diff options
Diffstat (limited to 'lib/ssh')
-rw-r--r-- | lib/ssh/doc/src/notes.xml | 28 | ||||
-rw-r--r-- | lib/ssh/src/ssh.appup.src | 4 | ||||
-rw-r--r-- | lib/ssh/src/ssh_connection_handler.erl | 31 | ||||
-rw-r--r-- | lib/ssh/src/ssh_sftp.erl | 2 | ||||
-rw-r--r-- | lib/ssh/test/ssh_basic_SUITE.erl | 2 | ||||
-rw-r--r-- | lib/ssh/test/ssh_sftp_SUITE.erl | 32 | ||||
-rw-r--r-- | lib/ssh/test/ssh_to_openssh_SUITE.erl | 18 | ||||
-rw-r--r-- | lib/ssh/vsn.mk | 2 |
8 files changed, 108 insertions, 11 deletions
diff --git a/lib/ssh/doc/src/notes.xml b/lib/ssh/doc/src/notes.xml index 12175d9a29..dead764700 100644 --- a/lib/ssh/doc/src/notes.xml +++ b/lib/ssh/doc/src/notes.xml @@ -29,6 +29,34 @@ <file>notes.xml</file> </header> +<section><title>Ssh 2.1.5</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + Bug in rekeying for daemon fixed.</p> + <p> + Own Id: OTP-10911</p> + </item> + </list> + </section> + + + <section><title>Improvements and New Features</title> + <list> + <item> + <p> + Enhanced error message and added test for ssh clients + trying to start non existing subsystems.</p> + <p> + Own Id: OTP-10714</p> + </item> + </list> + </section> + +</section> + <section><title>Ssh 2.1.4</title> <section><title>Improvements and New Features</title> diff --git a/lib/ssh/src/ssh.appup.src b/lib/ssh/src/ssh.appup.src index c4b5aa256b..b25e0c9e37 100644 --- a/lib/ssh/src/ssh.appup.src +++ b/lib/ssh/src/ssh.appup.src @@ -19,6 +19,8 @@ {"%VSN%", [ + {<<"2.1.4">>, [{load_module, ssh_sftp, soft_purge, soft_purge, []}, + {load_module, ssh_connection_handler, soft_purge, soft_purge, []}]}, {<<"2.1.3">>, [{restart_application, ssh}]}, {<<"2.1.2">>, [{restart_application, ssh}]}, {<<"2.1.1">>, [{restart_application, ssh}]}, @@ -27,6 +29,8 @@ {<<"1\\.*">>, [{restart_application, ssh}]} ], [ + {<<"2.1.4">>, [{load_module, ssh_sftp, soft_purge, soft_purge, []}, + {load_module, ssh_connection_handler, soft_purge, soft_purge, []}]}, {<<"2.1.3">>, [{restart_application, ssh}]}, {<<"2.1.2">>, [{restart_application, ssh}]}, {<<"2.1.1">>, [{restart_application, ssh}]}, diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl index 74a6ac7d19..1c4477aeb3 100644 --- a/lib/ssh/src/ssh_connection_handler.erl +++ b/lib/ssh/src/ssh_connection_handler.erl @@ -213,6 +213,29 @@ key_exchange(#ssh_msg_kexdh_init{} = Msg, description = Desc, language = "en"}, State) end; + +key_exchange({#ssh_msg_kexinit{} = Kex, Payload}, + #state{ssh_params = #ssh{role = Role} = Ssh0, + key_exchange_init_msg = OwnKex} = + State) -> + Ssh1 = ssh_transport:key_init(opposite_role(Role), Ssh0, Payload), + try ssh_transport:handle_kexinit_msg(Kex, OwnKex, Ssh1) of + {ok, NextKexMsg, Ssh} when Role == client -> + send_msg(NextKexMsg, State), + {next_state, key_exchange, + next_packet(State#state{ssh_params = Ssh})}; + {ok, Ssh} when Role == server -> + {next_state, key_exchange, + next_packet(State#state{ssh_params = Ssh})} + catch + #ssh_msg_disconnect{} = DisconnectMsg -> + handle_disconnect(DisconnectMsg, State); + _:Error -> + Desc = log_error(Error), + handle_disconnect(#ssh_msg_disconnect{code = ?SSH_DISCONNECT_KEY_EXCHANGE_FAILED, + description = Desc, + language = "en"}, State) + end; key_exchange(#ssh_msg_kexdh_reply{} = Msg, #state{ssh_params = #ssh{role = client} = Ssh0} = State) -> @@ -456,7 +479,9 @@ userauth(#ssh_msg_userauth_banner{message = Msg}, {next_state, userauth, next_packet(State)}. connected({#ssh_msg_kexinit{}, _Payload} = Event, State) -> - kexinit(Event, State#state{renegotiate = true}). + kexinit(Event, State#state{renegotiate = true}); +connected({#ssh_msg_kexdh_init{}, _Payload} = Event, State) -> + key_exchange(Event, State#state{renegotiate = true}). %%-------------------------------------------------------------------- %% Function: @@ -510,7 +535,7 @@ handle_event({info, From, Options}, StateName, #state{ssh_params = Ssh} = State spawn(?MODULE, ssh_info_handler, [Options, Ssh, From]), {next_state, StateName, State}; handle_event(data_size, connected, #state{ssh_params = Ssh0} = State) -> - Sent = inet:getstat(State#state.socket, [send_oct]), + {ok, [{send_oct,Sent}]} = inet:getstat(State#state.socket, [send_oct]), MaxSent = proplists:get_value(rekey_limit, State#state.opts, 1024000000), case Sent >= MaxSent of true -> @@ -518,7 +543,7 @@ handle_event(data_size, connected, #state{ssh_params = Ssh0} = State) -> send_msg(SshPacket, State), {next_state, connected, next_packet(State#state{ssh_params = Ssh, - key_exchange_init_msg = KeyInitMsg, + key_exchange_init_msg = KeyInitMsg, renegotiate = true})}; _ -> {next_state, connected, next_packet(State)} diff --git a/lib/ssh/src/ssh_sftp.erl b/lib/ssh/src/ssh_sftp.erl index f3afbe01bf..10167a9223 100644 --- a/lib/ssh/src/ssh_sftp.erl +++ b/lib/ssh/src/ssh_sftp.erl @@ -403,7 +403,7 @@ init([Cm, ChannelId, Timeout]) -> rep_buf = <<>>, inf = new_inf()}}; failure -> - {stop, {error, "server failed to start sftp subsystem"}}; + {stop, "server failed to start sftp subsystem"}; Error -> {stop, Error} end. diff --git a/lib/ssh/test/ssh_basic_SUITE.erl b/lib/ssh/test/ssh_basic_SUITE.erl index efcb11f88f..80273420d9 100644 --- a/lib/ssh/test/ssh_basic_SUITE.erl +++ b/lib/ssh/test/ssh_basic_SUITE.erl @@ -272,7 +272,7 @@ rekey(Config) -> {user_interaction, false}, {rekey_limit, 0}]), receive - after 15000 -> + after 200000 -> %%By this time rekeying would have been done ssh:close(ConnectionRef), ssh:stop_daemon(Pid) diff --git a/lib/ssh/test/ssh_sftp_SUITE.erl b/lib/ssh/test/ssh_sftp_SUITE.erl index 232161d029..ac93db8f2e 100644 --- a/lib/ssh/test/ssh_sftp_SUITE.erl +++ b/lib/ssh/test/ssh_sftp_SUITE.erl @@ -41,7 +41,9 @@ suite() -> all() -> [{group, erlang_server}, - {group, openssh_server}]. + {group, openssh_server}, + sftp_nonexistent_subsystem + ]. init_per_suite(Config) -> @@ -76,9 +78,7 @@ init_per_group(erlang_server, Config) -> ssh_test_lib:daemon([{system_dir, SysDir}, {user_dir, PrivDir}, {user_passwords, - [{?USER, ?PASSWD}]}, - {failfun, - fun ssh_test_lib:failfun/2}]), + [{?USER, ?PASSWD}]}]), [{group, erlang_server}, {sftpd, Sftpd} | Config]; init_per_group(openssh_server, Config) -> @@ -100,6 +100,17 @@ end_per_group(_, Config) -> %%-------------------------------------------------------------------- +init_per_testcase(sftp_nonexistent_subsystem, Config) -> + PrivDir = ?config(priv_dir, Config), + SysDir = ?config(data_dir, Config), + Sftpd = ssh_test_lib:daemon([{system_dir, SysDir}, + {user_dir, PrivDir}, + {subsystems, []}, + {user_passwords, + [{?USER, ?PASSWD}]} + ]), + [{sftpd, Sftpd} | Config]; + init_per_testcase(Case, Config) -> prep(Config), TmpConfig0 = lists:keydelete(watchdog, 1, Config), @@ -129,6 +140,8 @@ init_per_testcase(Case, Config) -> [{sftp, Sftp}, {watchdog, Dog} | TmpConfig] end. +end_per_testcase(sftp_nonexistent_subsystem, Config) -> + Config; end_per_testcase(rename_file, Config) -> PrivDir = ?config(priv_dir, Config), NewFileName = filename:join(PrivDir, "test.txt"), @@ -423,6 +436,17 @@ pos_write(Config) when is_list(Config) -> {ok, NewData1} = ssh_sftp:read_file(Sftp, FileName). %%-------------------------------------------------------------------- +sftp_nonexistent_subsystem() -> + [""]. +sftp_nonexistent_subsystem(Config) when is_list(Config) -> + {_,Host, Port} = ?config(sftpd, Config), + {error,"server failed to start sftp subsystem"} = + ssh_sftp:start_channel(Host, Port, + [{user_interaction, false}, + {user, ?USER}, {password, ?PASSWD}, + {silently_accept_hosts, true}]). + +%%-------------------------------------------------------------------- %% Internal functions ------------------------------------------------ %%-------------------------------------------------------------------- prep(Config) -> diff --git a/lib/ssh/test/ssh_to_openssh_SUITE.erl b/lib/ssh/test/ssh_to_openssh_SUITE.erl index 99dc76e12d..75e73712f1 100644 --- a/lib/ssh/test/ssh_to_openssh_SUITE.erl +++ b/lib/ssh/test/ssh_to_openssh_SUITE.erl @@ -49,7 +49,9 @@ groups() -> erlang_client_openssh_server_setenv, erlang_client_openssh_server_publickey_rsa, erlang_client_openssh_server_publickey_dsa, - erlang_client_openssh_server_password]}, + erlang_client_openssh_server_password, + erlang_client_openssh_server_nonexistent_subsystem + ]}, {erlang_server, [], [erlang_server_openssh_client_exec, erlang_server_openssh_client_exec_compressed, erlang_server_openssh_client_pulic_key_dsa]} @@ -402,6 +404,20 @@ erlang_client_openssh_server_password(Config) when is_list(Config) -> end. %%-------------------------------------------------------------------- + +erlang_client_openssh_server_nonexistent_subsystem() -> + [{doc, "Test client password option"}]. +erlang_client_openssh_server_nonexistent_subsystem(Config) when is_list(Config) -> + + ConnectionRef = ssh_test_lib:connect(?SSH_DEFAULT_PORT, + [{user_interaction, false}, + silently_accept_hosts]), + + {ok, ChannelId} = ssh_connection:session_channel(ConnectionRef, infinity), + + failure = ssh_connection:subsystem(ConnectionRef, ChannelId, "foo", infinity). + +%%-------------------------------------------------------------------- % %% Not possible to send password with openssh without user interaction %% diff --git a/lib/ssh/vsn.mk b/lib/ssh/vsn.mk index 9fc4b0522e..8f6aac1f5d 100644 --- a/lib/ssh/vsn.mk +++ b/lib/ssh/vsn.mk @@ -1,5 +1,5 @@ #-*-makefile-*- ; force emacs to enter makefile-mode -SSH_VSN = 2.1.4 +SSH_VSN = 2.1.5 APP_VSN = "ssh-$(SSH_VSN)" |