From f505644be64cd4844742b361a8ff411d70f4aa88 Mon Sep 17 00:00:00 2001
From: Niclas Eklund <nick@erlang.org>
Date: Fri, 15 Apr 2011 15:49:42 +0200
Subject: Adds NIFs for cryptographically strong random number generation. Also
 adds documentation and unit tests.

Thanks to Geoff Cant.
---
 lib/ssh/src/ssh_bits.erl               | 54 ++++------------------------------
 lib/ssh/src/ssh_connection_handler.erl |  2 --
 2 files changed, 5 insertions(+), 51 deletions(-)

(limited to 'lib/ssh')

diff --git a/lib/ssh/src/ssh_bits.erl b/lib/ssh/src/ssh_bits.erl
index 399581a0fd..50bde83cdb 100755
--- a/lib/ssh/src/ssh_bits.erl
+++ b/lib/ssh/src/ssh_bits.erl
@@ -34,7 +34,7 @@
 %% integer utils
 -export([isize/1]).
 -export([irandom/1, irandom/3]).
--export([random/1, random/3]).
+-export([random/1]).
 -export([xor_bits/2, fill_bits/2]).
 -export([i2bin/2, bin2i/1]).
 
@@ -401,9 +401,6 @@ xor_bits(XBits, YBits) ->
 irandom(Bits) ->
     irandom(Bits, 1, 0).
 
-%% irandom_odd(Bits) ->
-%%     irandom(Bits, 1, 1).
-
 %%
 %% irandom(N, Top, Bottom)
 %%
@@ -414,57 +411,16 @@ irandom(Bits) ->
 %%       Bot = 0 - do not set the least signifcant bit
 %%       Bot = 1 - set the least signifcant bit (i.e always odd)
 %%
-irandom(0, _Top, _Bottom) -> 
-    0;
-irandom(Bits, Top, Bottom) ->
-    Bytes = (Bits+7) div 8,
-    Skip  = (8-(Bits rem 8)) rem 8,
-    TMask = case Top of
-		  0 -> 0;
-		  1 -> 16#80;
-		  2 -> 16#c0
-	      end,
-    BMask = case Bottom of
-		0 -> 0;
-		1 -> (1 bsl Skip)
-	    end,
-    <<X:Bits/big-unsigned-integer, _:Skip>> = random(Bytes, TMask, BMask),
-    X.
+irandom(Bits, Top, Bottom) when is_integer(Top),
+                                0 =< Top, Top =< 2 ->
+    crypto:erlint(crypto:strong_rand_uniform(Bits, Top - 1, Bottom)).
 
 %%
 %% random/1
 %%   Generate N random bytes
 %%
 random(N) ->
-    random(N, 0, 0).
-
-random(N, TMask, BMask) ->
-    list_to_binary(rnd(N, TMask, BMask)).
-
-%% random/3
-%%   random(Bytes, TopMask, BotMask)
-%% where 
-%% Bytes is the number of bytes to generate
-%% TopMask is bitwised or'ed to the first byte
-%% BotMask is bitwised or'ed to the last byte
-%%
-rnd(0, _TMask, _BMask) ->
-    [];
-rnd(1, TMask, BMask) ->
-    [(rand8() bor TMask) bor BMask];
-rnd(N, TMask, BMask) ->
-    [(rand8() bor TMask) | rnd_n(N-1, BMask)].
-
-rnd_n(1, BMask) ->
-    [rand8() bor BMask];
-rnd_n(I, BMask) ->
-    [rand8() | rnd_n(I-1, BMask)].
-
-rand8() ->
-    (rand32() bsr 8) band 16#ff.
-
-rand32() ->
-    random:uniform(16#100000000) -1.
+    crypto:strong_rand_bytes(N).
 
 %%
 %% Base 64 encode/decode
diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index 0ba11b0a26..a7340b280c 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -106,8 +106,6 @@ peer_address(ConnectionHandler) ->
 %% initialize. 
 %%--------------------------------------------------------------------
 init([Role, Manager, Socket, SshOpts]) ->
-    {A,B,C} = erlang:now(),
-    random:seed(A, B, C),
     {NumVsn, StrVsn} = ssh_transport:versions(Role, SshOpts),
     ssh_bits:install_messages(ssh_transport:transport_messages(NumVsn)),
     {Protocol, Callback, CloseTag} = 
-- 
cgit v1.2.3


From c31065c750e37d5368398e9e2a741a1d4ec0588c Mon Sep 17 00:00:00 2001
From: Niclas Eklund <nick@erlang.org>
Date: Mon, 18 Apr 2011 14:58:18 +0200
Subject: Fixed SSH appup, copyright headers SSH vsn and SSH release note.

