| Age | Commit message (Collapse) | Author |
|---|
|
Adds ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp512
and OTP-12938
hmac-sha2-512
|
|
A new experimental option 'max_random_length_padding', not documented so it might change...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
DO NOT USE IN PRODUCTION!!!
It is not enabled by default, but may be enabled with the option
{preferred_algorithms, [{kex, ['diffie-hellman-group-exchange-sha256']}]}
|
|
DO NOT USE IN PRODUCTION!!!
This is a bug fixing of the previously partly impelmented kex algorithm.
There are more things to do, for example genrate/select better g,p pair obeying the min||n||max request.
It is not enabled by default, but may be enabled with the option
{preferred_algorithms, [{kex, ['diffie-hellman-group-exchange-sha1']}]}
|
|
|
|
|
|
Conflicts:
OTP_VERSION
lib/inets/test/httpd_SUITE.erl
lib/inets/vsn.mk
lib/ssh/src/ssh.erl
lib/ssh/vsn.mk
lib/ssl/src/ssl.appup.src
lib/ssl/vsn.mk
|
|
rfc 4253 says in section 8 that:
"Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be
sent or accepted by either side. If this condition is violated, the
key exchange fails."
This commit implements the reception check.
|
|
This is to prevent some dos-attac scenarios. The limit is hard-coded.
|
|
The 'compression' option was used in the test cases. The new option 'preferred_algorithms' is
much more powerful and can be used as a replacement.
|
|
This option enables the user to define which algorithms that
are to be used as well as their precedences in the negotiation
between server and client.
|
|
rfc 4253 says in section 8 that:
"Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be
sent or accepted by either side. If this condition is violated, the
key exchange fails."
This commit implements the reception check.
|
|
For limiting Banner Grabbing attempts.
|
|
Conflicts:
lib/ssh/test/ssh_connection_SUITE.erl
|
|
Also adjusts tests to only expect a positive outcome when
crypto supports the relevant base ciphers/MACs.
|
|
This cipher and hmac are RECOMMENDED as per RFC4344 and
RFC6668. RFC4344 notes that aes128-ctr is likely to be
promoted to REQUIRED in the near future.
Some distros of Linux and Illumos are already shipping with
aes128-cbc and 3des-cbc disabled by default due to security
concerns around chosen-plaintext attacks and other information
leaks. Without this patch, OTP SSH cannot connect to these
SSH servers in their default configuration.
|
|
Also start adding dialyzer specs and removing dead code
|
|
This is step one in in making ssh process structure less complicated.
As an effect I also found other simplifications/clean ups of the code
that could be done.
|
|
http://www.openssh.org/txt/draft-miller-secsh-compression-delayed-00.txt
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Restored supervisor tree so that error propagation will work as
intended, although connection processes are set to temporary, instead
of permanent with restart times set to 0, and termination of the
connection subtree is initiated by a temporary process spawned by
ssh_connection_managers terminate. This is done to avoid unwanted
supervisor reports. Pherhaps we need some new supervisor
functionality.
|
|
ssh_keys behavior
|
|
Solves OTP-7677
|
|
|
|
Also improved test suites to avoid copying of users keys to
test server directories as this is a security liability
|
|
open a IPv6 connection.
|
|
|
|
|
