3 files changed, 70 insertions, 33 deletions
diff --git a/lib/ssh/src/ssh.hrl b/lib/ssh/src/ssh.hrl
index d6d412db43..3dee1c5521 100644
--- a/lib/ssh/src/ssh.hrl
+++ b/lib/ssh/src/ssh.hrl
@@ -63,8 +63,8 @@
 -define(uint16(X), << ?UINT16(X) >> ).
 -define(uint32(X), << ?UINT32(X) >> ).
 -define(uint64(X), << ?UINT64(X) >> ).
--define(string(X), << ?STRING(list_to_binary(X)) >> ).
 -define(string_utf8(X), << ?STRING(unicode:characters_to_binary(X)) >> ).
+-define(string(X), ?string_utf8(X)).
 -define(binary(X), << ?STRING(X) >>).
 
 %% Cipher details
diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index 802bf62570..0ca960ef96 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -325,23 +325,32 @@ renegotiate_data(ConnectionHandler) ->
 %% Internal process state
 %%====================================================================
 -record(data, {
-	  starter                               :: pid(),
+	  starter                               :: pid()
+						 | undefined,
 	  auth_user                             :: string()
 						 | undefined,
 	  connection_state                      :: #connection{},
-	  latest_channel_id         = 0         :: non_neg_integer(),
+	  latest_channel_id         = 0         :: non_neg_integer()
+                                                 | undefined,
 	  idle_timer_ref                        :: undefined 
 						 | infinity
 						 | reference(),
 	  idle_timer_value          = infinity  :: infinity
 						 | pos_integer(),
-	  transport_protocol                    :: atom(),	% ex: tcp
-	  transport_cb                          :: atom(),	% ex: gen_tcp
-	  transport_close_tag                   :: atom(),	% ex: tcp_closed
-	  ssh_params                            :: #ssh{},
-	  socket                                :: inet:socket(),
-	  decrypted_data_buffer     = <<>>      :: binary(),
-	  encrypted_data_buffer     = <<>>      :: binary(),
+	  transport_protocol                    :: atom()
+                                                 | undefined,	% ex: tcp
+	  transport_cb                          :: atom()
+                                                 | undefined,	% ex: gen_tcp
+	  transport_close_tag                   :: atom()
+                                                 | undefined,	% ex: tcp_closed
+	  ssh_params                            :: #ssh{}
+                                                 | undefined,
+	  socket                                :: inet:socket()
+                                                 | undefined,
+	  decrypted_data_buffer     = <<>>      :: binary()
+                                                 | undefined,
+	  encrypted_data_buffer     = <<>>      :: binary()
+                                                 | undefined,
 	  undecrypted_packet_length             :: undefined | non_neg_integer(),
 	  key_exchange_init_msg                 :: #ssh_msg_kexinit{}
 						 | undefined,
@@ -370,16 +379,17 @@ init_connection_handler(Role, Socket, Opts) ->
                                   StartState,
                                   D);
 
-        {stop, enotconn} ->
-	    %% Handles the abnormal sequence:
-	    %%    SYN->
-	    %%            <-SYNACK
-	    %%    ACK->
-	    %%    RST->
-	    exit({shutdown, "TCP connection to server was prematurely closed by the client"});
-        
-	{stop, OtherError} ->
-	    exit({shutdown, {init,OtherError}})
+        {stop, Error} ->
+            Sups = ?GET_INTERNAL_OPT(supervisors, Opts),
+            C = #connection{system_supervisor =     proplists:get_value(system_sup,     Sups),
+                            sub_system_supervisor = proplists:get_value(subsystem_sup,  Sups),
+                            connection_supervisor = proplists:get_value(connection_sup, Sups)
+                           },
+            gen_statem:enter_loop(?MODULE,
+                                  [],
+                                  {init_error,Error},
+                                  #data{connection_state=C,
+                                        socket=Socket})
     end.
 
 
@@ -531,6 +541,21 @@ renegotiation(_) -> false.
 callback_mode() ->
     handle_event_function.
 
