Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump dependencies + clippy warnings #71

Merged
merged 5 commits into from
Sep 11, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,6 @@ jobs:
- name: run ssh
run: mkdir /run/sshd && /usr/sbin/sshd -T &&/usr/sbin/sshd -D -p 8888 &
- name: Test
run: cargo test --all-features
run: cargo test --all-features -- --test-threads 1
- name: Doc test
run: cargo test --doc --all-features
15 changes: 8 additions & 7 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -22,16 +22,17 @@ dangerous-dh-group1-sha1 = []
log = "0.4"
rand = "0.8"
num-bigint = { version = "0.4", features = ["rand"] }
strum = "0.24"
strum_macros = "0.24"
strum = "0.25"
strum_macros = "0.25"
# the crate rsa has removed the internal hash implement from 0.7.0
sha1 = { version = "0.10.5", default-features = false, features = ["oid"], optional = true }
sha2 = { version = "0.10.6", default-features = false, features = ["oid"]}
rsa = "^0.7"
aes = { version = "0.7", features = ["ctr"] }
ssh-key = { version = "0.5.1", features = ["rsa", "ed25519"]}
signature = "1.6.4"
ring = "0.16.20"
rsa = "0.9"
aes = "0.8"
ctr = "0.9"
ssh-key = { version = "0.6", features = ["rsa", "ed25519", "alloc"]}
signature = "2.1"
ring = "0.16"
filetime = "0.2"

# async
Expand Down
8 changes: 8 additions & 0 deletions build_check.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,14 @@ cargo fmt --all -- --check > /dev/null
echo done
echo
echo
echo clippy check
cargo clippy -- -D warnings > /dev/null
echo
echo
echo clippy all check
cargo clippy --all-features -- -D warnings > /dev/null
echo
echo
echo linux build check
cargo build --target x86_64-unknown-linux-gnu > /dev/null
echo done
Expand Down
3 changes: 2 additions & 1 deletion changelog
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
v0.3.3 (TBD)
v0.3.3 (2023-09-10)
1. fix hang when tcp connects to a non-existent host
2. refactor aes_ctr file
3. translate the changelogs
4. use std::time::Duration as timeout rather than u128
5. add the support for ssh message `SSH_MSG_CHANNEL_EXTENDED_DATA`
6. bump dependencies

v0.3.2 (2023-01-10)
1. fix some error with hmac2
Expand Down
18 changes: 11 additions & 7 deletions src/algorithm/encryption/aes_ctr.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,12 @@ use crate::algorithm::hash::Hash;
use crate::algorithm::mac::Mac;
use crate::error::SshError;
use crate::SshResult;
use aes::cipher::{NewCipher, StreamCipher, StreamCipherSeek};
use aes::{Aes128Ctr, Aes192Ctr, Aes256Ctr};
use aes::cipher::{KeyIvInit, StreamCipher, StreamCipherSeek};
use ctr;

type Aes128Ctr64BE = ctr::Ctr64BE<aes::Aes128>;
type Aes192Ctr64BE = ctr::Ctr64BE<aes::Aes192>;
type Aes256Ctr64BE = ctr::Ctr64BE<aes::Aes256>;

const CTR128_BLOCK_SIZE: usize = 16;
const CTR192_BLOCK_SIZE: usize = 24;
Expand Down Expand Up @@ -65,8 +69,8 @@ macro_rules! crate_aes {
siv.clone_from_slice(&hash.iv_s_c[..$iv_size]);

// TODO unwrap
let c = $alg::new_from_slices(&ckey, &civ).unwrap();
let r = $alg::new_from_slices(&skey, &siv).unwrap();
let c = $alg::new(&ckey.into(), &civ.into());
let r = $alg::new(&skey.into(), &siv.into());
// hmac
let (ik_c_s, ik_s_c) = hash.mix_ik(mac.bsize());
$name {
Expand Down Expand Up @@ -133,8 +137,8 @@ macro_rules! crate_aes {
}

// aes-128-ctr
crate_aes!(Ctr128, Aes128Ctr, CTR128_BLOCK_SIZE, IV_SIZE);
crate_aes!(Ctr128, Aes128Ctr64BE, CTR128_BLOCK_SIZE, IV_SIZE);
// aes-192-ctr
crate_aes!(Ctr192, Aes192Ctr, CTR192_BLOCK_SIZE, IV_SIZE);
crate_aes!(Ctr192, Aes192Ctr64BE, CTR192_BLOCK_SIZE, IV_SIZE);
// aes-256-ctr
crate_aes!(Ctr256, Aes256Ctr, CTR256_BLOCK_SIZE, IV_SIZE);
crate_aes!(Ctr256, Aes256Ctr64BE, CTR256_BLOCK_SIZE, IV_SIZE);
9 changes: 5 additions & 4 deletions src/algorithm/public_key/rsa.rs
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
use crate::algorithm::public_key::PublicKey as PubK;
use crate::model::Data;
use crate::SshError;
use rsa::PublicKey;
//use rsa::PublicKey;
use rsa::pkcs1v15::Pkcs1v15Sign;

pub(super) struct RsaSha256;

