aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssh/src/ssh_transport.erl
AgeCommit message (Collapse)Author
2018-11-19Merge branch 'hans/ssh/eddsa/OTP-15094' into maintHans Nilsson
* hans/ssh/eddsa/OTP-15094: ssh: Add Edward curves to the documentation ssh: Update test cases for eddsa ssh: Add public keys 'ssh-ed25519' and 'ssh-ed448'
2018-11-19ssh: Make host and user key pre-checking betterHans Nilsson
This will prevent crashes in ssh_file for public key types which have no passphrase option although being supported. Also centralize host key checking to avoid code duplication. This was already done for user keys.
2018-11-19ssh: Cleaning and polishing of ssh_authHans Nilsson
No intentional api changes. Only to make the code less hard to read.
2018-11-19ssh: Add a common key_cb call functionHans Nilsson
2018-11-19ssh: Add public keys 'ssh-ed25519' and 'ssh-ed448'Hans Nilsson
Requires OpenSSL-1.1.1 https://tools.ietf.org/html/draft-ietf-curdle-ssh-ed25519-ed448-00
2018-11-09Merge branch 'hans/ssh/fix_ext_info/OTP-15413' into maintHans Nilsson
* hans/ssh/fix_ext_info/OTP-15413: ssh: Fix ssh_options checking for ext_info ssh: Fix SSH_MSG_EXT_INFO bug for OTP SSH as server ssh: Fix SSH_MSG_EXT_INFO bug for OTP SSH as client
2018-11-07ssh: Fix SSH_MSG_EXT_INFO bug for OTP SSH as serverHans Nilsson
The wrong set of supported public keys was sent to the client.
2018-08-23Merge branch 'hans/ssh/x25519_x448/OTP-15133' into maintHans Nilsson
* hans/ssh/x25519_x448/OTP-15133: ssh: Doc updates ssh: spec curve25519 & curve448 ssh: Fix non-conforming key generation in kex for x25519 and x448 ssh: Enable curve448-sha512 and curve25519-sha256 ssh: Remove the term 'eddh'
2018-08-23ssh: Fix non-conforming key generation in kex for x25519 and x448Hans Nilsson
That is, curve25519-sha256, [email protected] and curve448-sha512
2018-08-23ssh: Enable curve448-sha512 and curve25519-sha256Hans Nilsson
2018-08-23ssh: Remove the term 'eddh'Hans Nilsson
2018-08-23ssh: Add [email protected] cipherHans Nilsson
2018-08-16ssh: Use the 'macs' tag in crypto:supports/0Hans Nilsson
2018-08-16ssh: Use the new crypto:supports/0 tag 'curves'Hans Nilsson
2018-06-18Update copyright yearHenrik Nord
2018-06-11ssh: Add experimental eddhHans Nilsson
Not working
2018-05-09Merge branch 'maint'Hans Nilsson
* maint: Updated OTP version Prepare release ssh: Renegotiation -> renegotiate ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419 ssh: Fix server crashes for exit-normal signals
2018-05-09Merge branch 'maint-19' into maintHans Nilsson
* maint-19: Updated OTP version Prepare release ssh: Renegotiation -> renegotiate ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419 ssh: Fix server crashes for exit-normal signals Conflicts: OTP_VERSION lib/ssh/doc/src/notes.xml lib/ssh/src/ssh_connection_handler.erl lib/ssh/src/ssh_transport.erl lib/ssh/vsn.mk otp_versions.table
2018-05-08Merge branch 'maint'Hans Nilsson
* maint: Updated OTP version Prepare release ssh: Renegotiation -> renegotiate ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419 crypto: get_engine_load_cmd_list excluded if no engine support crypto: Fix compilation for LibreSSL 2.7.x crypto: Disable test_engine if engine is disabled crypto: disable engine if OPENSSL_NO_EC* is set If that flag is set, and openssl/engine.h is included, there will be an erro further down in files included by engine.h Conflicts: OTP_VERSION
2018-05-04ssh: Fix DH group exchange server bug for PuTTYHans Nilsson
and others following draft-draft-00 from 2001 and not the rfc4419
2018-05-02ssh: Fix DH group exchange server bug for PuTTYHans Nilsson
and others following draft-draft-00 from 2001 and not the rfc4419
2018-03-29ssh: Use the new ssh_dbg moduleHans Nilsson
2018-03-29ssh: Unused fields #ssh.hkey and #ssh.kex removedHans Nilsson
2018-02-22Merge branch 'maint-20' into maintHans Nilsson
* maint-20: Updated OTP version Prepare release ssh: Add option save_accepted_host ssh: No error message for signal kill ssh: Dont repeat supervisor defaults in map fields ssh: Move starting of channel child to ssh_channel_sup ssh: Test case for sup tree when shell server proc times out
2018-02-21ssh: Add option save_accepted_hostHans Nilsson
2018-01-08ssh: A compatibility testing suite using dockersHans Nilsson
This suite tests compatibility with different combinations of OpenSSH and OpenSSL. The peer SSH is running in a docker container.
