aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/diameter/doc/src/diameter.xml12
-rw-r--r--lib/diameter/examples/code/peer.erl2
-rw-r--r--lib/diameter/src/base/diameter_peer_fsm.erl11
-rw-r--r--lib/diameter/src/base/diameter_service.erl65
-rw-r--r--lib/diameter/src/base/diameter_traffic.erl25
-rw-r--r--lib/diameter/src/base/diameter_watchdog.erl36
-rw-r--r--lib/diameter/test/diameter_config_SUITE.erl2
-rw-r--r--lib/diameter/test/diameter_event_SUITE.erl30
-rw-r--r--lib/diameter/test/diameter_transport_SUITE.erl2
-rw-r--r--lib/snmp/doc/src/notes.xml63
-rw-r--r--lib/snmp/src/app/snmp.appup.src6
-rw-r--r--lib/snmp/src/compile/snmpc_lib.erl1
-rw-r--r--lib/snmp/src/manager/snmpm_net_if.erl19
-rw-r--r--lib/snmp/test/snmp_test_mgr.erl2
-rw-r--r--lib/snmp/vsn.mk2
-rw-r--r--lib/ssh/doc/src/ssh_sftp.xml106
-rw-r--r--lib/ssh/src/ssh.appup.src10
-rw-r--r--lib/ssh/src/ssh_sftp.erl324
-rw-r--r--lib/ssh/test/ssh_sftp_SUITE.erl381
-rw-r--r--lib/ssl/src/ssl.appup.src12
-rw-r--r--lib/ssl/src/ssl_connection.erl38
-rw-r--r--lib/ssl/src/ssl_connection.hrl24
-rw-r--r--lib/ssl/src/ssl_internal.hrl17
-rw-r--r--lib/ssl/vsn.mk2
-rw-r--r--lib/stdlib/src/erl_tar.erl43
25 files changed, 987 insertions, 248 deletions
diff --git a/lib/diameter/doc/src/diameter.xml b/lib/diameter/doc/src/diameter.xml
index ab9ad25a3a..00b54ffbc4 100644
--- a/lib/diameter/doc/src/diameter.xml
+++ b/lib/diameter/doc/src/diameter.xml
@@ -500,6 +500,18 @@ Matches only those peers matched by each filter in the specified list.</p>
<p>
Matches only those peers matched by at least one filter in the
specified list.</p>
+
+<p>
+The resulting peer list will be in match order, peers matching the
+first filter of the list sorting before those matched by the second,
+and so on.
+For example, the following filter causes peers matching both the host
+and realm filters to be presented before those matching only the realm
+filter.</p>
+
+<pre>
+{any, [{all, [host, realm]}, realm]}
+</pre>
</item>
</taglist>
diff --git a/lib/diameter/examples/code/peer.erl b/lib/diameter/examples/code/peer.erl
index b4ee17e4b7..7519abfb2c 100644
--- a/lib/diameter/examples/code/peer.erl
+++ b/lib/diameter/examples/code/peer.erl
@@ -74,7 +74,7 @@ start(Name, Opts)
| {error, term()}.
connect(Name, T) ->
- diameter:add_transport(Name, {connect, [{reconnect_timer, 5000}
+ diameter:add_transport(Name, {connect, [{connect_timer, 5000}
| client(T)]}).
%% listen/2
diff --git a/lib/diameter/src/base/diameter_peer_fsm.erl b/lib/diameter/src/base/diameter_peer_fsm.erl
index 86fc43cdc5..ee6e7dd89e 100644
--- a/lib/diameter/src/base/diameter_peer_fsm.erl
+++ b/lib/diameter/src/base/diameter_peer_fsm.erl
@@ -225,8 +225,8 @@ start_transport(Addrs0, T) ->
erlang:monitor(process, TPid),
q_next(TPid, Addrs0, Tmo, Data),
{TPid, Addrs};
- No ->
- exit({shutdown, No})
+ {error, No} ->
+ exit({shutdown, {no_connection, No}})
end.
svc(#diameter_service{capabilities = LCaps0} = Svc, Addrs) ->
@@ -368,11 +368,8 @@ transition({diameter, {TPid, connected}},
%% message. This may be followed by an incoming message which arrived
%% before the transport was killed and this can't be distinguished
%% from one from the transport that's been started to replace it.
-transition({diameter, {_, connected}}, _) ->
- {stop, connection_timeout};
-transition({diameter, {_, connected, _}}, _) ->
- {stop, connection_timeout};
-transition({diameter, {_, connected, _, _}}, _) ->
+transition({diameter, T}, _)
+ when tuple_size(T) < 5, connected == element(2,T) ->
{stop, connection_timeout};
%% Connection has timed out: start an alternate.
diff --git a/lib/diameter/src/base/diameter_service.erl b/lib/diameter/src/base/diameter_service.erl
index ab56ca9cef..76b05a2ad4 100644
--- a/lib/diameter/src/base/diameter_service.erl
+++ b/lib/diameter/src/base/diameter_service.erl
@@ -1460,42 +1460,52 @@ pick_peer(Local,
peers(Alias, RH, Filter, Peers) ->
case ?Dict:find(Alias, Peers) of
{ok, L} ->
- ps(L, RH, Filter, {[],[]});
+ filter(L, RH, Filter);
error ->
[]
end.
-%% Place a peer whose Destination-Host/Realm matches those of the
-%% request at the front of the result list. Could add some sort of
-%% 'sort' option to allow more control.
-
-ps([], _, _, {Ys, Ns}) ->
- lists:reverse(Ys, Ns);
-ps([{_TPid, #diameter_caps{} = Caps} = TC | Rest], RH, Filter, Acc) ->
- ps(Rest, RH, Filter, pacc(caps_filter(Caps, RH, Filter),
- caps_filter(Caps, RH, {all, [host, realm]}),
- TC,
- Acc)).
-
-pacc(true, true, Peer, {Ts, Fs}) ->
- {[Peer|Ts], Fs};
-pacc(true, false, Peer, {Ts, Fs}) ->
- {Ts, [Peer|Fs]};
-pacc(_, _, _, Acc) ->
- Acc.
+%% filter/3
+%%
+%% Return peers in match order.
-%% caps_filter/3
+filter(Peers, RH, Filter) ->
+ {Ts, _} = fltr(Peers, RH, Filter),
+ Ts.
+
+%% fltr/4
-caps_filter(C, RH, {neg, F}) ->
- not caps_filter(C, RH, F);
+fltr(Peers, _, none) ->
+ {Peers, []};
-caps_filter(C, RH, {all, L})
+fltr(Peers, RH, {neg, F}) ->
+ {Ts, Fs} = fltr(Peers, RH, F),
+ {Fs, Ts};
+
+fltr(Peers, RH, {all, L})
when is_list(L) ->
- lists:all(fun(F) -> caps_filter(C, RH, F) end, L);
+ lists:foldl(fun(F,A) -> fltr_all(F, A, RH) end,
+ {Peers, []},
+ L);
-caps_filter(C, RH, {any, L})
+fltr(Peers, RH, {any, L})
when is_list(L) ->
- lists:any(fun(F) -> caps_filter(C, RH, F) end, L);
+ lists:foldl(fun(F,A) -> fltr_any(F, A, RH) end,
+ {[], Peers},
+ L);
+
+fltr(Peers, RH, F) ->
+ lists:partition(fun({_,C}) -> caps_filter(C, RH, F) end, Peers).
+
+fltr_all(F, {Ts0, Fs0}, RH) ->
+ {Ts1, Fs1} = fltr(Ts0, RH, F),
+ {Ts1, Fs0 ++ Fs1}.
+
+fltr_any(F, {Ts0, Fs0}, RH) ->
+ {Ts1, Fs1} = fltr(Fs0, RH, F),
+ {Ts0 ++ Ts1, Fs1}.
+
+%% caps_filter/3
caps_filter(#diameter_caps{origin_host = {_,OH}}, [_,DH], host) ->
eq(undefined, DH, OH);
@@ -1508,9 +1518,6 @@ caps_filter(C, _, Filter) ->
%% caps_filter/2
-caps_filter(_, none) ->
- true;
-
caps_filter(#diameter_caps{origin_host = {_,OH}}, {host, H}) ->
eq(any, H, OH);
diff --git a/lib/diameter/src/base/diameter_traffic.erl b/lib/diameter/src/base/diameter_traffic.erl
index 280d09d7e8..3b62afca47 100644
--- a/lib/diameter/src/base/diameter_traffic.erl
+++ b/lib/diameter/src/base/diameter_traffic.erl
@@ -1484,7 +1484,7 @@ handle_A(Pkt, SvcName, Dict, Dict0, App, #request{transport = TPid} = Req) ->
%% a missing AVP. If both are optional in the dictionary
%% then this isn't a decode error: just continue on.
answer(Pkt, SvcName, App, Req);
- exit: {invalid_error_bit, RC} ->
+ exit: {invalid_error_bit, {_, _, _, RC}} ->
#diameter_packet{errors = Es}
= Pkt,
E = {5004, #diameter_avp{name = 'Result-Code', value = RC}},
@@ -1632,12 +1632,23 @@ send_request(TPid, #diameter_packet{} = Pkt, Req, SvcName, Timeout) ->
%% send/1
-send({TPid, Pkt, #request{handler = Pid} = Req, SvcName, Timeout, TRef}) ->
- Ref = send_request(TPid,
- Pkt,
- Req#request{handler = self()},
- SvcName,
- Timeout),
+send({TPid, Pkt, #request{handler = Pid} = Req0, SvcName, Timeout, TRef}) ->
+ Seqs = diameter_codec:sequence_numbers(Pkt),
+ Req = Req0#request{handler = self()},
+ Ref = send_request(TPid, Pkt, Req, SvcName, Timeout),
+
+ try
+ recv(TPid, Pid, TRef, Ref)
+ after
+ %% Remove only the entry for this specific send since a resend
+ %% from the originating node can pick another transport on
+ %% this one.
+ ets:delete_object(?REQUEST_TABLE, {Seqs, Req, Ref})
+ end.
+
+%% recv/4
+
+recv(TPid, Pid, TRef, Ref) ->
receive
{answer, _, _, _, _} = A ->
Pid ! A;
diff --git a/lib/diameter/src/base/diameter_watchdog.erl b/lib/diameter/src/base/diameter_watchdog.erl
index eff5096745..b7f2d24941 100644
--- a/lib/diameter/src/base/diameter_watchdog.erl
+++ b/lib/diameter/src/base/diameter_watchdog.erl
@@ -255,11 +255,15 @@ close({'DOWN', _, process, TPid, {shutdown, Reason}},
close(_, _) ->
ok.
-event(_, #watchdog{status = T}, #watchdog{status = T}) ->
- ok;
-
-event(_, #watchdog{transport = undefined}, #watchdog{transport = undefined}) ->
+event(_,
+ #watchdog{status = From, transport = F},
+ #watchdog{status = To, transport = T})
+ when F == undefined, T == undefined; %% transport not started
+ From == initial, To == down; %% never really left INITIAL
+ From == To -> %% no state transition
ok;
+%% Note that there is no INITIAL -> DOWN transition in RFC 3539: ours
+%% is just a consequence of stop.
event(Msg,
#watchdog{status = From, transport = F, parent = Pid},
@@ -411,7 +415,7 @@ transition({'DOWN', _, process, TPid, _Reason},
stop;
%% ... or not.