Expand All @@ -20,7 +21,7 @@ impl PubK for RsaSha256 {
let e = rsa::BigUint::from_bytes_be(data.get_u8s().as_slice());
let n = rsa::BigUint::from_bytes_be(data.get_u8s().as_slice());
let public_key = rsa::RsaPublicKey::new(n, e).unwrap();
let scheme = rsa::PaddingScheme::new_pkcs1v15_sign::<sha2::Sha256>();
let scheme = Pkcs1v15Sign::new::<sha2::Sha256>();

let digest = ring::digest::digest(&ring::digest::SHA256, message);
let msg = digest.as_ref();
Expand All @@ -46,7 +47,7 @@ impl PubK for RsaSha512 {
let e = rsa::BigUint::from_bytes_be(data.get_u8s().as_slice());
let n = rsa::BigUint::from_bytes_be(data.get_u8s().as_slice());
let public_key = rsa::RsaPublicKey::new(n, e).unwrap();
let scheme = rsa::PaddingScheme::new_pkcs1v15_sign::<sha2::Sha512>();
let scheme = Pkcs1v15Sign::new::<sha2::Sha512>();

let digest = ring::digest::digest(&ring::digest::SHA512, message);
let msg = digest.as_ref();
Expand All @@ -73,7 +74,7 @@ impl PubK for RsaSha1 {
let e = rsa::BigUint::from_bytes_be(data.get_u8s().as_slice());
let n = rsa::BigUint::from_bytes_be(data.get_u8s().as_slice());
let public_key = rsa::RsaPublicKey::new(n, e).unwrap();
let scheme = rsa::PaddingScheme::new_pkcs1v15_sign::<sha1::Sha1>();
let scheme = Pkcs1v15Sign::new::<sha1::Sha1>();

let digest = ring::digest::digest(&ring::digest::SHA1_FOR_LEGACY_USE_ONLY, message);
let msg = digest.as_ref();
Expand Down
8 changes: 4 additions & 4 deletions src/channel/backend/channel_scp.rs
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,7 @@ impl ScpBroker {
Ok(())
}

fn send_file(&mut self, scp_file: &mut ScpFile) -> SshResult<()> {
fn send_file(&mut self, scp_file: &ScpFile) -> SshResult<()> {
let mut file = match File::open(scp_file.local_path.as_path()) {
Ok(f) => f,
// 文件打开异常,不影响后续操作
Expand Down Expand Up @@ -394,7 +394,7 @@ impl ScpBroker {
self.save_file(scp_file)
}

fn save_file(&mut self, scp_file: &mut ScpFile) -> SshResult<()> {
fn save_file(&mut self, scp_file: &ScpFile) -> SshResult<()> {
log::debug!(
"name: [{}] size: [{}] type: [file] start download.",
scp_file.name,
Expand Down Expand Up @@ -449,7 +449,7 @@ impl ScpBroker {
}

#[cfg(windows)]
fn sync_permissions(&self, scp_file: &mut ScpFile) {
fn sync_permissions(&self, scp_file: &ScpFile) {
let modify_time = filetime::FileTime::from_unix_time(scp_file.modify_time, 0);
let access_time = filetime::FileTime::from_unix_time(scp_file.access_time, 0);
if let Err(e) =
Expand All @@ -466,7 +466,7 @@ impl ScpBroker {
}

#[cfg(any(target_os = "linux", target_os = "macos"))]
fn sync_permissions(&self, scp_file: &mut ScpFile, file: fs::File) {
fn sync_permissions(&self, scp_file: &ScpFile, file: fs::File) {
let modify_time = filetime::FileTime::from_unix_time(scp_file.modify_time, 0);
let access_time = filetime::FileTime::from_unix_time(scp_file.access_time, 0);
if let Err(e) =
Expand Down
4 changes: 2 additions & 2 deletions src/channel/local/channel_scp.rs
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,7 @@ where
Ok(())
}

fn send_file(&mut self, scp_file: &mut ScpFile) -> SshResult<()> {
fn send_file(&mut self, scp_file: &ScpFile) -> SshResult<()> {
let mut file = match File::open(scp_file.local_path.as_path()) {
Ok(f) => f,
// 文件打开异常,不影响后续操作
Expand Down Expand Up @@ -460,7 +460,7 @@ where
}

