bumped russh

2024-09-20 06:46:17 +08:00 · 2024-07-09 22:43:14 +02:00 · 2024-07-09 22:43:14 +02:00 · 7df98f73e0
parent 9582a6e0ae
commit 7df98f73e0
4 changed files with 15 additions and 10 deletions
--- a/warpgate-admin/Cargo.toml
+++ b/warpgate-admin/Cargo.toml
@ -24,8 +24,8 @@ poem-openapi = { version = "2.0", features = [
    "uuid",
    "static-files",
 ] }
-russh-keys = { version = "0.43.0", features = ["openssl"] }
-# russh-keys = { version = "0.23.0-beta.1", features = ["openssl"], path = "../../russh/russh-keys" }
+russh-keys = { version = "0.44.0-beta.3" }
+# russh-keys = { version = "0.23.0-beta.1", path = "../../russh/russh-keys" }
 rust-embed = "8.3"
 sea-orm = { version = "0.12.2", features = [
    "runtime-tokio-native-tls",
--- a/warpgate-protocol-ssh/Cargo.toml
+++ b/warpgate-protocol-ssh/Cargo.toml
@ -14,10 +14,10 @@ dialoguer = "0.10"
 curve25519-dalek = "4.0.0" # pin due to build fail on x86
 ed25519-dalek = "2.0.0" # pin due to build fail on x86 in 2.1
 futures = "0.3"
-russh = { version = "0.43.0", features = ["vendored-openssl"] }
-# russh = { version = "0.35.0-beta.6", features = ["vendored-openssl"], path = "../../russh/russh"}
-russh-keys = { version = "0.43.0", features = ["vendored-openssl"] }
-# russh-keys = { version = "0.23.0-beta.1", features = ["vendored-openssl"], path = "../../russh/russh-keys" }
+russh = { version = "0.44.0-beta.3" }
+# russh = { version = "0.35.0-beta.6", path = "../../russh/russh"}
+russh-keys = { version = "0.44.0-beta.3" }
+# russh-keys = { version = "0.23.0-beta.1", path = "../../russh/russh-keys" }
 sea-orm = { version = "0.12.2", features = [
    "runtime-tokio-native-tls",
 ], default-features = false }
--- a/warpgate-protocol-ssh/src/client/mod.rs
+++ b/warpgate-protocol-ssh/src/client/mod.rs
@ -2,6 +2,7 @@ mod channel_direct_tcpip;
 mod channel_session;
 mod error;
 mod handler;
+use std::borrow::Cow;
 use std::collections::HashMap;
 use std::io;
 use std::net::ToSocketAddrs;
@ -403,9 +404,12 @@ impl RemoteClient {
        info!(?address, username = &ssh_options.username[..], "Connecting");
        let algos = if ssh_options.allow_insecure_algos.unwrap_or(false) {
            Preferred {
-                kex: &[
+                kex: Cow::Borrowed(&[
                    kex::CURVE25519,
                    kex::CURVE25519_PRE_RFC_8731,
+                    kex::ECDH_SHA2_NISTP256,
+                    kex::ECDH_SHA2_NISTP384,
+                    kex::ECDH_SHA2_NISTP512,
                    kex::DH_G16_SHA512,
                    kex::DH_G14_SHA256, // non-default
                    kex::DH_G14_SHA256,
@ -414,7 +418,7 @@ impl RemoteClient {
                    kex::EXTENSION_SUPPORT_AS_SERVER,
                    kex::EXTENSION_OPENSSH_STRICT_KEX_AS_CLIENT,
                    kex::EXTENSION_OPENSSH_STRICT_KEX_AS_SERVER,
-                ],
+                ]),
                ..<_>::default()
            }
        } else {
--- a/warpgate-protocol-ssh/src/server/mod.rs
+++ b/warpgate-protocol-ssh/src/server/mod.rs
@ -3,6 +3,7 @@ mod russh_handler;
 mod service_output;
 mod session;
 mod session_handle;
+use std::borrow::Cow;
 use std::fmt::Debug;
 use std::net::SocketAddr;
 use std::sync::Arc;
@ -32,12 +33,12 @@ pub async fn run_server(services: Services, address: SocketAddr) -> Result<()> {
            keys: load_host_keys(&config)?,
            event_buffer_size: 100,
            preferred: Preferred {
-                key: &[
+                key: Cow::Borrowed(&[
                    russh_keys::key::ED25519,
                    russh_keys::key::RSA_SHA2_256,
                    russh_keys::key::RSA_SHA2_512,
                    russh_keys::key::SSH_RSA,
-                ],
+                ]),
                ..<_>::default()
            },
            ..<_>::default()