4 files changed, 91 insertions, 32 deletions
diff --git a/lib/ssh/src/ssh.erl b/lib/ssh/src/ssh.erl
index 51ad691ba2..d4b02a024e 100644
--- a/lib/ssh/src/ssh.erl
+++ b/lib/ssh/src/ssh.erl
@@ -347,6 +347,8 @@ handle_option([parallel_login|Rest], SocketOptions, SshOptions) ->
     handle_option(Rest, SocketOptions, [handle_ssh_option({parallel_login,true}) | SshOptions]);
 handle_option([{minimal_remote_max_packet_size, _} = Opt|Rest], SocketOptions, SshOptions) ->
     handle_option(Rest, SocketOptions, [handle_ssh_option(Opt) | SshOptions]);
+handle_option([{id_string, _ID} = Opt|Rest], SocketOptions, SshOptions) ->
+    handle_option(Rest, SocketOptions, [handle_ssh_option(Opt) | SshOptions]);
 handle_option([Opt | Rest], SocketOptions, SshOptions) ->
     handle_option(Rest, [handle_inet_option(Opt) | SocketOptions], SshOptions).
 
@@ -439,6 +441,10 @@ handle_ssh_option({idle_time, Value} = Opt) when is_integer(Value), Value > 0 ->
     Opt;
 handle_ssh_option({rekey_limit, Value} = Opt) when is_integer(Value) -> 
     Opt;
+handle_ssh_option({id_string, random}) ->
+    {id_string, {random,2,5}}; %% 2 - 5 random characters
+handle_ssh_option({id_string, ID} = Opt) when is_list(ID) ->
+    Opt;
 handle_ssh_option(Opt) ->
     throw({error, {eoptions, Opt}}).
 
diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index e1f2e059e8..4dea284071 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -70,6 +70,7 @@
 	  undecoded_packet_length, %  integer()
 	  key_exchange_init_msg,   %  #ssh_msg_kexinit{}
 	  renegotiate = false,     %  boolean() 
+	  last_size_rekey = 0,
 	  connection_queue,
 	  address,
 	  port,
@@ -635,7 +636,8 @@ handle_event(renegotiate, StateName, State) ->
 
 %% Rekey due to sent data limit reached?
 handle_event(data_size, connected, #state{ssh_params = Ssh0} = State) ->
-    {ok, [{send_oct,Sent}]} = inet:getstat(State#state.socket, [send_oct]),
+    {ok, [{send_oct,Sent0}]} = inet:getstat(State#state.socket, [send_oct]),
+    Sent = Sent0 - State#state.last_size_rekey,
     MaxSent = proplists:get_value(rekey_limit, State#state.opts, 1024000000),
     timer:apply_after(?REKEY_DATA_TIMOUT, gen_fsm, send_all_state_event, [self(), data_size]),
     case Sent >= MaxSent of
@@ -645,7 +647,8 @@ handle_event(data_size, connected, #state{ssh_params = Ssh0} = State) ->
 	    {next_state, kexinit,
 	     next_packet(State#state{ssh_params = Ssh,
 				     key_exchange_init_msg = KeyInitMsg,
-				     renegotiate = true})};
+				     renegotiate = true,
+				     last_size_rekey = Sent0})};
 	_ ->
 	    {next_state, connected, next_packet(State)}
     end;
diff --git a/lib/ssh/src/ssh_sftp.erl b/lib/ssh/src/ssh_sftp.erl
index 613f8f25b2..bab688f226 100644
--- a/lib/ssh/src/ssh_sftp.erl
+++ b/lib/ssh/src/ssh_sftp.erl
@@ -111,7 +111,7 @@ start_channel(Cm, Opts) when is_pid(Cm) ->
 			    TimeOut
 		    end;
 		{error, Reason} ->
-		    {error, Reason};
+		    {error, format_channel_start_error(Reason)};
 		ignore ->
 		    {error, ignore}
 	    end;
@@ -136,7 +136,7 @@ start_channel(Host, Port, Opts) ->
 			    TimeOut
 		    end;
 		{error, Reason} ->
-		    {error, Reason};
+		    {error, format_channel_start_error(Reason)};
 		ignore ->
 		    {error, ignore}
 	    end;
@@ -491,9 +491,9 @@ init([Cm, ChannelId, Options]) ->
 			inf = new_inf(),
 			opts = Options}};
 	failure ->
-	    {stop, "server failed to start sftp subsystem"};
+	    {stop, {shutdown, "server failed to start sftp subsystem"}};
 	Error ->
-	    {stop, Error}
+	    {stop, {shutdown, Error}}
     end.
     