-transition({'DOWN', _, process, TPid, _Reason},
+transition({'DOWN', _, process, TPid, _Reason} = D,
#watchdog{transport = TPid,
status = T,
restrict = {_,R}}
@@ -422,20 +426,14 @@ transition({'DOWN', _, process, TPid, _Reason},
%% Close an accepting watchdog immediately if there's no
%% restriction on the number of connections to the same peer: the
- %% state machine never enters state REOPEN in this case. The
- %% 'close' message (instead of stop) is so as not to bypass the
- %% sending of messages to the service process in handle_info/2.
-
- if T /= initial, M == accept, not R ->
- send(self(), close),
- S#watchdog{status = down};
- T /= initial ->
- set_watchdog(S#watchdog{status = down});
- M == connect ->
- set_watchdog(S);
- M == accept ->
- send(self(), close),
- S
+ %% state machine never enters state REOPEN in this case.
+
+ if T == initial;
+ M == accept, not R ->
+ close(D, S0),
+ stop;
+ true ->
+ set_watchdog(S#watchdog{status = down})
end;
%% Incoming message.
diff --git a/lib/diameter/test/diameter_config_SUITE.erl b/lib/diameter/test/diameter_config_SUITE.erl
index d10ee83ba4..ad5b3f9420 100644
--- a/lib/diameter/test/diameter_config_SUITE.erl
+++ b/lib/diameter/test/diameter_config_SUITE.erl
@@ -157,7 +157,7 @@
{length_errors,
[[exit], [handle], [discard]],
[[x]]},
- {reconnect_timer,
+ {connect_timer,
[[3000]],
[[infinity]]},
{watchdog_timer,
diff --git a/lib/diameter/test/diameter_event_SUITE.erl b/lib/diameter/test/diameter_event_SUITE.erl
index 94b4967921..f43f111d20 100644
--- a/lib/diameter/test/diameter_event_SUITE.erl
+++ b/lib/diameter/test/diameter_event_SUITE.erl
@@ -107,29 +107,38 @@ start_server(Config) ->
%% Connect with matching capabilities and expect the connection to
%% come up.
up(Config) ->
- {Svc, Ref} = connect(Config, []),
+ {Svc, Ref} = connect(Config, [{connect_timer, 5000},
+ {watchdog_timer, 15000}]),
start = event(Svc),
- {up, Ref, {_,_Caps}, _Config, #diameter_packet{}} = event(Svc),
- {watchdog, Ref, _, {initial, okay}, _} = event(Svc).
+ {up, Ref, {TPid, Caps}, Cfg, #diameter_packet{}} = event(Svc),
+ {watchdog, Ref, _, {initial, okay}, _} = event(Svc),
+ %% Kill the transport process and see that the connection is
+ %% reestablished after a watchdog timeout, not after connect_timer
+ %% expiry.
+ exit(TPid, kill),
+ {down, Ref, {TPid, Caps}, Cfg} = event(Svc),
+ {watchdog, Ref, _, {okay, down}, _} = event(Svc),
+ {reconnect, Ref, _} = event(Svc, 10000, 20000).
%% Connect with non-matching capabilities and expect CEA from the peer
%% to indicate as much and then for the transport to be restarted
-%% (after reconnect_timer).
+%% (after connect_timer).
down(Config) ->
{Svc, Ref} = connect(Config, [{capabilities, [{'Acct-Application-Id',
[?DICT_ACCT:id()]}]},
{applications, [?DICT_ACCT]},
- {reconnect_timer, 5000}]),
+ {connect_timer, 5000},
+ {watchdog_timer, 20000}]),
start = event(Svc),
{closed, Ref, {'CEA', ?NO_COMMON_APP, _, #diameter_packet{}}, _}
= event(Svc),
- {reconnect, Ref, _} = event(Svc).
+ {reconnect, Ref, _} = event(Svc, 4000, 10000).
%% Connect with matching capabilities but have the server delay its
%% CEA and cause the client to timeout.
cea_timeout(Config) ->
{Svc, Ref} = connect(Config, [{capx_timeout, ?SERVER_CAPX_TMO div 2},
- {reconnect_timer, 2*?SERVER_CAPX_TMO}]),
+ {connect_timer, 2*?SERVER_CAPX_TMO}]),
start = event(Svc),
{closed, Ref, {'CEA', timeout}, _} = event(Svc).
@@ -165,6 +174,13 @@ uniq() ->
event(Name) ->
receive #diameter_event{service = Name, info = T} -> T end.
+event(Name, TL, TH) ->
+ T0 = now(),
+ Event = event(Name),
+ DT = timer:now_diff(now(), T0) div 1000,
+ {true, true, DT, Event} = {TL < DT, DT < TH, DT, Event},
+ Event.
+
start_service(Name, Opts) ->
diameter:start_service(Name, [{monitor, self()} | Opts]).
diff --git a/lib/diameter/test/diameter_transport_SUITE.erl b/lib/diameter/test/diameter_transport_SUITE.erl
index 9408fae62c..fcffa69c24 100644
--- a/lib/diameter/test/diameter_transport_SUITE.erl
+++ b/lib/diameter/test/diameter_transport_SUITE.erl
@@ -194,7 +194,7 @@ reconnect({connect, Ref}) ->
true = diameter:subscribe(SvcName),
ok = start_service(SvcName),
[{{_, _, LRef}, Pid}] = diameter_reg:wait({?MODULE, Ref, '_'}),
- CRef = ?util:connect(SvcName, tcp, LRef, [{reconnect_timer, 2000},
+ CRef = ?util:connect(SvcName, tcp, LRef, [{connect_timer, 2000},
{watchdog_timer, 6000}]),
%% Tell partner to kill transport after seeing that there are no
diff --git a/lib/snmp/doc/src/notes.xml b/lib/snmp/doc/src/notes.xml
index bbe6438f04..fd307ef824 100644
--- a/lib/snmp/doc/src/notes.xml
+++ b/lib/snmp/doc/src/notes.xml
@@ -33,6 +33,69 @@
</header>
+ <section>
+ <title>SNMP Development Toolkit 5.1.1</title>
+ <p>Version 5.1.1 supports code replacement in runtime from/to
+ version 5.1. </p>
+
+ <section>
+ <title>Improvements and new features</title>
+<!--
+ <p>-</p>
+-->
+
+ <list type="bulleted">
+ <item>
+ <p>[compiler] Refinement of type Opaque was not allowed. </p>
+ <p>MIB constructs such as '<c>SYNTAX Opaque (SIZE(0..65535))</c>'
+ was previously not allowed,
+ see the standard <c>ALARM-MIB</c> for eaxmple. </p>
+ <p>Own Id: OTP-12066</p>
+ <p>Aux Id: Seq 12669</p>
+ </item>
+
+ </list>
+
+ </section>
+
+ <section>
+ <title>Fixed Bugs and Malfunctions</title>
+ <p>-</p>
+
+<!--
+ <list type="bulleted">
+ <item>
+ <p>[agent]
+ see <seealso marker="snmpa#load_mibs">load_mibs</seealso> and
+ <seealso marker="snmpa#unload_mibs">unload_mibs</seealso>. </p>
+ <p>Own Id: OTP-11216</p>
+ </item>
+
+ </list>
+-->
+
+ </section>
+
+ <section>
+ <title>Incompatibilities</title>
+ <p>-</p>
+
+<!--
+ <list type="bulleted">
+ <item>
+ <p>[manager] The old Addr-and-Port based API functions, previously
+ long deprecated and marked for deletion in R16B, has now been
+ removed. </p>
+ <p>Own Id: OTP-10027</p>
+ </item>
+
+ </list>
+-->
+ </section>
+ </section> <!-- 5.1.1 -->
+
+
+
<section><title>SNMP 5.1</title>
<section><title>Improvements and New Features</title>
diff --git a/lib/snmp/src/app/snmp.appup.src b/lib/snmp/src/app/snmp.appup.src
index 1cc1a17b1d..e7e54f5b7e 100644
--- a/lib/snmp/src/app/snmp.appup.src
+++ b/lib/snmp/src/app/snmp.appup.src
@@ -28,9 +28,12 @@
%% {update, snmpa_local_db, soft, soft_purge, soft_purge, []}
%% {add_module, snmpm_net_if_mt}
[
+ {"5.1", [ % Only compiler changes
+ ]},
{"5.0", [{restart_application, snmp}]},
{"4.25.1", [{restart_application, snmp}]},
{"4.25.0.1", [{restart_application, snmp}]},
+ {"4.25.0.0.1", [{restart_application, snmp}]},
{"4.25", [{restart_application, snmp}]},
{"4.24.2", [{restart_application, snmp}]},
{"4.24.1", [{restart_application, snmp}]},
@@ -43,9 +46,12 @@
%% {remove, {snmpm_net_if_mt, soft_purge, soft_purge}}
[
+ {"5.1", [ % Only compiler changes
+ ]},
{"5.0", [{restart_application, snmp}]},
{"4.25.1", [{restart_application, snmp}]},
{"4.25.0.1", [{restart_application, snmp}]},
+ {"4.25.0.0.1", [{restart_application, snmp}]},
{"4.25", [{restart_application, snmp}]},
{"4.24.2", [{restart_application, snmp}]},
{"4.24.1", [{restart_application, snmp}]},
diff --git a/lib/snmp/src/compile/snmpc_lib.erl b/lib/snmp/src/compile/snmpc_lib.erl
index 5a661cf194..0f6393eeef 100644
--- a/lib/snmp/src/compile/snmpc_lib.erl
+++ b/lib/snmp/src/compile/snmpc_lib.erl
@@ -139,6 +139,7 @@ allow_size_rfc1902('Integer32') -> true;
allow_size_rfc1902('Unsigned32') -> true;
allow_size_rfc1902('OCTET STRING') -> true;
allow_size_rfc1902('Gauge32') -> true;
+allow_size_rfc1902('Opaque') -> true;
allow_size_rfc1902(_) -> false.
guess_integer_type() ->
diff --git a/lib/snmp/src/manager/snmpm_net_if.erl b/lib/snmp/src/manager/snmpm_net_if.erl
index cb72871177..b4cc165d2e 100644
--- a/lib/snmp/src/manager/snmpm_net_if.erl
+++ b/lib/snmp/src/manager/snmpm_net_if.erl
@@ -319,7 +319,7 @@ socket_open(IpPort, SocketOpts) ->
Socket
end.
