4 files changed, 207 insertions, 37 deletions

diff --git a/lib/ssh/doc/src/notes.xml b/lib/ssh/doc/src/notes.xml
index 0dbec7527a..60440d3a80 100644
--- a/lib/ssh/doc/src/notes.xml
+++ b/lib/ssh/doc/src/notes.xml
@@ -29,6 +29,27 @@
     <file>notes.xml</file>
   </header>
 
+<section><title>Ssh 3.0.4</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    When starting an ssh-daemon giving the option
+	    {parallel_login, true}, the timeout for authentication
+	    negotiation ({negotiation_timeout, integer()}) was never
+	    removed.</p>
+          <p>
+	    This caused the session to always be terminated after the
+	    timeout if parallel_login was set.</p>
+          <p>
+	    Own Id: OTP-12057 Aux Id: seq12663 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Ssh 3.0.3</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index 06866392da..86804c4436 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -104,21 +104,11 @@ start_connection(client = Role, Socket, Options, Timeout) ->
 
 start_connection(server = Role, Socket, Options, Timeout) ->
     try
-	Sups = proplists:get_value(supervisors, Options),
-	ConnectionSup = proplists:get_value(connection_sup, Sups),
-	Opts = [{supervisors, Sups}, {user_pid, self()} | proplists:get_value(ssh_opts, Options, [])],
-	{ok, Pid} = ssh_connection_sup:start_child(ConnectionSup, [Role, Socket, Opts]),
-	{_, Callback, _} =  proplists:get_value(transport, Options, {tcp, gen_tcp, tcp_closed}),
-	socket_control(Socket, Pid, Callback),
-	case proplists:get_value(parallel_login, Opts, false) of
+	case proplists:get_value(parallel_login, Options, false) of
 	    true ->
-		spawn(fun() -> 
-			      Ref = erlang:monitor(process, Pid),
-			      handshake(Pid, Ref, Timeout) 
-		      end);
+		spawn(fun() -> start_server_connection(Role, Socket, Options, Timeout) end);
 	    false ->
-		Ref = erlang:monitor(process, Pid),
-		handshake(Pid, Ref, Timeout)
+		start_server_connection(Role, Socket, Options, Timeout)
 	end
     catch
 	exit:{noproc, _} ->
@@ -127,6 +117,18 @@ start_connection(server = Role, Socket, Options, Timeout) ->
 	    {error, Error}
     end.
 
+
+start_server_connection(server = Role, Socket, Options, Timeout) ->
+    Sups = proplists:get_value(supervisors, Options),
+    ConnectionSup = proplists:get_value(connection_sup, Sups),
+    Opts = [{supervisors, Sups}, {user_pid, self()} | proplists:get_value(ssh_opts, Options, [])],
+    {ok, Pid} = ssh_connection_sup:start_child(ConnectionSup, [Role, Socket, Opts]),
+    {_, Callback, _} =  proplists:get_value(transport, Options, {tcp, gen_tcp, tcp_closed}),
+    socket_control(Socket, Pid, Callback),
+    Ref = erlang:monitor(process, Pid),
+    handshake(Pid, Ref, Timeout).
+
+
 start_link(Role, Socket, Options) ->
     {ok, proc_lib:spawn_link(?MODULE, init, [[Role, Socket, Options]])}.
 
diff --git a/lib/ssh/test/ssh_basic_SUITE.erl b/lib/ssh/test/ssh_basic_SUITE.erl
index bf7fb4c73e..9242731924 100644
--- a/lib/ssh/test/ssh_basic_SUITE.erl
+++ b/lib/ssh/test/ssh_basic_SUITE.erl
@@ -53,13 +53,21 @@ all() ->
      {group, hardening_tests}
     ].
 
-groups() -> 
+groups() ->
     [{dsa_key, [], basic_tests()},
      {rsa_key, [], basic_tests()},
      {dsa_pass_key, [], [pass_phrase]},
      {rsa_pass_key, [], [pass_phrase]},
      {internal_error, [], [internal_error]},
-     {hardening_tests, [], [max_sessions]}
+     {hardening_tests, [], [ssh_connect_nonegtimeout_connected_parallel,
+			    ssh_connect_nonegtimeout_connected_sequential,
+			    ssh_connect_negtimeout_parallel,
+			    ssh_connect_negtimeout_sequential,
+			    max_sessions_ssh_connect_parallel,
+			    max_sessions_ssh_connect_sequential,
+			    max_sessions_sftp_start_channel_parallel,
+			    max_sessions_sftp_start_channel_sequential
+			   ]}
     ].
 
 
@@ -743,6 +751,98 @@ ms_passed(N1={_,_,M1}, N2={_,_,M2}) ->
     1000 * (Min*60 + Sec + (M2-M1)/1000000).
 
