pijul nest
guest [sign in] [explore]

Improving the reply to subsystem requests

pmeunier
Sep 12, 2025, 2:13 PM
J2EHDSAFCDJILCEZE4RXVON7WZ6LK4D7QUZSBID5UM63SEBFHXDAC

Dependencies

  • [2] EZX5NV5A Reply to subsystem (and version 0.40)
  • [3] FT67GGO4 Version bump (Pijul and Thrussh)
  • [4] EZTTZ6OW Fixing terrapin, again
  • [5] ASD7JVBE Do not read past the size of the buffer (after Tokio 0.3)
  • [6] 7FRJYUI6 Reboot because of a bad change
  • [7] 7Y2ROIVZ Version bump
  • [8] 2VTUKRLJ Version
  • [9] OQZGSEWM Buffering non-kex packets received after issuing a KEXINIT
  • [10] 2Q3SZY2C Version bump
  • [11] OBHPOIUH Modernising the API with async traits
  • [12] LYRZREY7 Adding support for MACs and AES in CTR mode
  • [13] CQSPFH4H Version 0.30.4
  • [14] ORSEEVB5 Version bump
  • [15] PDTFLA4Y Version 0.30.7
  • [16] SKTE2HF6 Version 0.37
  • [17] E2SB74SV Version 0.30.3
  • [18] R5J3MB56 Client newkeys was not always resetting the sequence counter
  • [19] SMUTYV2C Fixing warnings
  • [20] CWHVPLXN Version bump
  • [21] G3FNNIIU Limiting the amount of messages that can be buffered while rekeying to two channel windows
  • [22] 662ZS5JF Version 0.33.2
  • [23] TFYJ3P2A Version 0.30.8/0.19.4, and solving conflicts
  • [24] BRDS7STA Adding method `send_channel_msg` to client::Session, to make it easier to write handlers
  • [25] WXZWQLGL Correct negotiation without OpenSSL
  • [26] 32GIIFWR Fixing strict mode
  • [27] D6H7OWTT Fixing the terrapin attack mitigation
  • [28] VYDCQWSF Version 0.30.6
  • [29] 2WEO7OZL Version updates: getting rid of anyhow + moving to Tokio 1.0
  • [30] 634OYCNM Tokio 0.3
  • [31] DJT33BQE Version bump

Change contents

  • replacement in thrussh/src/server/encrypted.rs at line 710
    [3.10758][3.256434:256513](),[3.256434][3.256434:256513]()
    debug!("handler.subsystem_request {:?}", channel_num);
    [3.10758]
    [3.256513]
    debug!(
    "handler.subsystem_request {:?} {:?}",
    channel_num, wants_reply
    );
  • edit in thrussh/src/server/encrypted.rs at line 715
    [3.256570]
    [2.129]
    let w_len = if wants_reply != 0 {
    if let Some(ref mut enc) = self.common.encrypted {
    let w_len = enc.write.len();
    push_packet!(enc.write, enc.write.push(msg::CHANNEL_SUCCESS));
    w_len
    } else {
    0
    }
    } else {
    0
    };
  • replacement in thrussh/src/server/encrypted.rs at line 730
    [2.260][2.260:306]()
    if wants_reply != 0 {
    [2.260]
    [2.306]
    if !success && wants_reply != 0 {
  • replacement in thrussh/src/server/encrypted.rs at line 733
    [2.382][2.382:779]()
    push_packet!(
    enc.write,
    enc.write.push(if success {
    msg::REQUEST_SUCCESS
    } else {
    msg::REQUEST_FAILURE
    })
    )
    [2.382]
    [2.779]
    use std::ops::DerefMut;
    enc.write.deref_mut()[w_len + 4] = msg::CHANNEL_FAILURE
  • replacement in thrussh/Cargo.toml at line 5
    [3.426214][2.836:855]()
    version = "0.40.0"
    [3.426214]
    [3.426233]
    version = "0.40.2"