-socket_params(Domain, {IpAddr, IpPort}, BindTo, CommonSocketOpts) ->
+socket_params(Domain, {IpAddr, IpPort} = Addr, BindTo, CommonSocketOpts) ->
Family = snmp_conf:tdomain_to_family(Domain),
SocketOpts =
case Family of
@@ -340,15 +340,18 @@ socket_params(Domain, {IpAddr, IpPort}, BindTo, CommonSocketOpts) ->
{0, [{fd, Fd} | SocketOpts]}
end;
error ->
- {IpPort, [{ip, IpAddr} | SocketOpts]}
+ socket_params(SocketOpts, Addr, BindTo)
end;
_ ->
- case BindTo of
- true ->
- {IpPort, [{ip, IpAddr} | SocketOpts]};
- _ ->
- {IpPort, SocketOpts}
- end
+ socket_params(SocketOpts, Addr, BindTo)
+ end.
+%%
+socket_params(SocketOpts, {IpAddr, IpPort}, BindTo) ->
+ case BindTo of
+ true ->
+ {IpPort, [{ip, IpAddr} | SocketOpts]};
+ _ ->
+ {IpPort, SocketOpts}
end.
common_socket_opts(Opts) ->
diff --git a/lib/snmp/test/snmp_test_mgr.erl b/lib/snmp/test/snmp_test_mgr.erl
index cf62edba1c..8cb6ec588e 100644
--- a/lib/snmp/test/snmp_test_mgr.erl
+++ b/lib/snmp/test/snmp_test_mgr.erl
@@ -161,7 +161,7 @@ get_timeout() ->
get_timeout(os:type())
end.
-get_timeout(_) -> 3500.
+get_timeout(_) -> 10000. % Trying to improve test results % 3500.
%%----------------------------------------------------------------------
%% Receives a trap from the agent.
diff --git a/lib/snmp/vsn.mk b/lib/snmp/vsn.mk
index b436a79076..345cc790f2 100644
--- a/lib/snmp/vsn.mk
+++ b/lib/snmp/vsn.mk
@@ -18,6 +18,6 @@
# %CopyrightEnd%
APPLICATION = snmp
-SNMP_VSN = 5.1
+SNMP_VSN = 5.1.1
PRE_VSN =
APP_VSN = "$(APPLICATION)-$(SNMP_VSN)$(PRE_VSN)"
diff --git a/lib/ssh/doc/src/ssh_sftp.xml b/lib/ssh/doc/src/ssh_sftp.xml
index 251f5a4be3..ab111562f9 100644
--- a/lib/ssh/doc/src/ssh_sftp.xml
+++ b/lib/ssh/doc/src/ssh_sftp.xml
@@ -196,19 +196,113 @@
</func>
<func>
- <name>open_tar(ChannelPid, Path) -></name>
- <name>open_tar(ChannelPid, Path, Timeout) -> {ok, Handle} | {error, Reason}</name>
- <fsummary>Open a tar file on the server to which <v>ChannelPid</v> is connected and return a handle</fsummary>
+ <name>open_tar(ChannelPid, Path, Mode) -></name>
+ <name>open_tar(ChannelPid, Path, Mode, Timeout) -> {ok, Handle} | {error, Reason}</name>
+ <fsummary>Opens a tar file on the server to which <v>ChannelPid</v> is connected and returns a handle</fsummary>
<type>
<v>ChannelPid = pid()</v>
<v>Path = string()</v>
+ <v>Mode = [read] | [write] | [read,EncryptOpt] | [write,DecryptOpt] </v>
+ <v>EncryptOpt = {crypto,{InitFun,EncryptFun,CloseFun}}</v>
+ <v>DecryptOpt = {crypto,{InitFun,DecryptFun}}</v>
+ <v>InitFun = (fun() -> {ok,CryptoState}) | (fun() -> {ok,CryptoState,ChunkSize}) </v>
+ <v>CryptoState = any()</v>
+ <v>ChunkSize = undefined | pos_integer()</v>
+ <v>EncryptFun = (fun(PlainBin,CryptoState) -> EncryptResult)</v>
+ <v>EncryptResult = {ok,EncryptedBin,CryptoState} | {ok,EncryptedBin,CryptoState,ChunkSize}</v>
+ <v>PlainBin = binary()</v>
+ <v>EncryptedBin = binary()</v>
+ <v>DecryptFun = (fun(EncryptedBin,CryptoState) -> DecryptResult)</v>
+ <v>DecryptResult = {ok,PlainBin,CryptoState} | {ok,PlainBin,CryptoState,ChunkSize}</v>
+ <v>CloseFun = (fun(PlainBin,CryptoState) -> {ok,EncryptedBin})</v>
<v>Timeout = timeout()</v>
<v>Reason = term()</v>
</type>
<desc>
- <p>Opens a handle to a tar file on the server, the handle
- can be used for remote tar manipulation as defined by the
- <seealso marker="stdlib:erl_tar#init/3">erl_tar:init/3</seealso> function.</p>
+ <p>Opens a handle to a tar file on the server associated with <c>ChannelPid</c>. The handle
+ can be used for remote tar creation and extraction as defined by the
+ <seealso marker="stdlib:erl_tar#init/3">erl_tar:init/3</seealso> function.
+ </p>
+ <p>An example of writing and then reading a tar file:</p>
+ <code type="none">
+ {ok,HandleWrite} = ssh_sftp:open_tar(ChannelPid, ?tar_file_name, [write]),
+ ok = erl_tar:add(HandleWrite, .... ),
+ ok = erl_tar:add(HandleWrite, .... ),
+ ...
+ ok = erl_tar:add(HandleWrite, .... ),
+ ok = erl_tar:close(HandleWrite),
+
+ %% And for reading
+ {ok,HandleRead} = ssh_sftp:open_tar(ChannelPid, ?tar_file_name, [read]),
+ {ok,NameValueList} = erl_tar:extract(HandleRead,[memory]),
+ ok = erl_tar:close(HandleRead),
+ </code>
+
+ <p>The <c>crypto</c> mode option is applied to the generated stream of bytes just prior to sending
+ them to the sftp server. This is intended for encryption but could of course be used for other
+ purposes.
+ </p>
+ <p>The <c>InitFun</c> is applied once
+ prior to any other crypto operation. The returned <c>CryptoState</c> is then folded into
+ repeated applications of the <c>EncryptFun</c> or <c>DecryptFun</c>. The binary returned
+ from those Funs are sent further to the remote sftp server. Finally - if doing encryption
+ - the <c>CloseFun</c> is applied to the last piece of data. The <c>CloseFun</c> is
+ responsible for padding (if needed) and encryption of that last piece.
+ </p>
+ <p>The <c>ChunkSize</c> defines the size of the <c>PlainBin</c>s that <c>EncodeFun</c> is applied
+ to. If the <c>ChunkSize</c> is <c>undefined</c> the size of the <c>PlainBin</c>s varies because
+ this is inteded for stream crypto while a fixed <c>ChunkSize</c> is intended for block crypto. It
+ is possible to change the <c>ChunkSize</c>s in the return from the <c>EncryptFun</c> or
+ <c>DecryptFun</c>. It is in fact possible to change the value between <c>pos_integer()</c> and
+ <c>undefined</c>.
+ </p>
+ <p>The write and read example above can be extended with encryption and decryption:</p>
+ <code type="none">
+ %% First three parameters depending on which crypto type we select:
+ Key = &lt;&lt;"This is a 256 bit key. abcdefghi">>,
+ Ivec0 = crypto:rand_bytes(16),
+ DataSize = 1024, % DataSize rem 16 = 0 for aes_cbc
+
+ %% Initialization of the CryptoState, in this case it is the Ivector.
+ InitFun = fun() -> {ok, Ivec0, DataSize} end,
+
+ %% How to encrypt:
+ EncryptFun =
+ fun(PlainBin,Ivec) ->
+ EncryptedBin = crypto:block_encrypt(aes_cbc256, Key, Ivec, PlainBin),
+ {ok, EncryptedBin, crypto:next_iv(aes_cbc,EncryptedBin)}
+ end,
+
+ %% What to do with the very last block:
+ CloseFun =
+ fun(PlainBin, Ivec) ->
+ EncryptedBin = crypto:block_encrypt(aes_cbc256, Key, Ivec,
+ pad(16,PlainBin) %% Last chunk
+ ),
+ {ok, EncryptedBin}
+ end,
+
+ Cw = {InitFun,EncryptFun,CloseFun},
+ {ok,HandleWrite} = ssh_sftp:open_tar(ChannelPid, ?tar_file_name, [write,{crypto,Cw}]),
+ ok = erl_tar:add(HandleWrite, .... ),
+ ok = erl_tar:add(HandleWrite, .... ),
+ ...
+ ok = erl_tar:add(HandleWrite, .... ),
+ ok = erl_tar:close(HandleWrite),
+
+ %% And for decryption (in this crypto example we could use the same InitFun
+ %% as for encryption):
+ DecryptFun =
+ fun(EncryptedBin,Ivec) ->
+ PlainBin = crypto:block_decrypt(aes_cbc256, Key, Ivec, EncryptedBin),
+ {ok, PlainBin, crypto:next_iv(aes_cbc,EncryptedBin)}
+ end,
+
+ Cr = {InitFun,DecryptFun},
+ {ok,HandleRead} = ssh_sftp:open_tar(ChannelPid, ?tar_file_name, [read,{crypto,Cw}]),
+ {ok,NameValueList} = erl_tar:extract(HandleRead,[memory]),
+ ok = erl_tar:close(HandleRead),
+ </code>
</desc>
</func>
diff --git a/lib/ssh/src/ssh.appup.src b/lib/ssh/src/ssh.appup.src
index 600c01454c..296c4511f6 100644
--- a/lib/ssh/src/ssh.appup.src
+++ b/lib/ssh/src/ssh.appup.src
@@ -19,6 +19,11 @@
{"%VSN%",
[
+ {"3.1", [{load_module, ssh_sftp, soft_purge, soft_purge, [erl_tar,ssh_xfer]},
+ {load_module, ssh_connection_handler, soft_purge, soft_purge, []},
+ {load_module, ssh, soft_purge, soft_purge, [ssh_connection_handler]},
+ {load_module, ssh_xfer, soft_purge, soft_purge, []}
+ ]},
{"3.0.7", [{load_module, ssh_auth, soft_purge, soft_purge, [ssh_connection_handler]},
{load_module, ssh_acceptor, soft_purge, soft_purge, [ssh_connection_handler]},
{load_module, ssh_channel, soft_purge, soft_purge, [ssh_connection_handler]},
@@ -42,6 +47,11 @@
{<<".*">>, [{restart_application, ssh}]}
],
[
+ {"3.1", [{load_module, ssh_sftp, soft_purge, soft_purge, []},
+ {load_module, ssh_connection_handler, soft_purge, soft_purge, []},
+ {load_module, ssh, soft_purge, soft_purge, []},
+ {load_module, ssh_xfer, soft_purge, soft_purge, []}
+ ]},
{"3.0.7", [{load_module, ssh_auth, soft_purge, soft_purge, [ssh_connection_handler]},
{load_module, ssh_acceptor, soft_purge, soft_purge, [ssh_connection_handler]},
{load_module, ssh_channel, soft_purge, soft_purge, [ssh_connection_handler]},
diff --git a/lib/ssh/src/ssh_sftp.erl b/lib/ssh/src/ssh_sftp.erl
index 3b80f5326c..613f8f25b2 100644
--- a/lib/ssh/src/ssh_sftp.erl
+++ b/lib/ssh/src/ssh_sftp.erl
@@ -69,6 +69,18 @@
mode
}).