 %%--------------------------------------------------------------------
@@ -508,12 +508,12 @@ init([Cm, ChannelId, Options]) ->
 %%--------------------------------------------------------------------
 handle_call({{timeout, infinity}, wait_for_version_negotiation}, From,
 	    #state{xf = #ssh_xfer{vsn = undefined} = Xf} = State) ->
-    {noreply, State#state{xf = Xf#ssh_xfer{vsn = From}}}; 
+    {noreply, State#state{xf = Xf#ssh_xfer{vsn = {wait, From, undefined}}}};
 
 handle_call({{timeout, Timeout}, wait_for_version_negotiation}, From,
 	    #state{xf = #ssh_xfer{vsn = undefined} = Xf} = State) ->
-    timer:send_after(Timeout, {timeout, undefined, From}),
-    {noreply, State#state{xf = Xf#ssh_xfer{vsn = From}}}; 
+    TRef = erlang:send_after(Timeout, self(), {timeout, undefined, From}),
+    {noreply, State#state{xf = Xf#ssh_xfer{vsn = {wait, From, TRef}}}};
 
 handle_call({_, wait_for_version_negotiation}, _, State) ->
     {reply, ok, State};
@@ -865,7 +865,12 @@ do_handle_reply(#state{xf = Xf} = State,
     case Xf#ssh_xfer.vsn of
 	undefined ->
 	    ok;
-	From ->
+	{wait, From, TRef} ->
+	    if is_reference(TRef) ->
+		    erlang:cancel_timer(TRef);
+	       true ->
+		    ok
+	    end,
 	    ssh_channel:reply(From, ok)
     end,    
     State#state{xf = Xf#ssh_xfer{vsn = Version, ext = Ext}, rep_buf = Rest};
@@ -1412,3 +1417,8 @@ open_buf1(Pid, BufInfo0, FileOpTimeout, CryptoState, ChunkSize) ->
     BufHandle = make_ref(),
     call(Pid, {put_bufinf,BufHandle,BufInfo}, FileOpTimeout),
     {ok,BufHandle}.
+
+format_channel_start_error({shutdown, Reason}) ->
+    Reason;
+format_channel_start_error(Reason) ->
+    Reason.
diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl
index 76fa776113..d6414bab6c 100644
--- a/lib/ssh/src/ssh_transport.erl
+++ b/lib/ssh/src/ssh_transport.erl
@@ -44,12 +44,34 @@
 
 versions(client, Options)->
     Vsn = proplists:get_value(vsn, Options, ?DEFAULT_CLIENT_VERSION),
-    Version = format_version(Vsn),
-    {Vsn, Version};
+    {Vsn, format_version(Vsn, software_version(Options))};
 versions(server, Options) ->
     Vsn = proplists:get_value(vsn, Options, ?DEFAULT_SERVER_VERSION),
-    Version = format_version(Vsn),
-    {Vsn, Version}.
+    {Vsn, format_version(Vsn, software_version(Options))}.
+
+software_version(Options) -> 
+    case proplists:get_value(id_string, Options) of
+	undefined ->
+	    "Erlang"++ssh_vsn();
+	{random,Nlo,Nup} ->
+	    random_id(Nlo,Nup);
+	ID ->
+	    ID
+    end.
+
+ssh_vsn() ->
+    try {ok,L} = application:get_all_key(ssh),
+	 proplists:get_value(vsn,L,"")
+    of 
+	"" -> "";
+	VSN when is_list(VSN) -> "/" ++ VSN;
+	_ -> ""
+    catch
+	_:_ -> ""
+    end.
+    
+random_id(Nlo, Nup) -> 
+    [crypto:rand_uniform($a,$z+1) || _<- lists:duplicate(crypto:rand_uniform(Nlo,Nup+1),x)  ].
 
 hello_version_msg(Data) ->
     [Data,"\r\n"].
@@ -77,9 +99,9 @@ is_valid_mac(Mac, Data, #ssh{recv_mac = Algorithm,
 yes_no(Ssh, Prompt)  ->
     (Ssh#ssh.io_cb):yes_no(Prompt, Ssh).
 