 %%--------------------------------------------------------------------
+ssh_connect_negtimeout_parallel(Config) -> ssh_connect_negtimeout(Config,true).
+ssh_connect_negtimeout_sequential(Config) -> ssh_connect_negtimeout(Config,false).
+    
+ssh_connect_negtimeout(Config, Parallel) ->
+    process_flag(trap_exit, true),
+    SystemDir = filename:join(?config(priv_dir, Config), system),
+    UserDir = ?config(priv_dir, Config),
+    NegTimeOut = 2000,				% ms
+    ct:log("Parallel: ~p",[Parallel]),
+
+    {_Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir},{user_dir, UserDir},
+					      {parallel_login, Parallel},
+					      {negotiation_timeout, NegTimeOut},
+					      {failfun, fun ssh_test_lib:failfun/2}]),
+    
+    {ok,Socket} = gen_tcp:connect(Host, Port, []),
+    ct:pal("And now sleeping 1.2*NegTimeOut (~p ms)...", [round(1.2 * NegTimeOut)]),
+    receive after round(1.2 * NegTimeOut) -> ok end,
+    
+    case inet:sockname(Socket) of
+	{ok,_} -> ct:fail("Socket not closed");
+	{error,_} -> ok
+    end.
+
+%%--------------------------------------------------------------------
+ssh_connect_nonegtimeout_connected_parallel() ->
+    [{doc, "Test that ssh connection does not timeout if the connection is established (parallel)"}].
+ssh_connect_nonegtimeout_connected_parallel(Config) ->
+    ssh_connect_nonegtimeout_connected(Config, true).
+
+ssh_connect_nonegtimeout_connected_sequential() ->
+    [{doc, "Test that ssh connection does not timeout if the connection is established (non-parallel)"}].
+ssh_connect_nonegtimeout_connected_sequential(Config) ->
+    ssh_connect_nonegtimeout_connected(Config, false).
+
+
+ssh_connect_nonegtimeout_connected(Config, Parallel) ->
+    process_flag(trap_exit, true),
+    SystemDir = filename:join(?config(priv_dir, Config), system),
+    UserDir = ?config(priv_dir, Config),
+    NegTimeOut = 20000,				% ms
+    ct:log("Parallel: ~p",[Parallel]),
+   
+    {_Pid, _Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir},{user_dir, UserDir},
+					       {parallel_login, Parallel},
+					       {negotiation_timeout, NegTimeOut},
+					       {failfun, fun ssh_test_lib:failfun/2}]),
+    ct:sleep(500),
+
+    IO = ssh_test_lib:start_io_server(),
+    Shell = ssh_test_lib:start_shell(Port, IO, UserDir),
+    receive
+	{'EXIT', _, _} ->
+	    ct:fail(no_ssh_connection);  
+	ErlShellStart ->
+	    ct:pal("---Erlang shell start: ~p~n", [ErlShellStart]),
+	    one_shell_op(IO, NegTimeOut),
+	    one_shell_op(IO, NegTimeOut),
+	    ct:pal("And now sleeping 1.2*NegTimeOut (~p ms)...", [round(1.2 * NegTimeOut)]),
+	    receive after round(1.2 * NegTimeOut) -> ok end,
+	    one_shell_op(IO, NegTimeOut)
+    end,
+    exit(Shell, kill).
+
+
+one_shell_op(IO, TimeOut) ->
+    ct:pal("One shell op: Waiting for prompter"),
+    receive
+	ErlPrompt0 -> ct:log("Erlang prompt: ~p~n", [ErlPrompt0])
+	after TimeOut -> ct:fail("Timeout waiting for promter")
+    end,
+
+    IO ! {input, self(), "2*3*7.\r\n"},
+    receive
+	Echo0 -> ct:log("Echo: ~p ~n", [Echo0])
+	after TimeOut -> ct:fail("Timeout waiting for echo")
+    end,
+
+    receive
+	?NEWLINE -> ct:log("NEWLINE received", [])
+    after TimeOut -> 
+	    receive Any1 -> ct:log("Bad NEWLINE: ~p",[Any1])
+	    after 0 -> ct:fail("Timeout waiting for NEWLINE")
+	    end
+    end,
+
+    receive
+	Result0 -> ct:log("Result: ~p~n", [Result0])
+	after TimeOut ->  ct:fail("Timeout waiting for result")
+    end.
+
+%%--------------------------------------------------------------------
 
 openssh_zlib_basic_test() ->
     [{doc, "Test basic connection with openssh_zlib"}].
@@ -763,40 +863,87 @@ openssh_zlib_basic_test(Config) ->
 