+
+handle_event(_, _Event, {init_error,Error}, _) ->
+    case Error of
+        enotconn ->
+           %% Handles the abnormal sequence:
+           %%    SYN->
+           %%            <-SYNACK
+           %%    ACK->
+           %%    RST->
+            {stop, {shutdown,"TCP connenction to server was prematurely closed by the client"}};
+
+        OtherError ->
+            {stop, {shutdown,{init,OtherError}}}
+    end;
+
 %%% ######## {hello, client|server} ####
 %% The very first event that is sent when the we are set as controlling process of Socket
 handle_event(_, socket_control, {hello,_}, D) ->
diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl
index d8f7a96c15..90a94a7e86 100644
--- a/lib/ssh/src/ssh_transport.erl
+++ b/lib/ssh/src/ssh_transport.erl
@@ -811,7 +811,15 @@ extract_public_key(#'DSAPrivateKey'{y = Y, p = P, q = Q, g = G}) ->
     {Y,  #'Dss-Parms'{p=P, q=Q, g=G}};
 extract_public_key(#'ECPrivateKey'{parameters = {namedCurve,OID},
 				   publicKey = Q}) ->
-    {#'ECPoint'{point=Q}, {namedCurve,OID}}.
+    {#'ECPoint'{point=Q}, {namedCurve,OID}};
+extract_public_key(#{engine:=_, key_id:=_, algorithm:=Alg} = M) ->
+    case {Alg, crypto:privkey_to_pubkey(Alg, M)} of
+        {rsa, [E,N]} ->
+            #'RSAPublicKey'{modulus = N, publicExponent = E};
+        {dss, [P,Q,G,Y]} ->
+            {Y, #'Dss-Parms'{p=P, q=Q, g=G}}
+    end.
+
 
 
 verify_host_key(#ssh{algorithms=Alg}=SSH, PublicKey, Digest, {AlgStr,Signature}) ->
@@ -1261,10 +1269,12 @@ payload(<<PacketLen:32, PaddingLen:8, PayloadAndPadding/binary>>) ->
     <<Payload:PayloadLen/binary, _/binary>> = PayloadAndPadding,
     Payload.
 
+sign(SigData, HashAlg, #{algorithm:=dss} = Key) ->
+    mk_dss_sig(crypto:sign(dss, HashAlg, SigData, Key));
+sign(SigData, HashAlg, #{algorithm:=SigAlg} = Key) ->
+    crypto:sign(SigAlg, HashAlg, SigData, Key);
 sign(SigData, HashAlg,  #'DSAPrivateKey'{} = Key) ->
-    DerSignature = public_key:sign(SigData, HashAlg, Key),
-    #'Dss-Sig-Value'{r = R, s = S} = public_key:der_decode('Dss-Sig-Value', DerSignature),
-    <<R:160/big-unsigned-integer, S:160/big-unsigned-integer>>;
+    mk_dss_sig(public_key:sign(SigData, HashAlg, Key));
 sign(SigData, HashAlg, Key = #'ECPrivateKey'{}) ->
     DerEncodedSign =  public_key:sign(SigData, HashAlg, Key),
     #'ECDSA-Sig-Value'{r=R, s=S} = public_key:der_decode('ECDSA-Sig-Value', DerEncodedSign),
@@ -1272,6 +1282,12 @@ sign(SigData, HashAlg, Key = #'ECPrivateKey'{}) ->
 sign(SigData, HashAlg, Key) ->
     public_key:sign(SigData, HashAlg, Key).
 
+
+mk_dss_sig(DerSignature) ->
+    #'Dss-Sig-Value'{r = R, s = S} = public_key:der_decode('Dss-Sig-Value', DerSignature),
+    <<R:160/big-unsigned-integer, S:160/big-unsigned-integer>>.
+
+
 verify(PlainText, HashAlg, Sig, {_,  #'Dss-Parms'{}} = Key) ->
     case Sig of
         <<R:160/big-unsigned-integer, S:160/big-unsigned-integer>> ->
@@ -1823,6 +1839,8 @@ kex_alg_dependent({Min, NBits, Max, Prime, Gen, E, F, K}) ->
 
 %%%----------------------------------------------------------------
 
+valid_key_sha_alg(#{engine:=_, key_id:=_}, _Alg) -> true; % Engine key
+
 valid_key_sha_alg(#'RSAPublicKey'{}, 'rsa-sha2-512') -> true;
 valid_key_sha_alg(#'RSAPublicKey'{}, 'rsa-sha2-384') -> true;
 valid_key_sha_alg(#'RSAPublicKey'{}, 'rsa-sha2-256') -> true;
@@ -2009,12 +2027,6 @@ same(Algs) ->  [{client2server,Algs}, {server2client,Algs}].
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 
 trim_tail(Str) ->
-    lists:reverse(trim_head(lists:reverse(Str))).
-
-trim_head([$\s|Cs]) -> trim_head(Cs);
-trim_head([$\t|Cs]) -> trim_head(Cs);
-trim_head([$\n|Cs]) -> trim_head(Cs);
-trim_head([$\r|Cs]) -> trim_head(Cs);
-trim_head(Cs) -> Cs.
-
-
+    lists:takewhile(fun(C) -> 
+			    C=/=$\r andalso C=/=$\n
+		    end, Str).