aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssh
AgeCommit message (Collapse)Author
2015-06-16ssh: Modernize type definitionsIngela Anderton Andin
2015-06-15ssh: fix bad ssh_basic_SUITE dir_options groupHans Nilsson
2015-06-15ssh: add test case + corr for ssh_info:print/1Hans Nilsson
Conflicts: lib/ssh/test/ssh_basic_SUITE.erl
2015-06-10Merge branch 'hans/ssh/unknown_msgfun/OTP-12813'Hans Nilsson
* hans/ssh/unknown_msgfun/OTP-12813: ssh: Option unexpectedfun for ssh:daemon and ssh:connect
2015-06-10Merge branch 'hans/ssh/pwd_correction'Hans Nilsson
* hans/ssh/pwd_correction: ssh: doc change for keyboard-interaction, pwd->password
2015-06-10Merge branch 'hans/ssh/no_erlint_func/OTP-11697'Hans Nilsson
* hans/ssh/no_erlint_func/OTP-11697: ssh: Replace erlint/1 in ssh_message.erl and ssh_auth.erl
2015-06-10Merge branch 'hans/ssh/check_auth_methods_server/OTP-12790'Hans Nilsson
* hans/ssh/check_auth_methods_server/OTP-12790: ssh: change pwd->password for keyboard-interactive ssh save keybard-interactive data in #ssh{} ssh: make server check auth_methods when rec request
2015-06-09ssh: Option unexpectedfun for ssh:daemon and ssh:connectHans Nilsson
This option has a fun as value. The fun will be called when an unexpected message arrives. The fun returns either 'skip' or 'report' to guide the connection_handler what to do. One usage is to filter out messages that are not wanted in the error logger as info reports. An example of such a message is the 'etimedout' tcp error message that will be received if a connection has keep_alive and the peer is restarted.
2015-06-09ssh: Upgrade test suiteHans
This suite tests that upgrade/downgrade works from/to both minor and major versions. It is modelled after the ssl_upgrade_SUITE. A precondition for success is that the ssh.appup file is correct.
2015-06-09ssh: doc change for keyboard-interaction, pwd->passwordHans Nilsson
2015-06-09ssh: change pwd->password for keyboard-interactiveHans Nilsson
2015-06-09ssh save keybard-interactive data in #ssh{}Hans Nilsson
2015-06-09ssh: make server check auth_methods when rec requestHans Nilsson
2015-06-09ssh: Replace erlint/1 in ssh_message.erl and ssh_auth.erlHans
In the old times there was no binary notation which handled this particulary case, but now we can write big-signed-integer-unit:8 directly in binaries. The undocumented internal function ssh_bits:erlint/1 is removed.
2015-06-09Merge branch 'hans/ssh/cuddle_tests'Hans Nilsson
* hans/ssh/cuddle_tests: ssh: add test cases for disconnectfun
2015-06-09Merge branch 'hans/ssh/missing_doc'Hans Nilsson
* hans/ssh/missing_doc: ssh: add missing doc for option auth_method_kb_interactive_data
2015-06-08ssh: add test cases for disconnectfunHans Nilsson
OTP-12786
2015-06-08Merge branch 'ia/ssh/name-spaces/OTP-12675'Ingela Anderton Andin
* ia/ssh/name-spaces/OTP-12675: ssh: Correct Makefile ssh: Add profile option
2015-06-08ssh: add missing doc for option auth_method_kb_interactive_dataHans Nilsson
2015-06-08Merge branch 'hans/ssh/cuddle_tests'Hans Nilsson
* hans/ssh/cuddle_tests: ssh: Change to ct:sleep in ssh_basic_SUITE ssh: add empty password to the probing ssh_test_lib:openssh_sanity_check/1 ssh: Replace ct:sleep with timer:sleep for long sleeps ssh: timeout fixes in ssh_basic_SUITE
2015-06-05Merge branch 'hans/ssh/check_dirs/OTP-12788'Hans Nilsson
* hans/ssh/check_dirs/OTP-12788: ssh: Check that user_dir and system_dir exists and are readable
2015-06-05ssh: Check that user_dir and system_dir exists and are readableHans
2015-06-05ssh: Change to ct:sleep in ssh_basic_SUITEHans
2015-06-04ssh: add empty password to the probing ssh_test_lib:openssh_sanity_check/1Hans
This is to give a quick end if the test is run a maskin where it can't log in to the OpenSSH server.
2015-06-04ssh: Replace ct:sleep with timer:sleep for long sleepsHans
On two of our test machines, ct:sleep was scaled to a ridicously long time (10 x). This made the key renegotiation to trigger wich the test case was designed not to tolerate. By reducing the sleep time to the intended order of magnitude, hopfully the test cases will work.