#[cfg(any(target_os = "linux", target_os = "macos"))]
fn sync_permissions(&self, scp_file: &mut ScpFile, file: fs::File) {
fn sync_permissions(&self, scp_file: &ScpFile, file: fs::File) {
let modify_time = filetime::FileTime::from_unix_time(scp_file.modify_time, 0);
let access_time = filetime::FileTime::from_unix_time(scp_file.access_time, 0);
if let Err(e) =
Expand Down
2 changes: 1 addition & 1 deletion src/client/client_auth.rs
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ use crate::{
use super::Client;

impl Client {
pub fn do_auth<S>(&mut self, stream: &mut S, digest: &mut Digest) -> SshResult<()>
pub fn do_auth<S>(&mut self, stream: &mut S, digest: &Digest) -> SshResult<()>
where
S: Read + Write,
{
Expand Down
18 changes: 7 additions & 11 deletions src/config/auth.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ use crate::algorithm::{
use crate::model::Data;
use crate::{SshError, SshResult};
use rsa::pkcs1::DecodeRsaPrivateKey;
use rsa::PublicKeyParts;
use rsa::pkcs1v15::Pkcs1v15Sign;
use rsa::traits::PublicKeyParts;
use std::fmt::Debug;
use std::fs::File;
use std::io::Read;
Expand Down Expand Up @@ -93,16 +94,16 @@ impl KeyPair {
KeyType::PemRsa | KeyType::SshRsa => {
let (scheme, digest) = match alg {
PubKey::RsaSha2_512 => (
rsa::PaddingScheme::new_pkcs1v15_sign::<sha2::Sha512>(),
Pkcs1v15Sign::new::<sha2::Sha512>(),
ring::digest::digest(&ring::digest::SHA512, sd),
),
PubKey::RsaSha2_256 => (
rsa::PaddingScheme::new_pkcs1v15_sign::<sha2::Sha256>(),
Pkcs1v15Sign::new::<sha2::Sha256>(),
ring::digest::digest(&ring::digest::SHA256, sd),
),
#[cfg(feature = "dangerous-rsa-sha1")]
PubKey::SshRsa => (
rsa::PaddingScheme::new_pkcs1v15_sign::<sha1::Sha1>(),
Pkcs1v15Sign::new::<sha1::Sha1>(),
ring::digest::digest(&ring::digest::SHA1_FOR_LEGACY_USE_ONLY, sd),
),
_ => unreachable!(),
Expand Down Expand Up @@ -153,19 +154,14 @@ impl KeyPair {
}
}

#[derive(Clone)]
#[derive(Clone, Default)]
pub(super) enum KeyType {
#[default]
PemRsa,
SshRsa,
SshEd25519,
}

impl Default for KeyType {
fn default() -> Self {
KeyType::PemRsa
}
}

#[derive(Clone, Default)]
pub(crate) struct AuthInfo {
pub username: String,
Expand Down
9 changes: 2 additions & 7 deletions src/config/version.rs
Original file line number Diff line number Diff line change
Expand Up @@ -10,19 +10,14 @@ use crate::{
type OurVer = String;
type ServerVer = String;

#[derive(Debug, Clone)]
#[derive(Debug, Clone, Default)]
pub(crate) enum SshVersion {
V1,
V2(OurVer, ServerVer),
#[default]
Unknown,
}

impl Default for SshVersion {
fn default() -> Self {
SshVersion::Unknown
}
}

fn read_version<S>(stream: &mut S, tm: Option<Duration>) -> SshResult<Vec<u8>>
where
S: Read,
Expand Down
4 changes: 2 additions & 2 deletions src/model/data.rs
Original file line number Diff line number Diff line change
Expand Up @@ -122,14 +122,14 @@ impl Data {

// 获取32位无符号整型
pub fn get_u32(&mut self) -> u32 {
let u32_buf = self.0.drain(..4).into_iter().collect::<Vec<u8>>();
let u32_buf = self.0.drain(..4).collect::<Vec<u8>>();
u32::from_be_bytes(u32_buf.try_into().unwrap())
}

// 获取字节数组
pub fn get_u8s(&mut self) -> Vec<u8> {
let len = self.get_u32() as usize;
let bytes = self.0.drain(..len).into_iter().collect::<Vec<u8>>();
let bytes = self.0.drain(..len).collect::<Vec<u8>>();
bytes
}

Expand Down
2 changes: 1 addition & 1 deletion src/session/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ where
digest.hash_ctx.set_i_s(server_algs.get_inner());
let server_algs = AlgList::unpack(server_algs)?;
client.key_agreement(&mut stream, server_algs, &mut digest)?;
client.do_auth(&mut stream, &mut digest)?;
client.do_auth(&mut stream, &digest)?;
Ok(Self {
inner: SessionState::Connected(client, stream),
})
Expand Down