+-record(bufinf,
+ {
+ mode, % read | write (=from or to buffer by user)
+ crypto_state,
+ crypto_fun, % For encode or decode depending on the mode field
+ size = 0, % # bytes "before" the current buffer for the postion call
+
+ chunksize, % The size of the chunks to be sent or received
+ enc_text_buf = <<>>, % Encrypted text
+ plain_text_buf = <<>> % Decrypted text
+ }).
+
-define(FILEOP_TIMEOUT, infinity).
-define(NEXT_REQID(S),
@@ -164,24 +176,73 @@ open(Pid, File, Mode, FileOpTimeout) ->
open_tar(Pid, File, Mode) ->
open_tar(Pid, File, Mode, ?FILEOP_TIMEOUT).
-open_tar(Pid, File, Mode=[write], FileOpTimeout) ->
- {ok,R} = open(Pid, File, Mode, FileOpTimeout),
- erl_tar:init({Pid,R,FileOpTimeout}, write,
- fun(write, {{P,H,T},Data}) ->
- Bin = if is_list(Data) -> list_to_binary(Data);
- is_binary(Data) -> Data
- end,
- {ok,{_Window,Packet}} = send_window(P, T),
- write_file_loop(P, H, 0, Bin, size(Bin), Packet, T);
- (position, {{P,H,T},Pos}) ->
- position(P, H, Pos, T);
- (close, {P,H,T}) ->
- close(P, H, T)
- end);
-open_tar(_Pid, _File, Mode, _FileOpTimeout) ->
- {error,{illegal_mode,Mode}}.
-
-
+open_tar(Pid, File, Mode, FileOpTimeout) ->
+ case {lists:member(write,Mode),
+ lists:member(read,Mode),
+ Mode -- [read,write]} of
+ {true,false,[]} ->
+ {ok,Handle} = open(Pid, File, [write], FileOpTimeout),
+ erl_tar:init(Pid, write,
+ fun(write, {_,Data}) ->
+ write_to_remote_tar(Pid, Handle, to_bin(Data), FileOpTimeout);
+ (position, {_,Pos}) ->
+ position(Pid, Handle, Pos, FileOpTimeout);
+ (close, _) ->
+ close(Pid, Handle, FileOpTimeout)
+ end);
+ {true,false,[{crypto,{CryptoInitFun,CryptoEncryptFun,CryptoEndFun}}]} ->
+ {ok,SftpHandle} = open(Pid, File, [write], FileOpTimeout),
+ BI = #bufinf{mode = write,
+ crypto_fun = CryptoEncryptFun},
+ {ok,BufHandle} = open_buf(Pid, CryptoInitFun, BI, FileOpTimeout),
+ erl_tar:init(Pid, write,
+ fun(write, {_,Data}) ->
+ write_buf(Pid, SftpHandle, BufHandle, to_bin(Data), FileOpTimeout);
+ (position, {_,Pos}) ->
+ position_buf(Pid, SftpHandle, BufHandle, Pos, FileOpTimeout);
+ (close, _) ->
+ {ok,#bufinf{
+ plain_text_buf = PlainBuf0,
+ enc_text_buf = EncBuf0,
+ crypto_state = CState0
+ }} = call(Pid, {get_bufinf,BufHandle}, FileOpTimeout),
+ {ok,EncTextTail} = CryptoEndFun(PlainBuf0, CState0),
+ EncTextBuf = <<EncBuf0/binary, EncTextTail/binary>>,
+ case write(Pid, SftpHandle, EncTextBuf, FileOpTimeout) of
+ ok ->
+ call(Pid, {erase_bufinf,BufHandle}, FileOpTimeout),
+ close(Pid, SftpHandle, FileOpTimeout);
+ Other ->
+ Other
+ end
+ end);
+ {false,true,[]} ->
+ {ok,Handle} = open(Pid, File, [read,binary], FileOpTimeout),
+ erl_tar:init(Pid, read,
+ fun(read2, {_,Len}) ->
+ read_repeat(Pid, Handle, Len, FileOpTimeout);
+ (position, {_,Pos}) ->
+ position(Pid, Handle, Pos, FileOpTimeout);
+ (close, _) ->
+ close(Pid, Handle, FileOpTimeout)
+ end);
+ {false,true,[{crypto,{CryptoInitFun,CryptoDecryptFun}}]} ->
+ {ok,SftpHandle} = open(Pid, File, [read,binary], FileOpTimeout),
+ BI = #bufinf{mode = read,
+ crypto_fun = CryptoDecryptFun},
+ {ok,BufHandle} = open_buf(Pid, CryptoInitFun, BI, FileOpTimeout),
+ erl_tar:init(Pid, read,
+ fun(read2, {_,Len}) ->
+ read_buf(Pid, SftpHandle, BufHandle, Len, FileOpTimeout);
+ (position, {_,Pos}) ->
+ position_buf(Pid, SftpHandle, BufHandle, Pos, FileOpTimeout);
+ (close, _) ->
+ call(Pid, {erase_bufinf,BufHandle}, FileOpTimeout),
+ close(Pid, SftpHandle, FileOpTimeout)
+ end);
+ _ ->
+ {error,{illegal_mode,Mode}}
+ end.
opendir(Pid, Path) ->
@@ -469,6 +530,15 @@ handle_cast(_,State) ->
code_change(_OldVsn, State, _Extra) ->
{ok, State}.
+do_handle_call({get_bufinf,BufHandle}, _From, S=#state{inf=I0}) ->
+ {reply, dict:find(BufHandle,I0), S};
+
+do_handle_call({put_bufinf,BufHandle,B}, _From, S=#state{inf=I0}) ->
+ {reply, ok, S#state{inf=dict:store(BufHandle,B,I0)}};
+
+do_handle_call({erase_bufinf,BufHandle}, _From, S=#state{inf=I0}) ->
+ {reply, ok, S#state{inf=dict:erase(BufHandle,I0)}};
+
do_handle_call({open, Async,FileName,Mode}, From, #state{xf = XF} = State) ->
{Access,Flags,Attrs} = open_mode(XF#ssh_xfer.vsn, Mode),
ReqID = State#state.req_id,
@@ -573,12 +643,7 @@ do_handle_call({read,Async,Handle,Length}, From, State) ->
do_handle_call({pwrite,Async,Handle,At,Data0}, From, State) ->
case lseek_position(Handle, At, State) of
{ok,Offset} ->
- Data = if
- is_binary(Data0) ->
- Data0;
- is_list(Data0) ->
- list_to_binary(Data0)
- end,
+ Data = to_bin(Data0),
ReqID = State#state.req_id,
Size = size(Data),
ssh_xfer:write(?XF(State),ReqID,Handle,Offset,Data),
@@ -591,12 +656,7 @@ do_handle_call({pwrite,Async,Handle,At,Data0}, From, State) ->
do_handle_call({write,Async,Handle,Data0}, From, State) ->
case lseek_position(Handle, cur, State) of
{ok,Offset} ->
- Data = if
- is_binary(Data0) ->
- Data0;
- is_list(Data0) ->
- list_to_binary(Data0)
- end,
+ Data = to_bin(Data0),
ReqID = State#state.req_id,
Size = size(Data),
ssh_xfer:write(?XF(State),ReqID,Handle,Offset,Data),
@@ -1148,5 +1208,207 @@ lseek_pos({eof, Offset}, _CurOffset, CurSize)
end;
lseek_pos(_, _, _) ->
{error, einval}.
-
+%%%================================================================
+%%%
+to_bin(Data) when is_list(Data) -> list_to_binary(Data);
+to_bin(Data) when is_binary(Data) -> Data.
+
+
+read_repeat(Pid, Handle, Len, FileOpTimeout) ->
+ {ok,{_WindowSz,PacketSz}} = recv_window(Pid, FileOpTimeout),
+ read_rpt(Pid, Handle, Len, PacketSz, FileOpTimeout, <<>>).
+
+read_rpt(Pid, Handle, WantedLen, PacketSz, FileOpTimeout, Acc) when WantedLen > 0 ->
+ case read(Pid, Handle, min(WantedLen,PacketSz), FileOpTimeout) of
+ {ok, Data} ->
+ read_rpt(Pid, Handle, WantedLen-size(Data), PacketSz, FileOpTimeout, <<Acc/binary, Data/binary>>);
+ eof ->
+ {ok, Acc};
+ Error ->
+ Error
+ end;
+read_rpt(_Pid, _Handle, WantedLen, _PacketSz, _FileOpTimeout, Acc) when WantedLen >= 0 ->
+ {ok,Acc}.
+
+
+write_to_remote_tar(_Pid, _SftpHandle, <<>>, _FileOpTimeout) ->
+ ok;
+write_to_remote_tar(Pid, SftpHandle, Bin, FileOpTimeout) ->
+ {ok,{_Window,Packet}} = send_window(Pid, FileOpTimeout),
+ write_file_loop(Pid, SftpHandle, 0, Bin, size(Bin), Packet, FileOpTimeout).
+
+position_buf(Pid, SftpHandle, BufHandle, Pos, FileOpTimeout) ->
+ {ok,#bufinf{mode = Mode,
+ plain_text_buf = Buf0,
+ size = Size}} = call(Pid, {get_bufinf,BufHandle}, FileOpTimeout),
+ case Pos of
+ {cur,0} when Mode==write ->
+ {ok,Size+size(Buf0)};
+
+ {cur,0} when Mode==read ->
+ {ok,Size};
+
+ _ when Mode==read, is_integer(Pos) ->
+ Skip = Pos-Size,
+ if
+ Skip < 0 ->
+ {error, cannot_rewind};
+ Skip == 0 ->
+ %% Optimization
+ {ok,Pos};
+ Skip > 0 ->
+ case read_buf(Pid, SftpHandle, BufHandle, Skip, FileOpTimeout) of
+ %% A bit innefficient to fetch the bufinf again, but there are lots of
+ %% other more important optimizations waiting....
+ {ok,_} ->
+ {ok,Pos};
+ Other ->
+ Other
+ end
+ end;
+
+ _ ->
+ {error,{not_yet_implemented,{pos,Pos}}}
+ end.
+
+read_buf(Pid, SftpHandle, BufHandle, WantedLen, FileOpTimeout) ->
+ {ok,{_Window,Packet}} = send_window(Pid, FileOpTimeout),
+ {ok,B0} = call(Pid, {get_bufinf,BufHandle}, FileOpTimeout),
+ case do_the_read_buf(Pid, SftpHandle, WantedLen, Packet, FileOpTimeout, B0) of
+ {ok,ResultBin,B} ->
+ call(Pid, {put_bufinf,BufHandle,B}, FileOpTimeout),
+ {ok,ResultBin};
+ {error,Error} ->
+ {error,Error};
+ {eof,B} ->
+ call(Pid, {put_bufinf,BufHandle,B}, FileOpTimeout),
+ eof
+ end.
