| Age | Commit message (Collapse) | Author |
|---|
|
|
|
* maint-18:
Updated OTP version
Update release notes
ssh: vsn.mk updated
ssh: New test cases for SSH_MSG_KEX_DH_GEX_REQUEST_OLD
ssh: update existing testcases
ssh: Improve group selection
ssh: implemented server side SSH_MSG_KEX_DH_GEX_REQUEST_OLD for putty client
Conflicts:
lib/ssh/src/ssh_transport.erl
lib/ssh/test/ssh_protocol_SUITE.erl
lib/ssh/vsn.mk
|
|
Now it chooses the first found if no exact match.
|
|
|
|
|
|
Note that the rfc5647 is ambigous so this implementation of AEAD_AES_(128|256)_GCM
may or may not be compatible with others. They are note enabled by default but may
be enabled by the user. See the Reference Manual, Application SSH for details of
how we interpret the rfc.
To be safe, use [email protected] or [email protected] instead.
|
|
There was an assymetric relationship between receiving a ssh-packet (decrypting-mac-decompress) and sending one. When sending, most of the work was defined in the ssh_transport module, while at reception the ssh_connection_handler was the one knowing what to do.
This commit moves the reception down to the ssh_transport module where it belongs.
|
|
|
|
OTP-13066
|
|
Also tool (public_key:gen_moduli_hrl) to convert an openssh moduli file to erlang format.
|
|
Includes a ssh_transport:pack/3 function for generating invalid packets
|
|
Defined in http://www.secg.org/sec1-v2.pdf '3.2.2 Validation of Elliptic Curve Public Keys'
according to RFC 5656 ch 4.
More to be done: check singularities, implement reading compressed points....
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Add ssh_trpt_test_lib:instantiate/2, ssh_test_lib:default_algoritms/2 and algo_intersection/2
ssh_to_openssh_SUITE uses only algos that sshd and ssh client supports
raised timeout limit in ssh_basic_SUITE:ssh_connect_arg4_timeout
Break out ssh_renegotiate_SUITE from ssh_basic_SUITE
Move std_daemon/4 to ssh_test_lib.erl
Add ssh_algorithms_SUITE
Add ssh_options_SUITE
Add assymetric testing of algorithms
Add openssh tests to ssh_algorithms_SUITE
Remove algo tests from ssh_sftp_SUITE (now in ssh_algorithms_SUITE)
Removed kex algo tests from in ssh_basic_SUITE because they are now in ssh_algorithm_SUITE.
fixed test case ssh_protocol_SUITE:no_common_alg_server_disconnects/1
|
|
Adds ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp512
and OTP-12938
hmac-sha2-512
|
|
A new experimental option 'max_random_length_padding', not documented so it might change...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
DO NOT USE IN PRODUCTION!!!
It is not enabled by default, but may be enabled with the option
{preferred_algorithms, [{kex, ['diffie-hellman-group-exchange-sha256']}]}
|
|
DO NOT USE IN PRODUCTION!!!
This is a bug fixing of the previously partly impelmented kex algorithm.
There are more things to do, for example genrate/select better g,p pair obeying the min||n||max request.
It is not enabled by default, but may be enabled with the option
{preferred_algorithms, [{kex, ['diffie-hellman-group-exchange-sha1']}]}
|
|
|
|
|
|
Conflicts:
OTP_VERSION
lib/inets/test/httpd_SUITE.erl
lib/inets/vsn.mk
lib/ssh/src/ssh.erl
lib/ssh/vsn.mk
lib/ssl/src/ssl.appup.src
lib/ssl/vsn.mk
|
|
rfc 4253 says in section 8 that:
"Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be
sent or accepted by either side. If this condition is violated, the
key exchange fails."
This commit implements the reception check.
|
|
This is to prevent some dos-attac scenarios. The limit is hard-coded.
|
|
The 'compression' option was used in the test cases. The new option 'preferred_algorithms' is
much more powerful and can be used as a replacement.
|
|
This option enables the user to define which algorithms that
are to be used as well as their precedences in the negotiation
between server and client.
|
|
rfc 4253 says in section 8 that:
"Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be
sent or accepted by either side. If this condition is violated, the
key exchange fails."
This commit implements the reception check.
|
|
For limiting Banner Grabbing attempts.
|
|
Conflicts:
lib/ssh/test/ssh_connection_SUITE.erl
|
|
Also adjusts tests to only expect a positive outcome when
crypto supports the relevant base ciphers/MACs.
|
|
This cipher and hmac are RECOMMENDED as per RFC4344 and
RFC6668. RFC4344 notes that aes128-ctr is likely to be
promoted to REQUIRED in the near future.
Some distros of Linux and Illumos are already shipping with
aes128-cbc and 3des-cbc disabled by default due to security
concerns around chosen-plaintext attacks and other information
leaks. Without this patch, OTP SSH cannot connect to these
SSH servers in their default configuration.
|
|
Also start adding dialyzer specs and removing dead code
|
|
This is step one in in making ssh process structure less complicated.
As an effect I also found other simplifications/clean ups of the code
that could be done.
|
|
http://www.openssh.org/txt/draft-miller-secsh-compression-delayed-00.txt
|
|
|
|
|
