aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssh/src/ssh_transport.erl
AgeCommit message (Collapse)Author
2016-04-27ssh: Partly refactor and polish ssh_connection_handlerHans Nilsson
2016-04-27ssh: Gen_statem rewrite of ssh_connection_handlerHans Nilsson
Including misc fixes in surronding code as well as in test cases.
2016-03-15update copyright-yearHenrik Nord
2016-01-18ssh: Optimization - inline encoding in ssh_message:encode/1, now 8 times faster.Hans Nilsson
Also fixes minor error in ssh_protocol_SUITE that the new encoder found.
2015-12-07ssh: fix error for bad packet lengths found by DefensicsHans Nilsson
2015-11-27Merge branch 'maint-18' into maintHans Nilsson
* maint-18: Updated OTP version Update release notes ssh: vsn.mk updated ssh: New test cases for SSH_MSG_KEX_DH_GEX_REQUEST_OLD ssh: update existing testcases ssh: Improve group selection ssh: implemented server side SSH_MSG_KEX_DH_GEX_REQUEST_OLD for putty client Conflicts: lib/ssh/src/ssh_transport.erl lib/ssh/test/ssh_protocol_SUITE.erl lib/ssh/vsn.mk
2015-11-26ssh: Improve group selectionHans Nilsson
Now it chooses the first found if no exact match.
2015-11-26ssh: implemented server side SSH_MSG_KEX_DH_GEX_REQUEST_OLD for putty clientHans Nilsson
2015-11-23ssh: fix dialyzer reported errorHans Nilsson
2015-11-23ssh: AEAD_AES_(128|256)_GCM and aes(128|256)[email protected] cryptoHans Nilsson
Note that the rfc5647 is ambigous so this implementation of AEAD_AES_(128|256)_GCM may or may not be compatible with others. They are note enabled by default but may be enabled by the user. See the Reference Manual, Application SSH for details of how we interpret the rfc. To be safe, use [email protected] or [email protected] instead.
2015-11-23ssh: refactor packet receptionHans Nilsson
There was an assymetric relationship between receiving a ssh-packet (decrypting-mac-decompress) and sending one. When sending, most of the work was defined in the ssh_transport module, while at reception the ssh_connection_handler was the one knowing what to do. This commit moves the reception down to the ssh_transport module where it belongs.
2015-11-09ssh: use crypto for ecdh point validationHans Nilsson
2015-11-04ssh: extend 'dh_gex_limits' to server sideHans Nilsson
OTP-13066
2015-11-04ssh, public_key: random selection of diffie-hellman moduliHans Nilsson
Also tool (public_key:gen_moduli_hrl) to convert an openssh moduli file to erlang format.
2015-11-02ssh: Make tests for bad packet_len and field lengths inside packetsHans Nilsson
Includes a ssh_transport:pack/3 function for generating invalid packets
2015-10-19ssh: Implemented ssh_transport:ecdh_validate_public_key (partly)Hans Nilsson
Defined in http://www.secg.org/sec1-v2.pdf '3.2.2 Validation of Elliptic Curve Public Keys' according to RFC 5656 ch 4. More to be done: check singularities, implement reading compressed points....
2015-10-16public_key: add/update -spec for ssh functionsHans Nilsson
2015-10-16ssh, public_key: use pubkey encode/decode in app public_keyHans Nilsson
2015-10-16ssh, public_key: Change EC Public Key representation to what was intendedHans Nilsson
2015-10-08Merge branch 'hans/ssh/option_dh_gex_limits_ignored/OTP-13029' into maintHans Nilsson
2015-10-08ssh: ECDSA public key implementedHans Nilsson
2015-10-07ssh: added dh_gex testsHans Nilsson
2015-10-06ssh: Bug in [email protected] compression fixedHans Nilsson
2015-10-06ssh: aes192-ctr and aes256-ctr implementedHans Nilsson
2015-08-30ssh: dh_gex defautl values increased. Groups addedHans Nilsson
2015-08-30ssh: Reorganize and extend the test suitesHans Nilsson
Add ssh_trpt_test_lib:instantiate/2, ssh_test_lib:default_algoritms/2 and algo_intersection/2 ssh_to_openssh_SUITE uses only algos that sshd and ssh client supports raised timeout limit in ssh_basic_SUITE:ssh_connect_arg4_timeout Break out ssh_renegotiate_SUITE from ssh_basic_SUITE Move std_daemon/4 to ssh_test_lib.erl Add ssh_algorithms_SUITE Add ssh_options_SUITE Add assymetric testing of algorithms Add openssh tests to ssh_algorithms_SUITE Remove algo tests from ssh_sftp_SUITE (now in ssh_algorithms_SUITE) Removed kex algo tests from in ssh_basic_SUITE because they are now in ssh_algorithm_SUITE. fixed test case ssh_protocol_SUITE:no_common_alg_server_disconnects/1
2015-08-29ssh: Elliptic Curve Diffie-Hellman (ECDH)Hans Nilsson
Adds ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp512 and OTP-12938 hmac-sha2-512
2015-08-25ssh: add extra random length padding in packetsHans Nilsson
A new experimental option 'max_random_length_padding', not documented so it might change...