2015-06-04ssh: timeout fixes in ssh_basic_SUITEHans
The testcases ssh_connect_negtimeout_parallel ssh_connect_negtimeout_sequential max_sessions_sftp_start_channel_sequential max_sessions_sftp_start_channel_parallel max_sessions_ssh_connect_sequential max_sessions_ssh_connect_parallel sometimes failed on certain machines. Tried to increase timeouts and added a sleep. (Not exactly the best way of doing real time programming....)
2015-06-04ssh: make disconnectfun work for both server&clientHans
2015-06-03ssh: Correct MakefileIngela Anderton Andin
The ssh application does not have any external include files
2015-06-03ssh: Add profile optionIngela Anderton Andin
To enable the ssh daemon to run in a virtualized environment, where there can be more that one server that has the same ip-address and port, we add a new option profile. The profile name will be used in concatenation with ip-address and port to identify the ssh daemon instance. The name profile was chosen as there is a similar concept in the HTTP client in inets where profile names can be used to instantiate client configurations. Also the same type of option has been added to the HTTP server in inets.
2015-06-02correct merge conflictHenrik Nord
2015-06-02Merge branch 'maint'Henrik Nord
Conflicts: OTP_VERSION lib/inets/test/httpd_SUITE.erl lib/inets/vsn.mk lib/ssh/src/ssh.erl lib/ssh/vsn.mk lib/ssl/src/ssl.appup.src lib/ssl/vsn.mk
2015-06-01Update release notesErlang/OTP
2015-06-01Merge branch 'hans/ssh/codenomicon_degradation/OTP-12784' into maint-17Erlang/OTP
* hans/ssh/codenomicon_degradation/OTP-12784: ssh: update ssh version ssh: Plain text message returned for invalid version exchange ssh: Implement keyboard_interactive on server side ssh: Check e and f parameters in kexdh ssh: Set max num algoritms in msg_kexinit negotiation
2015-05-29ssh: update ssh versionHans
2015-05-29ssh: Plain text message returned for invalid version exchangeHans
This is how OpenSSH does. The bytes returned will be put on the user's tty, so it is better with text than a ssh_msg_disconnect
2015-05-29ssh: Implement keyboard_interactive on server sideHans
2015-05-29ssh: Check e and f parameters in kexdhHans Nilsson
rfc 4253 says in section 8 that: "Values of 'e' or 'f' that are not in the range [1, p-1] MUST NOT be sent or accepted by either side. If this condition is violated, the key exchange fails." This commit implements the reception check.
2015-05-29ssh: Set max num algoritms in msg_kexinit negotiationHans
This is to prevent some dos-attac scenarios. The limit is hard-coded.
2015-05-29ssh: handle that inet:getopts(Socket, [recbuf]) may return {ok, []}Ingela Anderton Andin
If something bad happens and the socket is closed the call inet:getopts(Socket, [recbuf]) may return {ok, []}. We want to treat this as a fatal error and terminate gracefully. The same goes for the case that inet:getopts returns {error, Reason} that was not handled either.
2015-05-26ssh: Algorithms test case addedHans Nilsson
2015-05-26ssh: Undocumented option 'compression' replaced by 'preferred_algorithms'Hans Nilsson
The 'compression' option was used in the test cases. The new option 'preferred_algorithms' is much more powerful and can be used as a replacement.
2015-05-26ssh: New option 'preferred_algorithms'Hans Nilsson
This option enables the user to define which algorithms that are to be used as well as their precedences in the negotiation between server and client.
2015-05-26ssh: Remove erroneous option 'role'Hans Nilsson
This option is set internaly but there is no reason to set it when calling a function.
2015-05-21Add tests for ssh rekeyingSimon Cornish
2015-05-21Fix protocol violations during rekeyingSimon Cornish
In RFC 4253, sections 7.1 & 9 describe rekeying with special attention to the protocol messages that may be received and may not be sent during rekeying. This patch fixes a number of problems during rekeying caused by data & requests received from the network, and/or data & requests sent by the user.
2015-05-21Fix rekeying according to RFC 4253Simon Cornish
When in the connected state, an received KEXINIT message MUST be responded to with KEXINIT. After that, the client may continue with KEXDH_INIT (or similar). See the first paragraph on RFC 4253 sec. 9.
2015-05-18Merge branch 'ia/ssh/doc/types'Ingela Anderton Andin
* ia/ssh/doc/types: ssh: Align "=" sign in type declarations to decided policy
2015-05-18Merge branch 'maint'Zandra Hird
Conflicts: OTP_VERSION lib/ssh/doc/src/ssh.xml lib/ssh/vsn.mk
2015-05-18Update release notesErlang/OTP
2015-05-13ssh: option for handling the SSH_MSG_DEBUG message's printoutsHans Nilsson
A fun could be given in the options that will be called whenever the SSH_MSG_DEBUG message arrives. This enables the user to format the printout or just discard it. The default is changed to not print the message. In RFC4253 printing is a SHOULD, but our new default is to protect logs from dos attacs.