aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssh
AgeCommit message (Collapse)Author
2015-06-08ssh: add missing doc for option auth_method_kb_interactive_dataHans Nilsson
2015-06-08Merge branch 'hans/ssh/cuddle_tests'Hans Nilsson
* hans/ssh/cuddle_tests: ssh: Change to ct:sleep in ssh_basic_SUITE ssh: add empty password to the probing ssh_test_lib:openssh_sanity_check/1 ssh: Replace ct:sleep with timer:sleep for long sleeps ssh: timeout fixes in ssh_basic_SUITE
2015-06-05Merge branch 'hans/ssh/check_dirs/OTP-12788'Hans Nilsson
* hans/ssh/check_dirs/OTP-12788: ssh: Check that user_dir and system_dir exists and are readable
2015-06-05ssh: Check that user_dir and system_dir exists and are readableHans
2015-06-05ssh: Change to ct:sleep in ssh_basic_SUITEHans
2015-06-04ssh: add empty password to the probing ssh_test_lib:openssh_sanity_check/1Hans
This is to give a quick end if the test is run a maskin where it can't log in to the OpenSSH server.
2015-06-04ssh: Replace ct:sleep with timer:sleep for long sleepsHans
On two of our test machines, ct:sleep was scaled to a ridicously long time (10 x). This made the key renegotiation to trigger wich the test case was designed not to tolerate. By reducing the sleep time to the intended order of magnitude, hopfully the test cases will work.
2015-06-04ssh: timeout fixes in ssh_basic_SUITEHans
The testcases ssh_connect_negtimeout_parallel ssh_connect_negtimeout_sequential max_sessions_sftp_start_channel_sequential max_sessions_sftp_start_channel_parallel max_sessions_ssh_connect_sequential max_sessions_ssh_connect_parallel sometimes failed on certain machines. Tried to increase timeouts and added a sleep. (Not exactly the best way of doing real time programming....)
2015-06-04ssh: make disconnectfun work for both server&clientHans
2015-06-02correct merge conflictHenrik Nord
2015-06-02Merge branch 'maint'Henrik Nord
Conflicts: OTP_VERSION lib/inets/test/httpd_SUITE.erl lib/inets/vsn.mk lib/ssh/src/ssh.erl lib/ssh/vsn.mk lib/ssl/src/ssl.appup.src lib/ssl/vsn.mk
2015-06-01Update release notesErlang/OTP
2015-06-01Merge branch 'hans/ssh/codenomicon_degradation/OTP-12784' into maint-17Erlang/OTP
* hans/ssh/codenomicon_degradation/OTP-12784: ssh: update ssh version ssh: Plain text message returned for invalid version exchange ssh: Implement keyboard_interactive on server side ssh: Check e and f parameters in kexdh ssh: Set max num algoritms in msg_kexinit negotiation
2015-05-29ssh: update ssh versionHans
2015-05-29ssh: Plain text message returned for invalid version exchangeHans
This is how OpenSSH does. The bytes returned will be put on the user's tty, so it is better with text than a ssh_msg_disconnect
2015-05-29ssh: Implement keyboard_interactive on server sideHans
2015-05-29ssh: Check e and f parameters in kexdhHans Nilsson
rfc 4253 says in section 8 that: "Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be sent or accepted by either side. If this condition is violated, the key exchange fails." This commit implements the reception check.
2015-05-29ssh: Set max num algoritms in msg_kexinit negotiationHans
This is to prevent some dos-attac scenarios. The limit is hard-coded.
2015-05-29ssh: handle that inet:getopts(Socket, [recbuf]) may return {ok, []}Ingela Anderton Andin
If something bad happens and the socket is closed the call inet:getopts(Socket, [recbuf]) may return {ok, []}. We want to treat this as a fatal error and terminate gracefully. The same goes for the case that inet:getopts returns {error, Reason} that was not handled either.
2015-05-26ssh: Algorithms test case addedHans Nilsson
2015-05-26ssh: Undocumented option 'compression' replaced by 'preferred_algorithms'Hans Nilsson
The 'compression' option was used in the test cases. The new option 'preferred_algorithms' is much more powerful and can be used as a replacement.
2015-05-26ssh: New option 'preferred_algorithms'Hans Nilsson
This option enables the user to define which algorithms that are to be used as well as their precedences in the negotiation between server and client.
