diff options
Diffstat (limited to 'lib/ssh/src')
| -rw-r--r-- | lib/ssh/src/ssh.erl | 4 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_acceptor.erl | 47 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_connection_handler.erl | 3 | 
3 files changed, 41 insertions, 13 deletions
| diff --git a/lib/ssh/src/ssh.erl b/lib/ssh/src/ssh.erl index de6e8cc421..75081b7a61 100644 --- a/lib/ssh/src/ssh.erl +++ b/lib/ssh/src/ssh.erl @@ -332,6 +332,8 @@ handle_option([{idle_time, _} = Opt | Rest], SocketOptions, SshOptions) ->      handle_option(Rest, SocketOptions, [handle_ssh_option(Opt) | SshOptions]);  handle_option([{rekey_limit, _} = Opt|Rest], SocketOptions, SshOptions) ->      handle_option(Rest, SocketOptions, [handle_ssh_option(Opt) | SshOptions]); +handle_option([{max_sessions, _} = Opt|Rest], SocketOptions, SshOptions) -> +    handle_option(Rest, SocketOptions, [handle_ssh_option(Opt) | SshOptions]);  handle_option([{negotiation_timeout, _} = Opt|Rest], SocketOptions, SshOptions) ->      handle_option(Rest, SocketOptions, [handle_ssh_option(Opt) | SshOptions]);  handle_option([{parallel_login, _} = Opt|Rest], SocketOptions, SshOptions) -> @@ -366,6 +368,8 @@ handle_ssh_option({pref_public_key_algs, Value} = Opt) when is_list(Value), leng      end;  handle_ssh_option({connect_timeout, Value} = Opt) when is_integer(Value); Value == infinity ->      Opt; +handle_ssh_option({max_sessions, Value} = Opt) when is_integer(Value), Value>0 -> +    Opt;  handle_ssh_option({negotiation_timeout, Value} = Opt) when is_integer(Value); Value == infinity ->      Opt;  handle_ssh_option({parallel_login, Value} = Opt) when Value==true ; Value==false -> diff --git a/lib/ssh/src/ssh_acceptor.erl b/lib/ssh/src/ssh_acceptor.erl index e57b07cee8..7302196674 100644 --- a/lib/ssh/src/ssh_acceptor.erl +++ b/lib/ssh/src/ssh_acceptor.erl @@ -80,18 +80,36 @@ acceptor_loop(Callback, Port, Address, Opts, ListenSocket, AcceptTimeout) ->  				  ListenSocket, AcceptTimeout)      end. -handle_connection(_Callback, Address, Port, Options, Socket) -> +handle_connection(Callback, Address, Port, Options, Socket) ->      SystemSup = ssh_system_sup:system_supervisor(Address, Port), -    {ok, SubSysSup} = ssh_system_sup:start_subsystem(SystemSup, Options), -    ConnectionSup = ssh_subsystem_sup:connection_supervisor(SubSysSup), -    Timeout = proplists:get_value(negotiation_timeout,  -				  proplists:get_value(ssh_opts, Options, []), -				  2*60*1000), -    ssh_connection_handler:start_connection(server, Socket, -					    [{supervisors, [{system_sup, SystemSup}, -							    {subsystem_sup, SubSysSup}, -							    {connection_sup, ConnectionSup}]} -					     | Options], Timeout). +    SSHopts = proplists:get_value(ssh_opts, Options, []), +    MaxSessions = proplists:get_value(max_sessions,SSHopts,infinity), +    case number_of_connections(SystemSup) < MaxSessions of +	true -> +	    {ok, SubSysSup} = ssh_system_sup:start_subsystem(SystemSup, Options), +	    ConnectionSup = ssh_subsystem_sup:connection_supervisor(SubSysSup), +	    Timeout = proplists:get_value(negotiation_timeout, SSHopts, 2*60*1000), +	    ssh_connection_handler:start_connection(server, Socket, +						    [{supervisors, [{system_sup, SystemSup}, +								    {subsystem_sup, SubSysSup}, +								    {connection_sup, ConnectionSup}]} +						     | Options], Timeout); +	false -> +	    Callback:close(Socket), +	    IPstr = if is_tuple(Address) -> inet:ntoa(Address); +		     true -> Address +		  end, +	    Str = try io_lib:format('~s:~p',[IPstr,Port]) +		  catch _:_ -> "port "++integer_to_list(Port) +		  end, +	    error_logger:info_report("Ssh login attempt to "++Str++" denied due to option " +				     "max_sessions limits to "++ io_lib:write(MaxSessions) ++ +				     " sessions." +				     ), +	    {error,max_sessions} +    end. + +  handle_error(timeout) ->      ok; @@ -117,3 +135,10 @@ handle_error(Reason) ->      String = lists:flatten(io_lib:format("Accept error: ~p", [Reason])),      error_logger:error_report(String),      exit({accept_failed, String}).     + + +number_of_connections(SystemSup) -> +    length([X ||  +	       {R,X,supervisor,[ssh_subsystem_sup]} <- supervisor:which_children(SystemSup), +	       is_reference(R) +	  ]). diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl index 322da50f21..06866392da 100644 --- a/lib/ssh/src/ssh_connection_handler.erl +++ b/lib/ssh/src/ssh_connection_handler.erl @@ -1482,8 +1482,7 @@ ssh_channel_info([ _ | Rest], Channel, Acc) ->  log_error(Reason) ->      Report = io_lib:format("Erlang ssh connection handler failed with reason: " -			   "~p ~n, Stacktace: ~p ~n" -			   "please report this to [email protected] \n", +			   "~p ~n, Stacktrace: ~p ~n",  			   [Reason,  erlang:get_stacktrace()]),      error_logger:error_report(Report),      "Internal error". | 