---
 lib/ssh/doc/src/notes.xml              | 13 +++++++++++++
 lib/ssh/src/ssh.appup.src              | 26 ++++++++++++++++++--------
 lib/ssh/src/ssh_bits.erl               |  2 +-
 lib/ssh/src/ssh_connection_handler.erl |  2 +-
 lib/ssh/vsn.mk                         |  2 +-
 5 files changed, 34 insertions(+), 11 deletions(-)

(limited to 'lib/ssh')

diff --git a/lib/ssh/doc/src/notes.xml b/lib/ssh/doc/src/notes.xml
index af667b1a71..224b9d4af7 100644
--- a/lib/ssh/doc/src/notes.xml
+++ b/lib/ssh/doc/src/notes.xml
@@ -29,6 +29,19 @@
     <file>notes.xml</file>
   </header>
 
+<section><title>Ssh 2.0.5</title>
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+            Strengthened random number generation. (Thanks to Geoff Cant)</p>
+          <p>
+            Own Id: OTP-9225</p>
+        </item>
+      </list>
+    </section>
+</section>
+
 <section><title>Ssh 2.0.4</title>
     <section><title>Fixed Bugs and Malfunctions</title>
       <list>
diff --git a/lib/ssh/src/ssh.appup.src b/lib/ssh/src/ssh.appup.src
index 501da8ceb9..9be8c3c7d5 100644
--- a/lib/ssh/src/ssh.appup.src
+++ b/lib/ssh/src/ssh.appup.src
@@ -19,34 +19,44 @@
 
 {"%VSN%",	
  [
-  {"2.0.3", [{load_module, ssh_file, soft_purge, soft_purge, []},
+  {"2.0.4", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []}]},
+  {"2.0.3", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []},
+             {load_module, ssh_file, soft_purge, soft_purge, []},
              {load_module, ssh, soft_purge, soft_purge, []},
              {load_module, ssh_rsa, soft_purge, soft_purge, []},
              {load_module, ssh_acceptor, soft_purge, soft_purge, []},
              {load_module, ssh_transport, soft_purge, soft_purge, []},
              {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]},
-  {"2.0.2", [{load_module, ssh_file, soft_purge, soft_purge, []},
+  {"2.0.2", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []},
+             {load_module, ssh_file, soft_purge, soft_purge, []},
              {load_module, ssh, soft_purge, soft_purge, []},
              {load_module, ssh_rsa, soft_purge, soft_purge, []},
              {load_module, ssh_acceptor, soft_purge, soft_purge, []},
              {load_module, ssh_transport, soft_purge, soft_purge, []},
-             {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]},
-  {"2.0.1", [{restart_application, ssh}]}
+             {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]}
  ],
  [
-  {"2.0.3", [{load_module, ssh_file, soft_purge, soft_purge, []},
+  {"2.0.4", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []}]},
+  {"2.0.3", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []},
+             {load_module, ssh_file, soft_purge, soft_purge, []},
              {load_module, ssh, soft_purge, soft_purge, []},
              {load_module, ssh_rsa, soft_purge, soft_purge, []},
              {load_module, ssh_acceptor, soft_purge, soft_purge, []},
              {load_module, ssh_transport, soft_purge, soft_purge, []},
              {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]},
-  {"2.0.2", [{load_module, ssh_file, soft_purge, soft_purge, []},
+  {"2.0.2", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []},
+             {load_module, ssh_file, soft_purge, soft_purge, []},
              {load_module, ssh, soft_purge, soft_purge, []},
              {load_module, ssh_rsa, soft_purge, soft_purge, []},
              {load_module, ssh_acceptor, soft_purge, soft_purge, []},
              {load_module, ssh_transport, soft_purge, soft_purge, []},
-             {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]},
-  {"2.0.1", [{restart_application, ssh}]}
+             {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]}
  ]
 }.
 
diff --git a/lib/ssh/src/ssh_bits.erl b/lib/ssh/src/ssh_bits.erl
index 50bde83cdb..ae89f31355 100755
--- a/lib/ssh/src/ssh_bits.erl
+++ b/lib/ssh/src/ssh_bits.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2005-2010. All Rights Reserved.
+%% Copyright Ericsson AB 2005-2011. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index a7340b280c..2d82e6d77d 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2008-2010. All Rights Reserved.
+%% Copyright Ericsson AB 2008-2011. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
diff --git a/lib/ssh/vsn.mk b/lib/ssh/vsn.mk
index 51f9f47446..8c9f671fd5 100644
--- a/lib/ssh/vsn.mk
+++ b/lib/ssh/vsn.mk
@@ -1,5 +1,5 @@
 #-*-makefile-*-   ; force emacs to enter makefile-mode
 
-SSH_VSN = 2.0.4
+SSH_VSN = 2.0.5
 APP_VSN    = "ssh-$(SSH_VSN)"
 
-- 
cgit v1.2.3


From afe36b58bb77012f94b19213ed9602c2eb9fd420 Mon Sep 17 00:00:00 2001
From: Niclas Eklund <nick@erlang.org>
Date: Tue, 19 Apr 2011 13:35:29 +0200
Subject: Renamed the function strong_rand_uniform to strong_rand_mpint. Added
 some checks in crypto.erl and crypto.c. Changed ssh_bits to use
 strong_rand_mpint.

---
 lib/ssh/src/ssh_bits.erl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/ssh')

diff --git a/lib/ssh/src/ssh_bits.erl b/lib/ssh/src/ssh_bits.erl
index ae89f31355..3f0a06575c 100755
--- a/lib/ssh/src/ssh_bits.erl
+++ b/lib/ssh/src/ssh_bits.erl
@@ -413,7 +413,7 @@ irandom(Bits) ->
 %%
 irandom(Bits, Top, Bottom) when is_integer(Top),
                                 0 =< Top, Top =< 2 ->
-    crypto:erlint(crypto:strong_rand_uniform(Bits, Top - 1, Bottom)).
+    crypto:erlint(crypto:strong_rand_mpint(Bits, Top - 1, Bottom)).
 
 %%
 %% random/1
-- 
cgit v1.2.3