Rust SSH client & server library
Handler
traits859e685: refactor
Handler
trait to use mutable reference instead of owned variables (Alessandro Ricottone) #247
The Handler
traits no longer take ownership of both self
and Session
or have to return them. These have been replaced with normal &mut
references.
You will need to update your Handler
impls to match the new method signatures, for example:
async fn channel_open_session(
- self,
+ &mut self,
channel: Channel<Msg>,
- session: Session,
+ session: &mut Session,
- ) -> Result<(Self, bool, Session), Self::Error> {
+ ) -> Result<bool, Self::Error> {
...
- Ok((self, true, session))
+ Ok(true)
}
async fn auth_publickey(
- self,
+ &mut self,
_: &str,
_: &key::PublicKey,
- ) -> Result<(Self, server::Auth), Self::Error> {
+ ) -> Result<server::Auth, Self::Error> {
...
- Ok((self, server::Auth::Accept))
+ Ok(server::Auth::Accept)
}
russh::server::run
moved into the Server
traita592366: Move run and run_on_socket to Server trait (Alessandro Ricottone) #247
You'll need to replace the call to run
with a call to Server::run_on_address
, for example:
- russh::server::run(config, ("0.0.0.0", 2222), &mut server).await?;
+ server.run_on_address(config, ("0.0.0.0", 2222)).await?;
}
Preferred::key
and the available host keys don't match (#262) #262
Handler
traits859e685: refactor
Handler
trait to use mutable reference instead of owned variables (Alessandro Ricottone) #247
The Handler
traits no longer take ownership of both self
and Session
or have to return them. These have been replaced with normal &mut
references.
You will need to update your Handler
impls to match the new method signatures, for example:
async fn channel_open_session(
- self,
+ &mut self,
channel: Channel<Msg>,
- session: Session,
+ session: &mut Session,
- ) -> Result<(Self, bool, Session), Self::Error> {
+ ) -> Result<bool, Self::Error> {
...
- Ok((self, true, session))
+ Ok(true)
}
async fn auth_publickey(
- self,
+ &mut self,
_: &str,
_: &key::PublicKey,
- ) -> Result<(Self, server::Auth), Self::Error> {
+ ) -> Result<server::Auth, Self::Error> {
...
- Ok((self, server::Auth::Accept))
+ Ok(server::Auth::Accept)
}
russh::server::run
moved into the Server
traita592366: Move run and run_on_socket to Server trait (Alessandro Ricottone) #247
You'll need to replace the call to run
with a call to Server::run_on_address
, for example:
- russh::server::run(config, ("0.0.0.0", 2222), &mut server).await?;
+ server.run_on_address(config, ("0.0.0.0", 2222)).await?;
}
diffie-hellman-group16-sha512
hex (Brendon Ho) #233
russh::server::run_on_socket
to facilitate dropping privileges immediately after socket binding (Samuel Ainsworth) #231
proceed_with_methods
in "none" and "password" authentication methods (Samuel Ainsworth) #241
server::Config
A flaw in the SSH protocol itself allows an active MitM attacker to prevent the client & server from negotiating OpenSSH security extensions, or, with AsyncSSH, take control of the user's session.
This release adds the support for the kex-strict-*[email protected]
extensions designed by OpenSSH specifically to prevent this attack.
More info: https://terrapin-attack.com
ChannelStream
rebuild (Maya the bee) #181
ChannelStream
is now generic over the same type as the parent Channel
AsyncRead
and AsyncWrite
handles for a channel, as well as its extended streams with make_reader(_ext)
and make_writer(_ext)
.Server::handle_session_error
and session closure loggingChannelMsg::WindowAdjusted
during data transfer (Joe Grund) #180
server::Handler::auth_publickey
method has been changed.
auth_publickey_offer
and will accept all offers by default.auth_publickey
method, no action is needed.
auth_publickey_offer
.openssl
feature is disablednone
HMAC from the default algorithm listConfig::connection_timeout
to Config::inactivity_timeout
to better reflect its purposeCURVE25519
is now curve25519-sha256
instead of [email protected]
[email protected]
is still available as CURVE25519_PRE_RFC_8731
Error::UnsupportedKeyType
now holds a String (Lucas Kent) #161
A malicious client/server could negotiate insecure Diffie-Hellman key exchange parameters in way that leads to an insecure shared secret and breaks confidentiality of the connection traffic.
Session::id
methodConfig
struct.direct-streamlocal
) (mllken)