+
+do_the_read_buf(_Pid, _SftpHandle, WantedLen, _Packet, _FileOpTimeout,
+ B=#bufinf{plain_text_buf=PlainBuf0,
+ size = Size})
+ when size(PlainBuf0) >= WantedLen ->
+ %% We already have the wanted number of bytes decoded and ready!
+ <<ResultBin:WantedLen/binary, PlainBuf/binary>> = PlainBuf0,
+ {ok,ResultBin,B#bufinf{plain_text_buf=PlainBuf,
+ size = Size + WantedLen}};
+
+do_the_read_buf(Pid, SftpHandle, WantedLen, Packet, FileOpTimeout,
+ B0=#bufinf{plain_text_buf = PlainBuf0,
+ enc_text_buf = EncBuf0,
+ chunksize = undefined
+ })
+ when size(EncBuf0) > 0 ->
+ %% We have (at least) one decodable byte waiting for decodeing.
+ {ok,DecodedBin,B} = apply_crypto(EncBuf0, B0),
+ do_the_read_buf(Pid, SftpHandle, WantedLen, Packet, FileOpTimeout,
+ B#bufinf{plain_text_buf = <<PlainBuf0/binary, DecodedBin/binary>>,
+ enc_text_buf = <<>>
+ });
+
+do_the_read_buf(Pid, SftpHandle, WantedLen, Packet, FileOpTimeout,
+ B0=#bufinf{plain_text_buf = PlainBuf0,
+ enc_text_buf = EncBuf0,
+ chunksize = ChunkSize0
+ })
+ when size(EncBuf0) >= ChunkSize0 ->
+ %% We have (at least) one chunk of decodable bytes waiting for decodeing.
+ <<ToDecode:ChunkSize0/binary, EncBuf/binary>> = EncBuf0,
+ {ok,DecodedBin,B} = apply_crypto(ToDecode, B0),
+ do_the_read_buf(Pid, SftpHandle, WantedLen, Packet, FileOpTimeout,
+ B#bufinf{plain_text_buf = <<PlainBuf0/binary, DecodedBin/binary>>,
+ enc_text_buf = EncBuf
+ });
+
+do_the_read_buf(Pid, SftpHandle, WantedLen, Packet, FileOpTimeout, B=#bufinf{enc_text_buf = EncBuf0}) ->
+ %% We must read more bytes and append to the buffer of encoded bytes.
+ case read(Pid, SftpHandle, Packet, FileOpTimeout) of
+ {ok,EncryptedBin} ->
+ do_the_read_buf(Pid, SftpHandle, WantedLen, Packet, FileOpTimeout,
+ B#bufinf{enc_text_buf = <<EncBuf0/binary, EncryptedBin/binary>>});
+ eof ->
+ {eof,B};
+ Other ->
+ Other
+ end.
+
+
+write_buf(Pid, SftpHandle, BufHandle, PlainBin, FileOpTimeout) ->
+ {ok,{_Window,Packet}} = send_window(Pid, FileOpTimeout),
+ {ok,B0=#bufinf{plain_text_buf=PTB}} = call(Pid, {get_bufinf,BufHandle}, FileOpTimeout),
+ case do_the_write_buf(Pid, SftpHandle, Packet, FileOpTimeout,
+ B0#bufinf{plain_text_buf = <<PTB/binary,PlainBin/binary>>}) of
+ {ok, B} ->
+ call(Pid, {put_bufinf,BufHandle,B}, FileOpTimeout),
+ ok;
+ {error,Error} ->
+ {error,Error}
+ end.
+
+do_the_write_buf(Pid, SftpHandle, Packet, FileOpTimeout,
+ B=#bufinf{enc_text_buf = EncBuf0,
+ size = Size})
+ when size(EncBuf0) >= Packet ->
+ <<BinToWrite:Packet/binary, EncBuf/binary>> = EncBuf0,
+ case write(Pid, SftpHandle, BinToWrite, FileOpTimeout) of
+ ok ->
+ do_the_write_buf(Pid, SftpHandle, Packet, FileOpTimeout,
+ B#bufinf{enc_text_buf = EncBuf,
+ size = Size + Packet});
+ Other ->
+ Other
+ end;
+
+do_the_write_buf(Pid, SftpHandle, Packet, FileOpTimeout,
+ B0=#bufinf{plain_text_buf = PlainBuf0,
+ enc_text_buf = EncBuf0,
+ chunksize = undefined})
+ when size(PlainBuf0) > 0 ->
+ {ok,EncodedBin,B} = apply_crypto(PlainBuf0, B0),
+ do_the_write_buf(Pid, SftpHandle, Packet, FileOpTimeout,
+ B#bufinf{plain_text_buf = <<>>,
+ enc_text_buf = <<EncBuf0/binary, EncodedBin/binary>>});
+
+do_the_write_buf(Pid, SftpHandle, Packet, FileOpTimeout,
+ B0=#bufinf{plain_text_buf = PlainBuf0,
+ enc_text_buf = EncBuf0,
+ chunksize = ChunkSize0
+ })
+ when size(PlainBuf0) >= ChunkSize0 ->
+ <<ToEncode:ChunkSize0/binary, PlainBuf/binary>> = PlainBuf0,
+ {ok,EncodedBin,B} = apply_crypto(ToEncode, B0),
+ do_the_write_buf(Pid, SftpHandle, Packet, FileOpTimeout,
+ B#bufinf{plain_text_buf = PlainBuf,
+ enc_text_buf = <<EncBuf0/binary, EncodedBin/binary>>});
+
+do_the_write_buf(_Pid, _SftpHandle, _Packet, _FileOpTimeout, B) ->
+ {ok,B}.
+
+apply_crypto(In, B=#bufinf{crypto_state = CState0,
+ crypto_fun = F}) ->
+ case F(In,CState0) of
+ {ok,EncodedBin,CState} ->
+ {ok, EncodedBin, B#bufinf{crypto_state=CState}};
+ {ok,EncodedBin,CState,ChunkSize} ->
+ {ok, EncodedBin, B#bufinf{crypto_state=CState,
+ chunksize=ChunkSize}}
+ end.
+
+open_buf(Pid, CryptoInitFun, BufInfo0, FileOpTimeout) ->
+ case CryptoInitFun() of
+ {ok,CryptoState} ->
+ open_buf1(Pid, BufInfo0, FileOpTimeout, CryptoState, undefined);
+ {ok,CryptoState,ChunkSize} ->
+ open_buf1(Pid, BufInfo0, FileOpTimeout, CryptoState, ChunkSize);
+ Other ->
+ Other
+ end.
+
+open_buf1(Pid, BufInfo0, FileOpTimeout, CryptoState, ChunkSize) ->
+ BufInfo = BufInfo0#bufinf{crypto_state = CryptoState,
+ chunksize = ChunkSize},
+ BufHandle = make_ref(),
+ call(Pid, {put_bufinf,BufHandle,BufInfo}, FileOpTimeout),
+ {ok,BufHandle}.
diff --git a/lib/ssh/test/ssh_sftp_SUITE.erl b/lib/ssh/test/ssh_sftp_SUITE.erl
index 559fa721fd..cb74a27638 100644
--- a/lib/ssh/test/ssh_sftp_SUITE.erl
+++ b/lib/ssh/test/ssh_sftp_SUITE.erl
@@ -65,19 +65,25 @@ end_per_suite(Config) ->
%%--------------------------------------------------------------------
groups() ->
[{erlang_server, [], [open_close_file, open_close_dir, read_file, read_dir,
- write_file, write_big_file, rename_file, mk_rm_dir, remove_file, links,
+ write_file, write_big_file, sftp_read_big_file,
+ rename_file, mk_rm_dir, remove_file, links,
retrieve_attributes, set_attributes, async_read,
async_write, position, pos_read, pos_write, version_option,
- {group,remote_tar_write}
- ]},
+ {group,remote_tar}]},
+
{openssh_server, [], [open_close_file, open_close_dir, read_file, read_dir,
- write_file, write_big_file, rename_file, mk_rm_dir, remove_file, links,
+ write_file, write_big_file, sftp_read_big_file,
+ rename_file, mk_rm_dir, remove_file, links,
retrieve_attributes, set_attributes, async_read,
async_write, position, pos_read, pos_write,
- {group,remote_tar_write}]},
-
- {remote_tar_write, [], [create_empty_tar, files_to_tar, big_file_to_tar, files_chunked_to_tar,
- directory_to_tar, binaries_to_tar]}
+ {group,remote_tar}]},
+
+ {remote_tar, [], [create_empty_tar, files_to_tar, big_file_to_tar, files_chunked_to_tar,
+ directory_to_tar, binaries_to_tar, null_crypto_tar,
+ simple_crypto_tar_small, simple_crypto_tar_big,
+ read_tar, read_null_crypto_tar, read_crypto_tar,
+ aes_cbc256_crypto_tar, aes_ctr_stream_crypto_tar
+ ]}
].
@@ -104,7 +110,7 @@ init_per_group(openssh_server, Config) ->
{skip, "No openssh server"}
end;
-init_per_group(remote_tar_write, Config) ->
+init_per_group(remote_tar, Config) ->
{Host,Port} = ?config(peer, Config),
ct:log("Server (~p) at ~p:~p",[?config(group,Config),Host,Port]),
{ok, Connection} =
@@ -120,7 +126,7 @@ init_per_group(remote_tar_write, Config) ->
[{user_interaction, false},
{silently_accept_hosts, true}])
end,
- [{remote_tar_write, true},
+ [{remote_tar, true},
{connection, Connection} | Config].
end_per_group(erlang_server, Config) ->
@@ -187,16 +193,12 @@ init_per_testcase(Case, Config0) ->
[{sftp, Sftp}, {watchdog, Dog} | Config2]
end,
- case catch ?config(remote_tar_write,Config) of
+ case catch ?config(remote_tar,Config) of
%% The 'catch' is for the case of Config={skip,...}
true ->
- %% Provide a tar Handle *independent* of the sftp-channel already opened!
- %% This Handle will be closed (as well as ChannelPid2) in the testcase
- {ok,ChannelPid2} =
- ssh_sftp:start_channel(?config(connection,Config)),
- {ok,Handle} =
- ssh_sftp:open_tar(ChannelPid2, fnp(?tar_file_name,Config), [write]),
- [{handle,Handle} | Config];
+ %% Provide a ChannelPid independent of the sftp-channel already opened.
+ {ok,ChPid2} = ssh_sftp:start_channel(?config(connection,Config)),
+ [{channel_pid2,ChPid2} | Config];
_ ->
Config
end.
@@ -214,6 +216,7 @@ end_per_testcase(_, Config) ->
end_per_testcase(Config) ->
{Sftp, Connection} = ?config(sftp, Config),
ssh_sftp:stop_channel(Sftp),
+ catch ssh_sftp:stop_channel(?config(channel_pid2, Config)),
ssh:close(Connection).