 %%--------------------------------------------------------------------
 
-max_sessions(Config) ->
+max_sessions_ssh_connect_parallel(Config) -> 
+    max_sessions(Config, true, connect_fun(ssh__connect,Config)).
+max_sessions_ssh_connect_sequential(Config) -> 
+    max_sessions(Config, false, connect_fun(ssh__connect,Config)).
+
+max_sessions_sftp_start_channel_parallel(Config) -> 
+    max_sessions(Config, true, connect_fun(ssh_sftp__start_channel, Config)).
+max_sessions_sftp_start_channel_sequential(Config) -> 
+    max_sessions(Config, false, connect_fun(ssh_sftp__start_channel, Config)).
+
+
+%%%---- helpers:
+connect_fun(ssh__connect, Config) ->
+    fun(Host,Port) ->
+	    ssh_test_lib:connect(Host, Port, 
+				 [{silently_accept_hosts, true},
+				  {user_dir, ?config(priv_dir,Config)},
+				  {user_interaction, false},
+				  {user, "carni"},
+				  {password, "meat"}
+				 ])
+	    %% ssh_test_lib returns R when ssh:connect returns {ok,R}
+    end;
+connect_fun(ssh_sftp__start_channel, _Config) ->
+    fun(Host,Port) ->
+	    {ok,_Pid,ConnRef} =
+		ssh_sftp:start_channel(Host, Port, 
+				       [{silently_accept_hosts, true},
+					{user, "carni"},
+					{password, "meat"}
+				       ]),
+	    ConnRef
+    end.
+
+
+max_sessions(Config, ParallelLogin, Connect) when is_function(Connect,2) ->
     SystemDir = filename:join(?config(priv_dir, Config), system),
     UserDir = ?config(priv_dir, Config),
-    MaxSessions = 2,
-    {Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir},
+    MaxSessions = 5,
+    {Pid, Host, Port} = ssh_test_lib:daemon([
+					     {system_dir, SystemDir},
 					     {user_dir, UserDir},
 					     {user_passwords, [{"carni", "meat"}]},
-					     {parallel_login, true},
+					     {parallel_login, ParallelLogin},
 					     {max_sessions, MaxSessions}
 					    ]),
 
-    Connect = fun() ->
-		      R=ssh_test_lib:connect(Host, Port, [{silently_accept_hosts, true},
-							  {user_dir, UserDir},
-							  {user_interaction, false},
-							  {user, "carni"},
-							  {password, "meat"}
-							 ]),
-		      ct:log("Connection ~p up",[R])
-	      end,
-
-    try [Connect() || _ <- lists:seq(1,MaxSessions)]
+    try [Connect(Host,Port) || _ <- lists:seq(1,MaxSessions)]
     of
-	_ ->
-	    ct:pal("Expect Info Report:",[]),
-	    try Connect()
+	Connections ->
+	    %% Step 1 ok: could set up max_sessions connections
+	    ct:log("Connections up: ~p",[Connections]),
+	    [_|_] = Connections,
+
+	    %% Now try one more than alowed:
+	    ct:pal("Info Report might come here...",[]),
+	    try Connect(Host,Port)
 	    of
-		_ConnectionRef ->
+		_ConnectionRef1 ->
 		    ssh:stop_daemon(Pid),
 		    {fail,"Too many connections accepted"}
 	    catch
 		error:{badmatch,{error,"Connection closed"}} ->
-		    ssh:stop_daemon(Pid),
-		    ok
+		    %% Step 2 ok: could not set up max_sessions+1 connections
+		    %% This is expected
+		    %% Now stop one connection and try to open one more
+		    ok = ssh:close(hd(Connections)),
+		    try Connect(Host,Port)
+		    of
+			_ConnectionRef1 ->
+			    %% Step 3 ok: could set up one more connection after killing one
+			    %% Thats good.
+			    ssh:stop_daemon(Pid),
+			    ok
+		    catch
+			error:{badmatch,{error,"Connection closed"}} ->
+			    %% Bad indeed. Could not set up one more connection even after killing
+			    %% one existing. Very bad.
+			    ssh:stop_daemon(Pid),
+			    {fail,"Does not decrease # active sessions"}
+		    end
 	    end
     catch
 	error:{badmatch,{error,"Connection closed"}} ->
diff --git a/lib/ssh/vsn.mk b/lib/ssh/vsn.mk
index 8d1a7ae54f..9bef10a366 100644
--- a/lib/ssh/vsn.mk
+++ b/lib/ssh/vsn.mk
@@ -1,5 +1,5 @@
 #-*-makefile-*-   ; force emacs to enter makefile-mode
 
-SSH_VSN = 3.0.3
+SSH_VSN = 3.0.4
 APP_VSN    = "ssh-$(SSH_VSN)"