Fixing strict mode
Dependencies
- [2]
EZTTZ6OWFixing terrapin, again - [3]
EUHO3DAZSend a SSH_MSG_EXT_INFO with server-sig-algs when the client indicates they support extensions by sending ext-info-c. This allows modern clients that don't do ssh-rsa anymore because of sha1 to still use RSA keys with sha2. - [4]
2Q3SZY2CVersion bump - [5]
D6H7OWTTFixing the terrapin attack mitigation - [6]
VJIXIN4TFixing CVE-2023-48795 - [7]
CWHVPLXNVersion bump - [8]
ASD7JVBEDo not read past the size of the buffer (after Tokio 0.3) - [9]
2VTUKRLJVersion - [10]
VYDCQWSFVersion 0.30.6 - [11]
BRDS7STAAdding method `send_channel_msg` to client::Session, to make it easier to write handlers - [12]
TFYJ3P2AVersion 0.30.8/0.19.4, and solving conflicts - [13]
DJT33BQEVersion bump - [14]
7FRJYUI6Reboot because of a bad change - [15]
OQZGSEWMBuffering non-kex packets received after issuing a KEXINIT - [16]
E2SB74SVVersion 0.30.3 - [17]
PDTFLA4YVersion 0.30.7 - [18]
7Y2ROIVZVersion bump - [19]
ORSEEVB5Version bump - [20]
CQSPFH4HVersion 0.30.4 - [21]
634OYCNMTokio 0.3 - [22]
WXZWQLGLCorrect negotiation without OpenSSL - [23]
662ZS5JFVersion 0.33.2 - [24]
2WEO7OZLVersion updates: getting rid of anyhow + moving to Tokio 1.0 - [25]
FT67GGO4Version bump (Pijul and Thrussh) - [26]
G3FNNIIULimiting the amount of messages that can be buffered while rekeying to two channel windows - [*]
2SFWWZ2RRearm reading future on empty packet, and respond to server-initiated key re-exchange
Change contents
- edit in thrussh/src/server/mod.rs at line 525[28.210][2.61]
buffer.strict = session.common.write_buffer.strict;debug!("buffer strict {:?} {:?}", buffer.strict, buf[0]); - edit in thrussh/src/negotiation.rs at line 42
/// Which side we're on.pub is_server: bool, - edit in thrussh/src/negotiation.rs at line 59
is_server: true, - edit in thrussh/src/negotiation.rs at line 73
is_server: false, - edit in thrussh/src/negotiation.rs at line 88
is_server: true, - edit in thrussh/src/negotiation.rs at line 98
is_server: false, - edit in thrussh/src/negotiation.rs at line 108
is_server: true, - edit in thrussh/src/negotiation.rs at line 118
is_server: false, - edit in thrussh/src/negotiation.rs at line 128
is_server: true, - edit in thrussh/src/negotiation.rs at line 138
is_server: false, - replacement in thrussh/src/negotiation.rs at line 206
let client_supports_ext = Self::select(&[kex::CLIENT_SUPPORTS_EXT], kex_string).is_some();let server_supports_ext = Self::select(&[kex::SERVER_SUPPORTS_EXT], kex_string).is_some();let client_supports_ext = if pref.is_server {Self::select(&[kex::CLIENT_SUPPORTS_EXT], kex_string).is_some()} else {pref.kex.iter().any(|x| x == &kex::CLIENT_SUPPORTS_EXT)};let server_supports_ext = if pref.is_server {pref.kex.iter().any(|x| x == &kex::SERVER_SUPPORTS_EXT)} else {Self::select(&[kex::SERVER_SUPPORTS_EXT], kex_string).is_some()}; - replacement in thrussh/src/negotiation.rs at line 217
let client_supports_strict = Self::select(&[kex::STRICT_C], kex_string).is_some();let server_supports_strict = Self::select(&[kex::STRICT_S], kex_string).is_some();let client_supports_strict = if pref.is_server {Self::select(&[kex::STRICT_C], kex_string).is_some()} else {pref.kex.iter().any(|x| x == &kex::STRICT_C)};let server_supports_strict = if pref.is_server {pref.kex.iter().any(|x| x == &kex::STRICT_S)} else {Self::select(&[kex::STRICT_S], kex_string).is_some()}; - edit in thrussh/src/client/mod.rs at line 886[28.716][2.560]
buffer.strict = self.common.write_buffer.strict; - replacement in thrussh/Cargo.toml at line 5
version = "0.35.3"version = "0.35.4"