%%--------------------------------------------------------------------
@@ -258,6 +261,7 @@ read_file(Config) when is_list(Config) ->
FileName = filename:join(PrivDir, "sftp.txt"),
{Sftp, _} = ?config(sftp, Config),
{ok, Data} = ssh_sftp:read_file(Sftp, FileName),
+ {ok, Data} = ssh_sftp:read_file(Sftp, FileName),
{ok, Data} = file:read_file(FileName).
%%--------------------------------------------------------------------
@@ -294,6 +298,19 @@ write_big_file(Config) when is_list(Config) ->
{ok, Data} = file:read_file(FileName).
%%--------------------------------------------------------------------
+sftp_read_big_file() ->
+ [{doc, "Test API function read_file/2 with big data"}].
+sftp_read_big_file(Config) when is_list(Config) ->
+ PrivDir = ?config(priv_dir, Config),
+ FileName = filename:join(PrivDir, "sftp.txt"),
+ {Sftp, _} = ?config(sftp, Config),
+
+ Data = list_to_binary(lists:duplicate(750000,"a")),
+ ct:log("Data size to write is ~p bytes",[size(Data)]),
+ ssh_sftp:write_file(Sftp, FileName, [Data]),
+ {ok, Data} = ssh_sftp:read_file(Sftp, FileName).
+
+%%--------------------------------------------------------------------
remove_file() ->
[{doc,"Test API function delete/2"}].
remove_file(Config) when is_list(Config) ->
@@ -527,53 +544,247 @@ version_option(Config) when is_list(Config) ->
%%--------------------------------------------------------------------
create_empty_tar(Config) ->
- {ChPid,_} = ?config(sftp,Config),
- Handle = ?config(handle,Config),
+ ChPid2 = ?config(channel_pid2, Config),
+ {ok,Handle} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write]),
erl_tar:close(Handle),
+ {ChPid,_} = ?config(sftp,Config),
{ok, #file_info{type=regular}} =
ssh_sftp:read_file_info(ChPid,fnp(?tar_file_name,Config)).
-
+
%%--------------------------------------------------------------------
files_to_tar(Config) ->
- Handle = ?config(handle,Config),
- ok = erl_tar:add(Handle, fn("f1.txt",Config), "f1.txt", []),
- ok = erl_tar:add(Handle, fn("f2.txt",Config), "f2.txt", []),
+ ChPid2 = ?config(channel_pid2, Config),
+ {ok,Handle} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write]),
+ ok = erl_tar:add(Handle, fn("f1.txt",Config), "f1.txt", [verbose]),
+ ok = erl_tar:add(Handle, fn("f2.txt",Config), "f2.txt", [verbose]),
ok = erl_tar:close(Handle),
chk_tar(["f1.txt", "f2.txt"], Config).
-
%%--------------------------------------------------------------------
big_file_to_tar(Config) ->
- Handle = ?config(handle,Config),
- ok = erl_tar:add(Handle, fn("big.txt",Config), "big.txt", []),
+ ChPid2 = ?config(channel_pid2, Config),
+ {ok,Handle} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write]),
+ ok = erl_tar:add(Handle, fn("big.txt",Config), "big.txt", [verbose]),
ok = erl_tar:close(Handle),
chk_tar(["big.txt"], Config).
%%--------------------------------------------------------------------
files_chunked_to_tar(Config) ->
- Handle = ?config(handle,Config),
- ok = erl_tar:add(Handle, fn("f1.txt",Config), "f1.txt", [{chunks,2}]),
- ok = erl_tar:add(Handle, fn("big.txt",Config), "big.txt", [{chunks,15000}]),
+ ChPid2 = ?config(channel_pid2, Config),
+ {ok,Handle} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write]),
+ ok = erl_tar:add(Handle, fn("f1.txt",Config), "f1.txt", [verbose,{chunks,2}]),
ok = erl_tar:close(Handle),
- chk_tar(["f1.txt", "big.txt"], Config).
+ chk_tar(["f1.txt"], Config).
%%--------------------------------------------------------------------
directory_to_tar(Config) ->
- Handle = ?config(handle,Config),
- ok = erl_tar:add(Handle, fn("d1",Config), "d1", []),
+ ChPid2 = ?config(channel_pid2, Config),
+ {ok,Handle} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write]),
+ ok = erl_tar:add(Handle, fn("d1",Config), "d1", [verbose]),
ok = erl_tar:close(Handle),
- chk_tar(["d1/f1", "d1/f2"], Config).
+ chk_tar(["d1"], Config).
%%--------------------------------------------------------------------
binaries_to_tar(Config) ->
- Handle = ?config(handle,Config),
+ ChPid2 = ?config(channel_pid2, Config),
+ {ok,Handle} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write]),
Bin = <<"A binary">>,
- ok = erl_tar:add(Handle, Bin, "b1", []),
+ ok = erl_tar:add(Handle, Bin, "b1", [verbose]),
ok = erl_tar:close(Handle),
chk_tar([{"b1",Bin}], Config).
%%--------------------------------------------------------------------
+null_crypto_tar(Config) ->
+ ChPid2 = ?config(channel_pid2, Config),
+ Cinit = fun() -> {ok, no_state, _SendSize=5} end,
+ Cenc = fun(Bin,CState) -> {ok,Bin,CState,_SendSize=5} end,
+ Cend = fun(Bin,_CState) -> {ok,Bin} end,
+ C = {Cinit,Cenc,Cend},
+ {ok,Handle} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write,{crypto,C}]),
+ Bin = <<"A binary">>,
+ ok = erl_tar:add(Handle, Bin, "b1", [verbose]),
+ ok = erl_tar:add(Handle, fn("f1.txt",Config), "f1.txt", [verbose,{chunks,2}]),
+ ok = erl_tar:add(Handle, fn("big.txt",Config), "big.txt", [verbose,{chunks,15000}]),
+ ok = erl_tar:close(Handle),
+ chk_tar([{"b1",Bin}, "f1.txt", "big.txt"], Config).
+
+%%--------------------------------------------------------------------
+simple_crypto_tar_small(Config) ->
+ ChPid2 = ?config(channel_pid2, Config),
+ Cinit = fun() -> {ok, no_state, _Size=6} end,
+ Cenc = fun(Bin,CState) -> {ok,stuff(Bin),CState,_SendSize=5} end,
+ Cdec = fun(Bin,CState) -> {ok,unstuff(Bin),CState,_Size=4} end,
+ Cend = fun(Bin,_CState) -> {ok,stuff(Bin)} end,
+ C = {Cinit,Cenc,Cend},
+ {ok,Handle} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write,{crypto,C}]),
+ Bin = <<"A binary">>,
+ ok = erl_tar:add(Handle, Bin, "b1", [verbose]),
+ ok = erl_tar:add(Handle, fn("f1.txt",Config), "f1.txt", [verbose,{chunks,2}]),
+ ok = erl_tar:close(Handle),
+ chk_tar([{"b1",Bin}, "f1.txt"], Config, [{crypto,{Cinit,Cdec}}]).
+
+%%--------------------------------------------------------------------
+simple_crypto_tar_big(Config) ->
+ ChPid2 = ?config(channel_pid2, Config),
+ Cinit = fun() -> {ok, no_state, _SendSize=6} end,
+ Cenc = fun(Bin,CState) -> {ok,stuff(Bin),CState,_SendSize=5} end,
+ Cdec = fun(Bin,CState) -> {ok,unstuff(Bin),CState,_SendSize=4} end,
+ Cend = fun(Bin,_CState) -> {ok,stuff(Bin)} end,
+ C = {Cinit,Cenc,Cend},
+ {ok,Handle} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write,{crypto,C}]),
+ Bin = <<"A binary">>,
+ ok = erl_tar:add(Handle, Bin, "b1", [verbose]),
+ ok = erl_tar:add(Handle, fn("f1.txt",Config), "f1.txt", [verbose,{chunks,2}]),
+ ok = erl_tar:add(Handle, fn("big.txt",Config), "big.txt", [verbose,{chunks,15000}]),
+ ok = erl_tar:close(Handle),
+ chk_tar([{"b1",Bin}, "f1.txt", "big.txt"], Config, [{crypto,{Cinit,Cdec}}]).
+
+stuff(Bin) -> << <<C,C>> || <<C>> <= Bin >>.
+
+unstuff(Bin) -> << <<C>> || <<C,C>> <= Bin >>.
+
+%%--------------------------------------------------------------------
+read_tar(Config) ->
+ ChPid2 = ?config(channel_pid2, Config),
+ NameBins = lists:sort(
+ [{"b1",<<"A binary">>},
+ {"b2",list_to_binary(lists:duplicate(750000,"a"))}
+ ]),
+ {ok,HandleWrite} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write]),
+ [ok = erl_tar:add(HandleWrite, Bin, Name, [verbose])
+ || {Name,Bin} <- NameBins],
+ ok = erl_tar:close(HandleWrite),
+
+ chk_tar(NameBins, Config).
+
+%%--------------------------------------------------------------------
+read_null_crypto_tar(Config) ->
+ ChPid2 = ?config(channel_pid2, Config),
+ NameBins = lists:sort(
+ [{"b1",<<"A binary">>},
+ {"b2",list_to_binary(lists:duplicate(750000,"a"))}
+ ]),
+ Cinitw = fun() -> {ok, no_state, _SendSize=5} end,
+ Cinitr = fun() -> {ok, no_state, _FetchSize=42} end,
+ Cenc = fun(Bin,CState) -> {ok,Bin,CState,_SendSize=42*42} end,
+ Cdec = fun(Bin,CState) -> {ok,Bin,CState,_FetchSize=19} end,
+ Cendw = fun(Bin,_CState) -> {ok,Bin} end,
+ Cw = {Cinitw,Cenc,Cendw},
+ Cr = {Cinitr,Cdec},
+
+ {ok,HandleWrite} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write,{crypto,Cw}]),
+ [ok = erl_tar:add(HandleWrite, Bin, Name, [verbose])
+ || {Name,Bin} <- NameBins],
+ ok = erl_tar:close(HandleWrite),
+
+ chk_tar(NameBins, Config, [{crypto,Cr}]).
+
+%%--------------------------------------------------------------------
+read_crypto_tar(Config) ->
+ ChPid2 = ?config(channel_pid2, Config),
+ NameBins = lists:sort(
+ [{"b1",<<"A binary">>},
+ {"b2",list_to_binary(lists:duplicate(750000,"a"))}
+ ]),
+ Cinitw = fun() -> {ok, no_state, _SendSize=5} end,
+ Cinitr = fun() -> {ok, no_state, _FetchSize=42} end,
+
+ Cenc = fun(Bin,CState) -> {ok,stuff(Bin),CState,_SendSize=42*42} end,
+ Cdec = fun(Bin,CState) -> {ok,unstuff(Bin),CState,_FetchSize=120} end,
+ Cendw = fun(Bin,_CState) -> {ok,stuff(Bin)} end,
+ Cw = {Cinitw,Cenc,Cendw},
+ Cr = {Cinitr,Cdec},
+
+ {ok,HandleWrite} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write,{crypto,Cw}]),
+ [ok = erl_tar:add(HandleWrite, Bin, Name, [verbose])
+ || {Name,Bin} <- NameBins],
+ ok = erl_tar:close(HandleWrite),
+
+ chk_tar(NameBins, Config, [{crypto,Cr}]).