2015-08-05ssh: announce dh-group-exchangeHans Nilsson
2015-08-05ssh: more dh_gex test casesHans Nilsson
2015-08-05ssh: options 'dh_gex_groups' and 'dh_gex_limits'Hans Nilsson
2015-08-05ssh: diffie-hellman-group14-sha1Hans Nilsson
2015-08-03ssh: added more groups for gexHans Nilsson
2015-08-03ssh: rm ssh_math and use crypto:compute_key insteadHans Nilsson
2015-08-03ssh: filter algs unknown to crypto (except pk)Hans Nilsson
2015-08-03ssh: Add experimental 'diffie-hellman-group-exchange-sha256 supportHans Nilsson
DO NOT USE IN PRODUCTION!!! It is not enabled by default, but may be enabled with the option {preferred_algorithms, [{kex, ['diffie-hellman-group-exchange-sha256']}]}
2015-08-03ssh: Repair/add experimental diffie-hellman-group-exchange-sha1 supportHans Nilsson
DO NOT USE IN PRODUCTION!!! This is a bug fixing of the previously partly impelmented kex algorithm. There are more things to do, for example genrate/select better g,p pair obeying the min||n||max request. It is not enabled by default, but may be enabled with the option {preferred_algorithms, [{kex, ['diffie-hellman-group-exchange-sha1']}]}
2015-07-02ssh: testcases for no common algorithms in key exchangeHans Nilsson
2015-06-18Change license text to APLv2Bruce Yinhe
2015-06-02Merge branch 'maint'Henrik Nord
Conflicts: OTP_VERSION lib/inets/test/httpd_SUITE.erl lib/inets/vsn.mk lib/ssh/src/ssh.erl lib/ssh/vsn.mk lib/ssl/src/ssl.appup.src lib/ssl/vsn.mk
2015-05-29ssh: Check e and f parameters in kexdhHans Nilsson
rfc 4253 says in section 8 that: "Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be sent or accepted by either side. If this condition is violated, the key exchange fails." This commit implements the reception check.
2015-05-29ssh: Set max num algoritms in msg_kexinit negotiationHans
This is to prevent some dos-attac scenarios. The limit is hard-coded.
2015-05-26ssh: Undocumented option 'compression' replaced by 'preferred_algorithms'Hans Nilsson
The 'compression' option was used in the test cases. The new option 'preferred_algorithms' is much more powerful and can be used as a replacement.
2015-05-26ssh: New option 'preferred_algorithms'Hans Nilsson
This option enables the user to define which algorithms that are to be used as well as their precedences in the negotiation between server and client.
2015-05-08ssh: Check e and f parameters in kexdhHans Nilsson
rfc 4253 says in section 8 that: "Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be sent or accepted by either side. If this condition is violated, the key exchange fails." This commit implements the reception check.
2015-04-21ssh: added id_string option for server and clientHans Nilsson
For limiting Banner Grabbing attempts.
2014-09-24ssh: Gracefully handle incorrect versionsIngela Anderton Andin
Conflicts: lib/ssh/test/ssh_connection_SUITE.erl
2014-08-28SSH: only enable ciphers/MACs when they are available in cryptoAlex Wilson
Also adjusts tests to only expect a positive outcome when crypto supports the relevant base ciphers/MACs.
2014-06-10SSH: add support for aes128-ctr and hmac-sha2-256Alex Wilson
This cipher and hmac are RECOMMENDED as per RFC4344 and RFC6668. RFC4344 notes that aes128-ctr is likely to be promoted to REQUIRED in the near future. Some distros of Linux and Illumos are already shipping with aes128-cbc and 3des-cbc disabled by default due to security concerns around chosen-plaintext attacks and other information leaks. Without this patch, OTP SSH cannot connect to these SSH servers in their default configuration.
2013-11-13ssh: Merge connection_manager and connection_handler processesIngela Anderton Andin
Also start adding dialyzer specs and removing dead code