-format_version({Major,Minor}) ->
+format_version({Major,Minor}, SoftwareVersion) ->
     "SSH-" ++ integer_to_list(Major) ++ "." ++ 
-	integer_to_list(Minor) ++ "-Erlang".
+	integer_to_list(Minor) ++ "-" ++ SoftwareVersion.
 
 handle_hello_version(Version) ->
     try
@@ -218,20 +240,30 @@ key_exchange_first_msg('diffie-hellman-group-exchange-sha1', Ssh0) ->
 
 handle_kexdh_init(#ssh_msg_kexdh_init{e = E}, Ssh0) ->
     {G, P} = dh_group1(),
-    {Private, Public} = dh_gen_key(G, P, 1024),
-    K = ssh_math:ipow(E, Private, P),
-    Key = get_host_key(Ssh0),
-    H = kex_h(Ssh0, Key, E, Public, K),
-    H_SIG = sign_host_key(Ssh0, Key, H),
-    {SshPacket, Ssh1} = ssh_packet(#ssh_msg_kexdh_reply{public_host_key = Key,
-							f = Public,
-							h_sig = H_SIG
-						       }, Ssh0),
-
-    {ok, SshPacket, Ssh1#ssh{keyex_key = {{Private, Public}, {G, P}},
-			     shared_secret = K,
-			     exchanged_hash = H,
-			     session_id = sid(Ssh1, H)}}.
+    if
+	1=<E, E=<(P-1) ->
+	    {Private, Public} = dh_gen_key(G, P, 1024),
+	    K = ssh_math:ipow(E, Private, P),
+	    Key = get_host_key(Ssh0),
+	    H = kex_h(Ssh0, Key, E, Public, K),
+	    H_SIG = sign_host_key(Ssh0, Key, H),
+	    {SshPacket, Ssh1} = ssh_packet(#ssh_msg_kexdh_reply{public_host_key = Key,
+								f = Public,
+								h_sig = H_SIG
+							       }, Ssh0),
+	    
+	    {ok, SshPacket, Ssh1#ssh{keyex_key = {{Private, Public}, {G, P}},
+				     shared_secret = K,
+				     exchanged_hash = H,
+				     session_id = sid(Ssh1, H)}};
+	true ->
+	    Error = {error,bad_e_from_peer},
+	    Disconnect = #ssh_msg_disconnect{
+			    code = ?SSH_DISCONNECT_KEY_EXCHANGE_FAILED,
+			    description = "Key exchange failed, 'f' out of bounds",
+			    language = "en"},
+	    throw({Error, Disconnect})
+    end.
 
 handle_kex_dh_gex_group(#ssh_msg_kex_dh_gex_group{p = P, g = G}, Ssh0) ->
     {Private, Public} = dh_gen_key(G,P,1024),
@@ -255,7 +287,7 @@ handle_new_keys(#ssh_msg_newkeys{}, Ssh0) ->
 %% %% Select algorithms
 handle_kexdh_reply(#ssh_msg_kexdh_reply{public_host_key = HostKey, f = F,
 					h_sig = H_SIG}, 
-		   #ssh{keyex_key = {{Private, Public}, {_G, P}}} = Ssh0) ->
+		   #ssh{keyex_key = {{Private, Public}, {_G, P}}} = Ssh0) when 1=<F, F=<(P-1)->
     K = ssh_math:ipow(F, Private, P),
     H = kex_h(Ssh0, HostKey, Public, F, K),
 
@@ -271,7 +303,15 @@ handle_kexdh_reply(#ssh_msg_kexdh_reply{public_host_key = HostKey, f = F,
 	      description = "Key exchange failed",
 	      language = "en"},
 	    throw({Error, Disconnect})
-    end.
+    end;
+handle_kexdh_reply(#ssh_msg_kexdh_reply{}, _SSH) ->
+    Error = {error,bad_f_from_peer},
+    Disconnect = #ssh_msg_disconnect{
+		    code = ?SSH_DISCONNECT_KEY_EXCHANGE_FAILED,
+		    description = "Key exchange failed, 'f' out of bounds",
+		    language = "en"},
+    throw({Error, Disconnect}).
+
 
 handle_kex_dh_gex_request(#ssh_msg_kex_dh_gex_request{min = _Min,
 						      n   = _NBits,