+
+%%--------------------------------------------------------------------
+aes_cbc256_crypto_tar(Config) ->
+ ChPid2 = ?config(channel_pid2, Config),
+ NameBins = lists:sort(
+ [{"b1",<<"A binary">>},
+ {"b2",list_to_binary(lists:duplicate(750000,"a"))},
+ {"d1",fn("d1",Config)} % Dir
+ ]),
+ Key = <<"This is a 256 bit key. Boring...">>,
+ Ivec0 = crypto:rand_bytes(16),
+ DataSize = 1024, % data_size rem 16 = 0 for aes_cbc
+
+ Cinitw = fun() -> {ok, Ivec0, DataSize} end,
+ Cinitr = fun() -> {ok, Ivec0, DataSize} end,
+
+ Cenc = fun(PlainBin,Ivec) ->
+ CipherBin = crypto:block_encrypt(aes_cbc256, Key, Ivec, PlainBin),
+ {ok, CipherBin, crypto:next_iv(aes_cbc,CipherBin), DataSize}
+ end,
+ Cdec = fun(CipherBin,Ivec) ->
+ PlainBin = crypto:block_decrypt(aes_cbc256, Key, Ivec, CipherBin),
+ {ok, PlainBin, crypto:next_iv(aes_cbc,CipherBin), DataSize}
+ end,
+
+ Cendw = fun(PlainBin, _) when PlainBin == <<>> -> {ok, <<>>};
+ (PlainBin, Ivec) ->
+ CipherBin = crypto:block_encrypt(aes_cbc256, Key, Ivec,
+ pad(16,PlainBin)), %% Last chunk
+ {ok, CipherBin}
+ end,
+
+ Cw = {Cinitw,Cenc,Cendw},
+ {ok,HandleWrite} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write,{crypto,Cw}]),
+ [ok = erl_tar:add(HandleWrite, Bin, Name, [verbose]) || {Name,Bin} <- NameBins],
+ ok = erl_tar:close(HandleWrite),
+
+ Cr = {Cinitr,Cdec},
+ chk_tar(NameBins, Config, [{crypto,Cr}]).
+
+
+pad(BlockSize, Bin) ->
+ PadSize = (BlockSize - (size(Bin) rem BlockSize)) rem BlockSize,
+ list_to_binary( lists:duplicate(PadSize,0) ).
+
+%%--------------------------------------------------------------------
+aes_ctr_stream_crypto_tar(Config) ->
+ ChPid2 = ?config(channel_pid2, Config),
+ NameBins = lists:sort(
+ [{"b1",<<"A binary">>},
+ {"b2",list_to_binary(lists:duplicate(750000,"a"))},
+ {"d1",fn("d1",Config)} % Dir
+ ]),
+ Key = <<"This is a 256 bit key. Boring...">>,
+ Ivec0 = crypto:rand_bytes(16),
+
+ Cinitw = Cinitr = fun() -> {ok, crypto:stream_init(aes_ctr,Key,Ivec0)} end,
+
+ Cenc = fun(PlainBin,State) ->
+ {NewState,CipherBin} = crypto:stream_encrypt(State, PlainBin),
+ {ok, CipherBin, NewState}
+ end,
+ Cdec = fun(CipherBin,State) ->
+ {NewState,PlainBin} = crypto:stream_decrypt(State, CipherBin),
+ {ok, PlainBin, NewState}
+ end,
+
+ Cendw = fun(PlainBin, _) when PlainBin == <<>> -> {ok, <<>>};
+ (PlainBin, Ivec) ->
+ CipherBin = crypto:block_encrypt(aes_cbc256, Key, Ivec,
+ pad(16,PlainBin)), %% Last chunk
+ {ok, CipherBin}
+ end,
+
+ Cw = {Cinitw,Cenc,Cendw},
+ {ok,HandleWrite} = ssh_sftp:open_tar(ChPid2, fnp(?tar_file_name,Config), [write,{crypto,Cw}]),
+ [ok = erl_tar:add(HandleWrite, Bin, Name, [verbose]) || {Name,Bin} <- NameBins],
+ ok = erl_tar:close(HandleWrite),
+
+ Cr = {Cinitr,Cdec},
+ chk_tar(NameBins, Config, [{crypto,Cr}]).
+
+%%--------------------------------------------------------------------
%% Internal functions ------------------------------------------------
%%--------------------------------------------------------------------
prep(Config) ->
@@ -597,34 +808,82 @@ prep(Config) ->
FileInfo#file_info{mode = Mode}).
+
chk_tar(Items, Config) ->
- %% FIXME: ought to check that no more than expected is present...
+ chk_tar(Items, Config, []).
+
+chk_tar(Items, Config, Opts) ->
+ chk_tar(Items, fnp(?tar_file_name,Config), Config, Opts).
+
+chk_tar(Items, TarFileName, Config, Opts) when is_list(Opts) ->
+ tar_size(TarFileName, Config),
{ChPid,_} = ?config(sftp,Config),
- ok = file:set_cwd(?config(priv_dir,Config)),
- file:make_dir("tar_chk"), % May already exist
- ok = file:set_cwd("tar_chk"),
- {ok,Data} = ssh_sftp:read_file(ChPid, fnp(?tar_file_name,Config)),
- ok = file:write_file(?tar_file_name, Data),
- os:cmd("tar xf "++?tar_file_name),
- lists:foreach(fun(Item) -> chk_contents(Item,Config) end,
- Items).
-
-
-chk_contents({Name,ExpectBin}, _Config) ->
- case file:read_file(Name) of
- {ok,ExpectBin} ->
- ok;
- {ok,OtherBin} ->
- ct:log("File: ~p~n Got: ~p~nExpect: ~p",[Name,OtherBin,ExpectBin]),
- ct:fail("Bad contents in file ~p",[Name]);
- Other ->
- ct:log("File: ~p~nOther: ~p",[Name,Other]),
- ct:fail("Error reading of file ~p",[Name])
- end;
-chk_contents(Name, Config) ->
- {ok,Bin} = file:read_file(fn(Name,Config)),
- chk_contents({Name,Bin}, Config).
+ {ok,HandleRead} = ssh_sftp:open_tar(ChPid, TarFileName, [read|Opts]),
+ {ok,NameValueList} = erl_tar:extract(HandleRead,[memory,verbose]),
+ ok = erl_tar:close(HandleRead),
+ case {lists:sort(expand_items(Items,Config)), lists:sort(NameValueList)} of
+ {L,L} ->
+ true;
+ {Expect,Actual} ->
+ ct:log("Expect: ~p",[Expect]), ct:log("Actual: ~p",[Actual]),
+ case erl_tar:table(TarFileName) of
+ {ok,Names} -> ct:log("names: ~p",[Names]);
+ Other -> ct:log("~p",[Other])
+ end,
+ ct:log("~s",[analyze_report(Expect, Actual)]),
+ ct:fail(bad_tar_contents)
+ end.
+analyze_report([E={NameE,BinE}|Es], [A={NameA,BinA}|As]) ->
+ if
+ NameE == NameA,
+ BinE =/= BinA->
+ [["Component ",NameE," differs. \n Expected: ",BinE,"\n Actual: ",BinA,"\n\n"]
+ | analyze_report(Es,As)];
+
+ NameE < NameA ->
+ [["Component ",NameE," is missing.\n\n"]
+ | analyze_report(Es,[A|As])];
+
+ NameE > NameA ->
+ [["Component ",NameA," is not expected.\n\n"]
+ | analyze_report([E|Es],As)];
+ true ->
+ analyze_report(Es, As)
+ end;
+analyze_report([{NameE,_BinE}|Es], []) ->
+ [["Component ",NameE," missing.\n\n"] | analyze_report(Es,[])];
+analyze_report([], [{NameA,_BinA}|As]) ->
+ [["Component ",NameA," not expected.\n\n"] | analyze_report([],As)];
+analyze_report([], []) ->
+ "".
+
+tar_size(TarFileName, Config) ->
+ {ChPid,_} = ?config(sftp,Config),
+ {ok,Data} = ssh_sftp:read_file(ChPid, TarFileName),
+ io:format('Tar file ~p is~n ~p bytes.~n',[TarFileName, size(Data)]).
+
+expand_items(Items, Config) ->
+ lists:flatten(
+ [case Item of
+ {_Name,Bin} when is_binary(Bin) ->
+ Item;
+ {Name,FileName} when is_list(FileName) ->
+ read_item_contents(Name, fn(FileName,Config));
+ FileName when is_list(FileName) ->
+ read_item_contents(FileName, fn(FileName,Config))
+ end || Item <- Items]).
+
+read_item_contents(ItemName, FileName) ->
+ case file:read_file(FileName) of
+ {ok,Bin} ->
+ {ItemName, Bin};
+ {error,eisdir} ->
+ {ok,FileNames} = file:list_dir(FileName),
+ [read_item_contents(filename:join(ItemName,Name),
+ filename:join(FileName,Name))
+ || Name<-FileNames]
+ end.
fn(Name, Config) ->
Dir = ?config(data_dir, Config),
diff --git a/lib/ssl/src/ssl.appup.src b/lib/ssl/src/ssl.appup.src
index 9d692379b4..b713f86c1e 100644
--- a/lib/ssl/src/ssl.appup.src
+++ b/lib/ssl/src/ssl.appup.src
@@ -1,24 +1,12 @@
%% -*- erlang -*-
{"%VSN%",
[
- {"5.3.6", [{load_module, ssl_handshake, soft_purge, soft_purge, [ssl_connection]}]},
- {"5.3.5", [{load_module, ssl, soft_purge, soft_purge, [ssl_connection]},
- {load_module, ssl_handshake, soft_purge, soft_purge, [ssl_certificate]},
- {load_module, ssl_certificate, soft_purge, soft_purge, []},
- {load_module, ssl_connection, soft_purge, soft_purge, [tls_connection]},
- {update, tls_connection, {advanced, {up, "5.3.5", "5.3.6"}}, [ssl_handshake]}]},
{<<"5\\.3\\.[1-4]($|\\..*)">>, [{restart_application, ssl}]},
{<<"5\\.[0-2]($|\\..*)">>, [{restart_application, ssl}]},
{<<"4\\..*">>, [{restart_application, ssl}]},
{<<"3\\..*">>, [{restart_application, ssl}]}
],
[
- {"5.3.6", [{load_module, ssl_handshake, soft_purge, soft_purge, [ssl_connection]}]},
- {"5.3.5", [{load_module, ssl, soft_purge, soft_purge,[ssl_certificate]},
- {load_module, ssl_handshake, soft_purge, soft_purge,[ssl_certificate]},
- {load_module, ssl_certificate, soft_purge, soft_purge,[]},
- {load_module, ssl_connection, soft_purge, soft_purge,[tls_connection]},
- {update, tls_connection, {advanced, {down, "5.3.6", "5.3.5"}}, [ssl_handshake]}]},
{<<"5\\.3\\.[1-4]($|\\..*)">>, [{restart_application, ssl}]},
{<<"5\\.[0-2]($|\\..*)">>, [{restart_application, ssl}]},
{<<"4\\..*">>, [{restart_application, ssl}]},
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 8ff9913cee..b6059eac58 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -937,27 +937,27 @@ terminate(_Reason, _StateName, #state{transport_cb = Transport,
Transport:close(Socket).
