:lookup_user(ConnectionManager), + ShellFun = + case erlang:fun_info(Shell, arity) of + {arity, 1} -> + fun() -> Shell(Cmd) end; + {arity, 2} -> + fun() -> Shell(Cmd, User) end; + {arity, 3} -> + {ok, PeerAddr} = + ssh_connection_manager:peer_addr(ConnectionManager), + fun() -> Shell(Cmd, User, PeerAddr) end; + _ -> + Shell + end, + Echo = get_echo(State#state.pty), + Group = group:start(self(), ShellFun, [{echo,Echo}]), State#state{group = Group, buf = empty_buf()}. - % Pty can be undefined if the client never sets any pty options before % starting the shell. get_echo(undefined) -> diff --git a/lib/ssh/src/ssh_connect.hrl b/lib/ssh/src/ssh_connect.hrl index 57bb141c60..34d4ff8fc1 100755 --- a/lib/ssh/src/ssh_connect.hrl +++ b/lib/ssh/src/ssh_connect.hrl @@ -260,5 +260,6 @@ address, port, options, - exec + exec, + sub_system_supervisor }). diff --git a/lib/ssh/src/ssh_connection.erl b/lib/ssh/src/ssh_connection.erl index b9827c90ea..7b9e9185bf 100644 --- a/lib/ssh/src/ssh_connection.erl +++ b/lib/ssh/src/ssh_connection.erl @@ -946,13 +946,12 @@ encode_ip(Addr) when is_list(Addr) -> end end. -start_channel(Address, Port, Cb, Id, Args) -> - start_channel(Address, Port, Cb, Id, Args, undefined). +start_channel(Cb, Id, Args, SubSysSup) -> + start_channel(Cb, Id, Args, SubSysSup, undefined). -start_channel(Address, Port, Cb, Id, Args, Exec) -> +start_channel(Cb, Id, Args, SubSysSup, Exec) -> ChildSpec = child_spec(Cb, Id, Args, Exec), - SystemSup = ssh_system_sup:system_supervisor(Address, Port), - ChannelSup = ssh_system_sup:channel_supervisor(SystemSup), + ChannelSup =ssh_subsystem_sup:channel_supervisor(SubSysSup), ssh_channel_sup:start_child(ChannelSup, ChildSpec). %%-------------------------------------------------------------------- @@ -1017,18 +1016,19 @@ start_cli(#connection{address = Address, port = Port, cli_spec = {Fun, [Shell]}, {ok, Pid} end; -start_cli(#connection{address = Address, port = Port, - cli_spec = {CbModule, Args}, exec = Exec}, ChannelId) -> - start_channel(Address, Port, CbModule, ChannelId, Args, Exec). +start_cli(#connection{cli_spec = {CbModule, Args}, exec = Exec, + sub_system_supervisor = SubSysSup}, ChannelId) -> + start_channel(CbModule, ChannelId, Args, SubSysSup, Exec). start_subsytem(BinName, #connection{address = Address, port = Port, - options = Options}, + options = Options, + sub_system_supervisor = SubSysSup}, #channel{local_id = ChannelId, remote_id = RemoteChannelId}, ReplyMsg) -> Name = binary_to_list(BinName), case check_subsystem(Name, Options) of {Callback, Opts} when is_atom(Callback), Callback =/= none -> - start_channel(Address, Port, Callback, ChannelId, Opts); + start_channel(Callback, ChannelId, Opts, SubSysSup); {Other, _} when Other =/= none -> handle_backwards_compatibility(Other, self(), ChannelId, RemoteChannelId, diff --git a/lib/ssh/src/ssh_connection_controler.erl b/lib/ssh/src/ssh_connection_controler.erl index 990541f8d6..ca3e62dc83 100644 --- a/lib/ssh/src/ssh_connection_controler.erl +++ b/lib/ssh/src/ssh_connection_controler.erl @@ -99,8 +99,8 @@ terminate(_Reason, #state{}) -> handle_call({handler, Pid, [Role, Socket, Opts]}, _From, State) -> {ok, Handler} = ssh_connection_handler:start_link(Role, Pid, Socket, Opts), {reply, {ok, Handler}, State#state{handler = Handler}}; -handle_call({manager, [server = Role, Socket, Opts]}, _From, State) -> - {ok, Manager} = ssh_connection_manager:start_link([Role, Socket, Opts]), +handle_call({manager, [server = Role, Socket, Opts, SubSysSup]}, _From, State) -> + {ok, Manager} = ssh_connection_manager:start_link([Role, Socket, Opts, SubSysSup]), {reply, {ok, Manager}, State#state{manager = Manager}}; handle_call({manager, [client = Role | Opts]}, _From, State) -> {ok, Manager} = ssh_connection_manager:start_link([Role, Opts]), @@ -126,8 +126,8 @@ handle_cast(_, State) -> %% handle_info(ssh_connected, State) -> %% {stop, normal, State}; %% Servant termination. -handle_info({'EXIT', _Pid, normal}, State) -> - {stop, normal, State}. +handle_info({'EXIT', _Pid, Reason}, State) -> + {stop, Reason, State}. %%----------------------------------------------------------------- %% Func: code_change/3 diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl index 822ef8f8f9..0ba11b0a26 100644 --- a/lib/ssh/src/ssh_connection_handler.erl +++ b/lib/ssh/src/ssh_connection_handler.erl @@ -527,7 +527,7 @@ handle_info({Protocol, Socket, Data}, Statename, %% Implementations SHOULD decrypt the length after receiving the %% first 8 (or cipher block size, whichever is larger) bytes of a %% packet. (RFC 4253: Section 6 - Binary Packet Protocol) - case size(EncData0) + size(Data) >= max(8, BlockSize) of + case size(EncData0) + size(Data) >= erlang:max(8, BlockSize) of true -> {Ssh, SshPacketLen, DecData, EncData} = @@ -705,11 +705,19 @@ generate_event(<<?BYTE(Byte), _/binary>> = Msg, StateName, Byte == ?SSH_MSG_CHANNEL_REQUEST; Byte == ?SSH_MSG_CHANNEL_SUCCESS; Byte == ?SSH_MSG_CHANNEL_FAILURE -> - ssh_connection_manager:event(Pid, Msg), - State = generate_event_new_state(State0, EncData), - next_packet(State), - {next_state, StateName, State}; + try + ssh_connection_manager:event(Pid, Msg), + State = generate_event_new_state(State0, EncData), + next_packet(State), + {next_state, StateName, State} + catch + exit:{noproc, _Reason} -> + Report = io_lib:format("~p Connection Handler terminated: ~p~n", + [self(), Pid]), + error_logger:info_report(Report), + {stop, normal, State0} + end; generate_event(Msg, StateName, State0, EncData) -> Event = ssh_bits:decode(Msg), State = generate_event_new_state(State0, EncData), @@ -758,11 +766,6 @@ after_new_keys(#state{renegotiate = false, ssh_params = #ssh{role = server}} = State) -> {userauth, State}. -max(N, M) when N > M -> - N; -max(_, M) -> - M. - handle_ssh_packet_data(RemainingSshPacketLen, DecData, EncData, StateName, State) -> EncSize = size(EncData), diff --git a/lib/ssh/src/ssh_connection_manager.erl b/lib/ssh/src/ssh_connection_manager.erl index a2effc177e..9bfd5270da 100644 --- a/lib/ssh/src/ssh_connection_manager.erl +++ b/lib/ssh/src/ssh_connection_manager.erl @@ -1,19 +1,19 @@ %% %% %CopyrightBegin% -%% +%% %% Copyright Ericsson AB 2008-2010. All Rights Reserved. -%% +%% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in %% compliance with the License. You should have received a copy of the %% Erlang Public License along with this software. If not, it can be %% retrieved online at http://www.erlang.org/. -%% +%% %% Software distributed under the License is distributed on an "AS IS" %% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See %% the License for the specific language governing rights and limitations %% under the License. -%% +%% %% %CopyrightEnd% %% %% @@ -146,6 +146,8 @@ adjust_window(ConnectionManager, Channel, Bytes) -> close(ConnectionManager, ChannelId) -> try call(ConnectionManager, {close, ChannelId}) of ok -> + ok; + {error, channel_closed} -> ok catch exit:{noproc, _} -> @@ -155,6 +157,8 @@ close(ConnectionManager, ChannelId) -> stop(ConnectionManager) -> try call(ConnectionManager, stop) of ok -> + ok; + {error, channel_closed} -> ok catch exit:{noproc, _} -> @@ -178,7 +182,7 @@ send_eof(ConnectionManager, ChannelId) -> %% {stop, Reason} %% Description: Initiates the server %%-------------------------------------------------------------------- -init([server, _Socket, Opts]) -> +init([server, _Socket, Opts, SubSysSup]) -> process_flag(trap_exit, true), ssh_bits:install_messages(ssh_connection:messages()), Cache = ssh_channel:cache_create(), @@ -187,7 +191,8 @@ init([server, _Socket, Opts]) -> channel_id_seed = 0, port_bindings = [], requests = [], - channel_pids = []}, + channel_pids = [], + sub_system_supervisor = SubSysSup}, opts = Opts, connected = false}}; @@ -400,7 +405,7 @@ handle_call({close, ChannelId}, _, end; handle_call(stop, _, #state{role = _client, - client = ChannelPid, + client = _ChannelPid, connection = Pid} = State) -> DisconnectMsg = #ssh_msg_disconnect{code = ?SSH_DISCONNECT_BY_APPLICATION, @@ -555,13 +560,18 @@ handle_info({'EXIT', _, _}, State) -> %% The return value is ignored. %%-------------------------------------------------------------------- terminate(Reason, #state{connection_state = - #connection{requests = Requests}, + #connection{requests = Requests, + sub_system_supervisor = SubSysSup}, opts = Opts}) -> SSHOpts = proplists:get_value(ssh_opts, Opts), disconnect_fun(Reason, SSHOpts), (catch lists:foreach(fun({_, From}) -> gen_server:reply(From, {error, connection_closed}) end, Requests)), + Address = proplists:get_value(address, Opts), + Port = proplists:get_value(port, Opts), + SystemSup = ssh_system_sup:system_supervisor(Address, Port), + ssh_system_sup:stop_subsystem(SystemSup, SubSysSup), ok. %%-------------------------------------------------------------------- @@ -592,7 +602,9 @@ call(Pid, Msg, Timeout) -> Result catch exit:{timeout, _} -> - {error, timeout} + {error, timeout}; + exit:{normal, _} -> + {error, channel_closed} end. cast(Pid, Msg) -> diff --git a/lib/ssh/src/ssh_file.erl b/lib/ssh/src/ssh_file.erl index 5572349fe7..12180f56bb 100755 --- a/lib/ssh/src/ssh_file.erl +++ b/lib/ssh/src/ssh_file.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2005-2010. All Rights Reserved. +%% Copyright Ericsson AB 2005-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -27,14 +27,16 @@ -include("PKCS-1.hrl"). -include("DSS.hrl"). +-include_lib("kernel/include/file.hrl"). + -export([public_host_dsa_key/2,private_host_dsa_key/2, public_host_rsa_key/2,private_host_rsa_key/2, public_host_key/2,private_host_key/2, lookup_host_key/3, add_host_key/3, % del_host_key/2, lookup_user_key/3, ssh_dir/2, file_name/3]). --export([private_identity_key/2]). -%% , public_identity_key/2, +-export([private_identity_key/2, + public_identity_key/2]). %% identity_keys/2]). -export([encode_public_key/1, decode_public_key_v2/2]). @@ -43,6 +45,9 @@ -define(DBG_PATHS, true). +-define(PERM_700, 8#700). +-define(PERM_644, 8#644). + %% API public_host_dsa_key(Type, Opts) -> File = file_name(Type, "ssh_host_dsa_key.pub", Opts), @@ -113,8 +118,10 @@ do_lookup_host_key(Host, Alg, Opts) -> add_host_key(Host, Key, Opts) -> Host1 = add_ip(replace_localhost(Host)), - case file:open(file_name(user, "known_hosts", Opts),[write,append]) of + KnownHosts = file_name(user, "known_hosts", Opts), + case file:open(KnownHosts, [write,append]) of {ok, Fd} -> + ok = file:change_mode(KnownHosts, ?PERM_644), Res = add_key_fd(Fd, Host1, Key), file:close(Fd), Res; @@ -140,6 +147,11 @@ private_identity_key(Alg, Opts) -> Path = file_name(user, identity_key_filename(Alg), Opts), read_private_key_v2(Path, Alg). +public_identity_key(Alg, Opts) -> + Path = file_name(user, identity_key_filename(Alg) ++ ".pub", Opts), + read_public_key_v2(Path, Alg). + + read_public_key_v2(File, Type) -> case file:read_file(File) of {ok,Bin} -> @@ -198,12 +210,17 @@ read_public_key_v1(File) -> %% pem_type("ssh-rsa") -> "RSA". read_private_key_v2(File, Type) -> - case catch (public_key:pem_to_der(File)) of - {ok, [{_, Bin, not_encrypted}]} -> - decode_private_key_v2(Bin, Type); - Error -> %% Note we do not handle password encrypted keys at the moment - {error, Error} - end. + case file:read_file(File) of + {ok, PemBin} -> + case catch (public_key:pem_decode(PemBin)) of + [{_, Bin, not_encrypted}] -> + decode_private_key_v2(Bin, Type); + Error -> %% Note we do not handle password encrypted keys at the moment + {error, Error} + end; + {error, Reason} -> + {error, Reason} + end. %% case file:read_file(File) of %% {ok,Bin} -> %% case read_pem(binary_to_list(Bin), pem_type(Type)) of @@ -527,4 +544,7 @@ file_name(Type, Name, Opts) -> default_user_dir()-> {ok,[[Home|_]]} = init:get_argument(home), - filename:join(Home, ".ssh"). + UserDir = filename:join(Home, ".ssh"), + ok = filelib:ensure_dir(filename:join(UserDir, "dummy")), + ok = file:change_mode(UserDir, ?PERM_700), + UserDir. diff --git a/lib/ssh/src/ssh_rsa.erl b/lib/ssh/src/ssh_rsa.erl index e27cdcf7bd..91b8285b2e 100755 --- a/lib/ssh/src/ssh_rsa.erl +++ b/lib/ssh/src/ssh_rsa.erl @@ -202,8 +202,7 @@ rsassa_pkcs1_v1_5_verify(Public=#ssh_key { public={N,_E}}, Mb, Sb) -> case emsa_pkcs1_v1_5_encode(Mb, K) of EM -> ok; _S -> - io:format("S: ~p~n", [_S]), - {error, invalid_signature} % exit(invalid_signature) + {error, invalid_signature} end. diff --git a/lib/ssh/src/ssh_sftpd.erl b/lib/ssh/src/ssh_sftpd.erl index dc789092dd..da91817fd7 100644 --- a/lib/ssh/src/ssh_sftpd.erl +++ b/lib/ssh/src/ssh_sftpd.erl @@ -242,7 +242,8 @@ handle_op(?SSH_FXP_REALPATH, ReqId, end; handle_op(?SSH_FXP_OPENDIR, ReqId, <<?UINT32(RLen), RPath:RLen/binary>>, - State0 = #state{file_handler = FileMod, file_state = FS0}) -> + State0 = #state{xf = #ssh_xfer{vsn = Vsn}, + file_handler = FileMod, file_state = FS0}) -> RelPath = binary_to_list(RPath), AbsPath = relate_file_name(RelPath, State0), @@ -250,10 +251,14 @@ handle_op(?SSH_FXP_OPENDIR, ReqId, {IsDir, FS1} = FileMod:is_dir(AbsPath, FS0), State1 = State0#state{file_state = FS1}, case IsDir of - false -> + false when Vsn > 5 -> ssh_xfer:xf_send_status(XF, ReqId, ?SSH_FX_NOT_A_DIRECTORY, "Not a directory"), State1; + false -> + ssh_xfer:xf_send_status(XF, ReqId, ?SSH_FX_FAILURE, + "Not a directory"), + State1; true -> add_handle(State1, XF, ReqId, directory, {RelPath,unread}) end; diff --git a/lib/ssh/src/ssh_system_sup.erl b/lib/ssh/src/ssh_system_sup.erl index 40db2e4adf..920baaadef 100644 --- a/lib/ssh/src/ssh_system_sup.erl +++ b/lib/ssh/src/ssh_system_sup.erl @@ -33,7 +33,8 @@ stop_system/2, system_supervisor/2, subsystem_supervisor/1, channel_supervisor/1, connection_supervisor/1, - acceptor_supervisor/1, start_subsystem/2, restart_subsystem/2, restart_acceptor/2]). + acceptor_supervisor/1, start_subsystem/2, restart_subsystem/2, + restart_acceptor/2, stop_subsystem/2]). %% Supervisor callback -export([init/1]). @@ -83,6 +84,23 @@ start_subsystem(SystemSup, Options) -> Spec = ssh_subsystem_child_spec(Options), supervisor:start_child(SystemSup, Spec). +stop_subsystem(SystemSup, SubSys) -> + case catch lists:keyfind(SubSys, 2, supervisor:which_children(SystemSup)) of + false -> + {error, not_found}; + {Id, _, _, _} -> + spawn(fun() -> supervisor:terminate_child(SystemSup, Id), + supervisor:delete_child(SystemSup, Id) end), + ok; + {'EXIT', {noproc, _}} -> + %% Already terminated; probably shutting down. + ok; + {'EXIT', {shutdown, _}} -> + %% Already shutting down. + ok + end. + + restart_subsystem(Address, Port) -> SysSupName = make_name(Address, Port), SubSysName = id(ssh_subsystem_sup, Address, Port), diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl index e79ccdda0c..de3e29e2f1 100644 --- a/lib/ssh/src/ssh_transport.erl +++ b/lib/ssh/src/ssh_transport.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2004-2010. All Rights Reserved. +%% Copyright Ericsson AB 2004-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -169,6 +169,8 @@ do_connect(Callback, Address, Port, SocketOpts, Timeout) -> Callback:connect(Address, Port, lists:delete(inet6, Opts), Timeout); {error, eafnosupport} -> Callback:connect(Address, Port, lists:delete(inet6, Opts), Timeout); + {error, enetunreach} -> + Callback:connect(Address, Port, lists:delete(inet6, Opts), Timeout); Other -> Other end. |