Age | Commit message (Collapse) | Author |
|
Previously we called the ssh client with the -Q option to query about supported algorithms. Since old clients do not support this and at least one lies, we now set up a fake server at let the ssh client start negotiation instead. Much more robust hopefully.
|
|
|
|
|
|
|
|
Conflicts:
lib/ssh/vsn.mk
|
|
|
|
|
|
It actually counts the number of subsystem alive. Allocating a channel does not consume any resources
(except some cpu cycles), but the subsystem start spawns processes.
|
|
|
|
|
|
|
|
|
|
|
|
Add ssh_trpt_test_lib:instantiate/2, ssh_test_lib:default_algoritms/2 and algo_intersection/2
ssh_to_openssh_SUITE uses only algos that sshd and ssh client supports
raised timeout limit in ssh_basic_SUITE:ssh_connect_arg4_timeout
Break out ssh_renegotiate_SUITE from ssh_basic_SUITE
Move std_daemon/4 to ssh_test_lib.erl
Add ssh_algorithms_SUITE
Add ssh_options_SUITE
Add assymetric testing of algorithms
Add openssh tests to ssh_algorithms_SUITE
Remove algo tests from ssh_sftp_SUITE (now in ssh_algorithms_SUITE)
Removed kex algo tests from in ssh_basic_SUITE because they are now in ssh_algorithm_SUITE.
fixed test case ssh_protocol_SUITE:no_common_alg_server_disconnects/1
|
|
Adds ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp512
and OTP-12938
hmac-sha2-512
|
|
A new experimental option 'max_random_length_padding', not documented so it might change...
|
|
|
|
|
|
- negotiation state
- better printouts
|
|
|
|
|
|
|
|
|
|
DO NOT USE IN PRODUCTION!!!
This is a bug fixing of the previously partly impelmented kex algorithm.
There are more things to do, for example genrate/select better g,p pair obeying the min||n||max request.
It is not enabled by default, but may be enabled with the option
{preferred_algorithms, [{kex, ['diffie-hellman-group-exchange-sha1']}]}
|
|
|
|
|
|
|
|
This test lib is intended for deeper testing of the SSH application. It
makes it possible to do exact steps in the message exchange to test "corner
cases"
|
|
|
|
The tests now have supersets in ssh_basic_SUITE and ssh_sftp_SUITE.
|
|
|
|
|
|
Conflicts:
lib/ssh/test/ssh_basic_SUITE.erl
|
|
* hans/ssh/unknown_msgfun/OTP-12813:
ssh: Option unexpectedfun for ssh:daemon and ssh:connect
|
|
This option has a fun as value. The fun will be called when an
unexpected message arrives. The fun returns either 'skip' or 'report'
to guide the connection_handler what to do.
One usage is to filter out messages that are not wanted in the error
logger as info reports. An example of such a message is the 'etimedout'
tcp error message that will be received if a connection has keep_alive
and the peer is restarted.
|
|
This suite tests that upgrade/downgrade works from/to both minor and major versions. It is modelled after the ssl_upgrade_SUITE.
A precondition for success is that the ssh.appup file is correct.
|
|
* hans/ssh/cuddle_tests:
ssh: add test cases for disconnectfun
|
|
OTP-12786
|
|
* ia/ssh/name-spaces/OTP-12675:
ssh: Correct Makefile
ssh: Add profile option
|
|
* hans/ssh/cuddle_tests:
ssh: Change to ct:sleep in ssh_basic_SUITE
ssh: add empty password to the probing ssh_test_lib:openssh_sanity_check/1
ssh: Replace ct:sleep with timer:sleep for long sleeps
ssh: timeout fixes in ssh_basic_SUITE
|
|
* hans/ssh/check_dirs/OTP-12788:
ssh: Check that user_dir and system_dir exists and are readable
|
|
|
|
|
|
This is to give a quick end if the test is run a maskin where it can't log in to the OpenSSH server.
|
|
On two of our test machines, ct:sleep was scaled to a ridicously long time (10 x). This made the key renegotiation to trigger wich the test case was designed not to tolerate.
By reducing the sleep time to the intended order of magnitude, hopfully the test cases will work.
|
|
The testcases
ssh_connect_negtimeout_parallel
ssh_connect_negtimeout_sequential
max_sessions_sftp_start_channel_sequential
max_sessions_sftp_start_channel_parallel
max_sessions_ssh_connect_sequential
max_sessions_ssh_connect_parallel
sometimes failed on certain machines. Tried to increase timeouts and added a sleep. (Not exactly the best way of doing real time programming....)
|
|
|
|
To enable the ssh daemon to run in a virtualized environment, where
there can be more that one server that has the same ip-address
and port, we add a new option profile. The profile name will be
used in concatenation with ip-address and port to identify the
ssh daemon instance.
The name profile was chosen as there is a similar concept in the HTTP client
in inets where profile names can be used to instantiate client configurations.
Also the same type of option has been added to the HTTP server in inets.
|
|
|
|
The 'compression' option was used in the test cases. The new option 'preferred_algorithms' is
much more powerful and can be used as a replacement.
|