2017-12-14ssh: Special treatment of OpenSSH clients >= 7.2 rsa-sha2-* public keysHans Nilsson
Thoose clients signs with sha instead of sha2-*. Try first to verify with the correct one, and if that fails, retry with sha1.
2017-11-16Merge branch 'maint-18' into maintHans Nilsson
* maint-18: Updated OTP version Prepare release ssh: Unicode encoding fix ssh: testcases for space trailing Hello msg Remove unused test include file from test suites eldap: Repair Makefile ssh: Don't remove trailing WS in Hello msg Conflicts: OTP_VERSION erts/doc/src/notes.xml erts/vsn.mk lib/compiler/doc/src/notes.xml lib/compiler/vsn.mk lib/crypto/test/blowfish_SUITE.erl lib/eldap/doc/src/notes.xml lib/eldap/vsn.mk lib/inets/test/httpd_load.erl lib/inets/test/httpd_mod.erl lib/inets/test/old_httpd_SUITE.erl lib/ssh/doc/src/notes.xml lib/ssh/vsn.mk lib/stdlib/test/zip_SUITE.erl otp_versions.table
2017-11-10ssh: Update SSH for engine-stored host keysHans Nilsson
2017-11-09ssh: Don't remove trailing WS in Hello msgHans Nilsson
2017-11-09ssh: Don't remove trailing WS in Hello msgHans Nilsson
2017-10-30ssh: Server checks host key files at start and at acceptHans Nilsson
2017-10-30ssh: Sharpen the PubKey validity checkHans Nilsson
2017-10-12ssh: Adapt to simplified public_key and simplify sshHans Nilsson
2017-10-03ssh: Make host key checking more debug friendlyHans Nilsson
2017-09-28ssh: exclude aes_gcm if peer is OpenSSH 6.2 (known bug)Hans Nilsson
2017-09-11ssh: Added option 'modify_algorithms' with prepend, append and rmHans Nilsson
If a user wants to enable one non-default algorithm or remove a default one, the option preferred_algorithms is too complicated since it replaces the whole set of algorithms.
2017-05-22ssh: fix the rsa-sha2-* hostkey verify errorHans Nilsson
2017-05-17Merge branch 'hans/ssh/ext-info_bug_fixes'Hans Nilsson
2017-05-17ssh: select server-sig-algs from configured algos (preferred_algorithms)Hans Nilsson
2017-05-17ssh: Enable rsa-sha2-*Hans Nilsson
Conflicts: lib/ssh/src/ssh_transport.erl
2017-05-12ssh: Tests for ext-info extension (ext-info-c)Hans Nilsson
2017-05-04Update copyright yearRaimo Niskanen
2017-04-27ssh: Don't expose new rsa-sha2-* as defaultHans Nilsson
2017-04-26ssh: Codenomicon/Defensics fixesHans Nilsson
2017-04-26ssh: Implement signature algorithms rsa-sha2-*. draft-ietf-curdle-rsa-sha2Hans Nilsson
2017-04-26ssh: server-sig-algs, server sideHans Nilsson
2017-04-26ssh: Implement ext-info extension. draft-ietf-curdle-ssh-ext-infoHans Nilsson
This is only a draft extension, but it is quite stable and already supported by some implementations. OpenSSH has had it for some year now.
2017-04-12ssh: replace deprecated crypto:rand_uniformHans Nilsson
2017-04-07ssh: option 'silently_accept_hosts' reworkedHans Nilsson
New (yet) undocumented option value {false,Alg} where Alg :: md5 | sha | sha224 | sha256 | sha384 | sha512 This option includes the fingerprint value in the accept question to the user. The fingerprint is calculated with the Alg provided