format_status(normal, [_, State]) ->
- [{data, [{"StateData", State}]}];
+ [{data, [{"StateData", State}]}];
format_status(terminate, [_, State]) ->
SslOptions = (State#state.ssl_options),
- NewOptions = SslOptions#ssl_options{password = "***",
- cert = "***",
- cacerts = "***",
- key = "***",
- dh = "***",
- psk_identity = "***",
- srp_identity = "***"},
- [{data, [{"StateData", State#state{connection_states = "***",
- protocol_buffers = "***",
- user_data_buffer = "***",
- tls_handshake_history = "***",
- session = "***",
- private_key = "***",
- diffie_hellman_params = "***",
- diffie_hellman_keys = "***",
- srp_params = "***",
- srp_keys = "***",
- premaster_secret = "***",
+ NewOptions = SslOptions#ssl_options{password = ?SECRET_PRINTOUT,
+ cert = ?SECRET_PRINTOUT,
+ cacerts = ?SECRET_PRINTOUT,
+ key = ?SECRET_PRINTOUT,
+ dh = ?SECRET_PRINTOUT,
+ psk_identity = ?SECRET_PRINTOUT,
+ srp_identity = ?SECRET_PRINTOUT},
+ [{data, [{"StateData", State#state{connection_states = ?SECRET_PRINTOUT,
+ protocol_buffers = ?SECRET_PRINTOUT,
+ user_data_buffer = ?SECRET_PRINTOUT,
+ tls_handshake_history = ?SECRET_PRINTOUT,
+ session = ?SECRET_PRINTOUT,
+ private_key = ?SECRET_PRINTOUT,
+ diffie_hellman_params = ?SECRET_PRINTOUT,
+ diffie_hellman_keys = ?SECRET_PRINTOUT,
+ srp_params = ?SECRET_PRINTOUT,
+ srp_keys = ?SECRET_PRINTOUT,
+ premaster_secret = ?SECRET_PRINTOUT,
ssl_options = NewOptions
}}]}].
%%--------------------------------------------------------------------
diff --git a/lib/ssl/src/ssl_connection.hrl b/lib/ssl/src/ssl_connection.hrl
index c544a0591f..b9a1ef3a84 100644
--- a/lib/ssl/src/ssl_connection.hrl
+++ b/lib/ssl/src/ssl_connection.hrl
@@ -46,11 +46,11 @@
socket :: port(),
ssl_options :: #ssl_options{},
socket_options :: #socket_options{},
- connection_states :: #connection_states{},
- protocol_buffers :: term(), %% #protocol_buffers{} from tls_record.hrl or dtls_recor.hrl
- tls_handshake_history :: ssl_handshake:ssl_handshake_history(),
+ connection_states :: #connection_states{} | secret_printout(),
+ protocol_buffers :: term() | secret_printout() , %% #protocol_buffers{} from tls_record.hrl or dtls_recor.hrl
+ tls_handshake_history :: ssl_handshake:ssl_handshake_history() | secret_printout(),
cert_db :: reference(),
- session :: #session{},
+ session :: #session{} | secret_printout(),
session_cache :: db_handle(),
session_cache_cb :: atom(),
negotiated_version :: ssl_record:ssl_version(),
@@ -58,18 +58,18 @@
key_algorithm :: ssl_cipher:key_algo(),
hashsign_algorithm = {undefined, undefined},
cert_hashsign_algorithm,
- public_key_info ::ssl_handshake:public_key_info(),
- private_key ::public_key:private_key(),
- diffie_hellman_params, % PKIX: #'DHParameter'{} relevant for server side
- diffie_hellman_keys, % {PublicKey, PrivateKey}
+ public_key_info :: ssl_handshake:public_key_info(),
+ private_key :: public_key:private_key() | secret_printout(),
+ diffie_hellman_params:: #'DHParameter'{} | undefined | secret_printout(),
+ diffie_hellman_keys :: {PublicKey :: binary(), PrivateKey :: binary()} | #'ECPrivateKey'{} | undefined | secret_printout(),
psk_identity :: binary(), % server psk identity hint
- srp_params :: #srp_user{},
- srp_keys ::{PublicKey :: binary(), PrivateKey :: binary()},
- premaster_secret :: binary(),
+ srp_params :: #srp_user{} | secret_printout(),
+ srp_keys ::{PublicKey :: binary(), PrivateKey :: binary()} | secret_printout(),
+ premaster_secret :: binary() | secret_printout() ,
file_ref_db :: db_handle(),
cert_db_ref :: certdb_ref(),
bytes_to_read :: undefined | integer(), %% bytes to read in passive mode
- user_data_buffer :: undefined | binary(),
+ user_data_buffer :: undefined | binary() | secret_printout(),
renegotiation :: undefined | {boolean(), From::term() | internal | peer},
start_or_recv_from :: term(),
timer :: undefined | reference(), % start_or_recive_timer
diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl
index 85724de4bd..75efb64e3f 100644
--- a/lib/ssl/src/ssl_internal.hrl
+++ b/lib/ssl/src/ssl_internal.hrl
@@ -24,6 +24,8 @@
-include_lib("public_key/include/public_key.hrl").
+-define(SECRET_PRINTOUT, "***").
+
-type reason() :: term().
-type reply() :: term().
-type msg() :: term().
@@ -36,6 +38,7 @@
-type issuer() :: tuple().
-type serialnumber() :: integer().
-type cert_key() :: {reference(), integer(), issuer()}.
+-type secret_printout() :: list().
%% basic binary constructors
-define(BOOLEAN(X), X:8/unsigned-big-integer).
@@ -81,16 +84,16 @@
validate_extensions_fun,
depth :: integer(),
certfile :: binary(),
- cert :: public_key:der_encoded(),
+ cert :: public_key:der_encoded() | secret_printout(),
keyfile :: binary(),
- key :: {'RSAPrivateKey' | 'DSAPrivateKey' | 'ECPrivateKey' | 'PrivateKeyInfo', public_key:der_encoded()},
- password :: string(),
- cacerts :: [public_key:der_encoded()],
+ key :: {'RSAPrivateKey' | 'DSAPrivateKey' | 'ECPrivateKey' | 'PrivateKeyInfo', public_key:der_encoded()} | secret_printout(),
+ password :: string() | secret_printout(),
+ cacerts :: [public_key:der_encoded()] | secret_printout(),
cacertfile :: binary(),
- dh :: public_key:der_encoded(),
- dhfile :: binary(),
+ dh :: public_key:der_encoded() | secret_printout(),
+ dhfile :: binary() | secret_printout(),
user_lookup_fun, % server option, fun to lookup the user
- psk_identity :: binary(),
+ psk_identity :: binary() | secret_printout() ,
srp_identity, % client option {User, Password}
ciphers, %
%% Local policy for the server if it want's to reuse the session
diff --git a/lib/ssl/vsn.mk b/lib/ssl/vsn.mk
index da20ed8593..bda974da0e 100644
--- a/lib/ssl/vsn.mk
+++ b/lib/ssl/vsn.mk
@@ -1 +1 @@
-SSL_VSN = 5.3.7
+SSL_VSN = 5.3.8
diff --git a/lib/stdlib/src/erl_tar.erl b/lib/stdlib/src/erl_tar.erl
index ab6223c0fe..caa3276d09 100644
--- a/lib/stdlib/src/erl_tar.erl
+++ b/lib/stdlib/src/erl_tar.erl
@@ -36,7 +36,7 @@
%% Opens a tar archive.
init(UsrHandle, AccessMode, Fun) when is_function(Fun,2) ->
- {ok, {AccessMode,{UsrHandle,Fun}}}.
+ {ok, {AccessMode,{tar_descriptor,UsrHandle,Fun}}}.
%%%================================================================
%%% The open function with friends is to keep the file and binary api of this module
@@ -532,27 +532,36 @@ read_opts([_|Rest], Opts) ->
read_opts([], Opts) ->
Opts.
+foldl_read({AccessMode,TD={tar_descriptor,_UsrHandle,_AccessFun}}, Fun, Accu, Opts) ->
+ case AccessMode of
+ read ->
+ foldl_read0(TD, Fun, Accu, Opts);
+ _ ->
+ {error,{read_mode_expected,AccessMode}}
+ end;
foldl_read(TarName, Fun, Accu, Opts) ->
case open(TarName, [read|Opts#read_opts.open_mode]) of
{ok, {read, File}} ->
- Result =
- case catch foldl_read1(Fun, Accu, File, Opts) of
- {'EXIT', Reason} ->
- exit(Reason);
- {error, {Reason, Format, Args}} ->
- read_verbose(Opts, Format, Args),
- {error, Reason};
- {error, Reason} ->
- {error, Reason};
- Ok ->
- Ok
- end,
+ Result = foldl_read0(File, Fun, Accu, Opts),
ok = do_close(File),
Result;
Error ->
Error
end.
+foldl_read0(File, Fun, Accu, Opts) ->
+ case catch foldl_read1(Fun, Accu, File, Opts) of
+ {'EXIT', Reason} ->
+ exit(Reason);
+ {error, {Reason, Format, Args}} ->
+ read_verbose(Opts, Format, Args),
+ {error, Reason};
+ {error, Reason} ->
+ {error, Reason};
+ Ok ->
+ Ok
+ end.
+
foldl_read1(Fun, Accu0, File, Opts) ->
case get_header(File) of
eof ->
@@ -1014,10 +1023,10 @@ open_mode(_, _, _, _) ->
{error, einval}.
%%%================================================================
-do_write({UsrHandle,Fun}, Data) -> Fun(write,{UsrHandle,Data}).
+do_write({tar_descriptor,UsrHandle,Fun}, Data) -> Fun(write,{UsrHandle,Data}).
-do_position({UsrHandle,Fun}, Pos) -> Fun(position,{UsrHandle,Pos}).
+do_position({tar_descriptor,UsrHandle,Fun}, Pos) -> Fun(position,{UsrHandle,Pos}).
-do_read({UsrHandle,Fun}, Len) -> Fun(read2,{UsrHandle,Len}).
+do_read({tar_descriptor,UsrHandle,Fun}, Len) -> Fun(read2,{UsrHandle,Len}).
-do_close({UsrHandle,Fun}) -> Fun(close,UsrHandle).
+do_close({tar_descriptor,UsrHandle,Fun}) -> Fun(close,UsrHandle).