2015-05-26ssh: Remove erroneous option 'role'Hans Nilsson
This option is set internaly but there is no reason to set it when calling a function.
2015-05-21Add tests for ssh rekeyingSimon Cornish
2015-05-21Fix protocol violations during rekeyingSimon Cornish
In RFC 4253, sections 7.1 & 9 describe rekeying with special attention to the protocol messages that may be received and may not be sent during rekeying. This patch fixes a number of problems during rekeying caused by data & requests received from the network, and/or data & requests sent by the user.
2015-05-21Fix rekeying according to RFC 4253Simon Cornish
When in the connected state, an received KEXINIT message MUST be responded to with KEXINIT. After that, the client may continue with KEXDH_INIT (or similar). See the first paragraph on RFC 4253 sec. 9.
2015-05-18Merge branch 'ia/ssh/doc/types'Ingela Anderton Andin
* ia/ssh/doc/types: ssh: Align "=" sign in type declarations to decided policy
2015-05-18Merge branch 'maint'Zandra Hird
Conflicts: OTP_VERSION lib/ssh/doc/src/ssh.xml lib/ssh/vsn.mk
2015-05-18Update release notesErlang/OTP
2015-05-13ssh: option for handling the SSH_MSG_DEBUG message's printoutsHans Nilsson
A fun could be given in the options that will be called whenever the SSH_MSG_DEBUG message arrives. This enables the user to format the printout or just discard it. The default is changed to not print the message. In RFC4253 printing is a SHOULD, but our new default is to protect logs from dos attacs.
2015-05-13Revert "Prepare release"Henrik Nord
This reverts commit e09dd66dc4d89c62ddfd8c19791f9678d5d787c6.
2015-05-12Prepare releaseErlang/OTP
2015-05-12ssh: Align "=" sign in type declarations to decided policyIngela Anderton Andin
2015-05-12ssh: Fix ssh_basic_SUITE.erl to work on Windows hostsHans Nilsson
The test cases id_string_no_opt_client id_string_own_string_client id_string_random_client didn't work on MS Windows. This commit adds {packet,line} to get the whole version exchange line in one packet on all architectures. It also adds timeouts to speed up failures in those test cases.
2015-05-12ssh: Fix typoIngela Anderton Andin
Option height was misspelled in the code. Fix code but recognize the mispellt option for backwards compatible reasons.
2015-05-08ssh: Check e and f parameters in kexdhHans Nilsson
rfc 4253 says in section 8 that: "Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be sent or accepted by either side. If this condition is violated, the key exchange fails." This commit implements the reception check.
2015-05-07Merge branch 'ia/ssh/extra-logout'Ingela Anderton Andin
* ia/ssh/extra-logout: ssh: Hadle shell that sends two logout messages
2015-05-07ssh: update vsn.mk to 4.0Hans Nilsson
2015-05-05ssh: Hadle shell that sends two logout messagesIngela Anderton Andin
2015-05-05Merge branch 'dotsimon/ssh_sftp_version_negotiation_timeout'Zandra Hird
OTP-12708
2015-05-05ssh: No description in v-tagIngela Anderton Andin
2015-05-05ssh: Fix missed alphabetic ordering and indentationIngela Anderton Andin
2015-05-05ssh: Use correct ASCII char for quoteIngela Anderton Andin
2015-05-05ssh: Fix linksIngela Anderton Andin
2015-05-04Merge branch 'ia/ssh/test-openssh-cuddle'Ingela Anderton Andin
* ia/ssh/test-openssh-cuddle: ssh: Add openSSH interop check
2015-04-30ssh: Fix bug causing rekeying once per minute after 1st Gbyte Thanks SimonHans Nilsson
The port stats are not accumulated so that once rekey_limit bytes (by default, 1GB) have been transmitted the connection will be rekeyed every minute, not after the next 1GB.
2015-04-29ssh: Add openSSH interop checkIngela Anderton Andin
2015-04-27Merge branch 'hans/ssh/improve_docs'Hans Nilsson
* hans/ssh/improve_docs: ssh: broken doc links to file functions fixed
2015-04-27ssh: broken doc links to file functions fixedHans Nilsson
2015-04-24Merge branch 'hans/ssh/improve_docs'Hans Nilsson