Merge branch 'main' into dev

# Conflicts:
#	src/channel/local/channel.rs
#	src/channel/local/mod.rs
#	src/channel/mod.rs
#	src/constant.rs

.github/workflows/build.yml

@@ -83,8 +83,28 @@ jobs:
         run: apk add --no-cache --update sudo openssh bash openssh-keygen gcc musl-dev rust cargo
       - name: add user
         run: addgroup ubuntu && adduser --shell /bin/ash --disabled-password --home /home/ubuntu --ingroup ubuntu ubuntu && echo "ubuntu:password" | chpasswd
-      - name: config ssh
-        run: ssh-keygen -A && sed -i -E "s|(AuthorizedKeysFile).*|\1 %h/.ssh/authorized_keys|g" /etc/ssh/sshd_config && echo "HostKeyAlgorithms=+ssh-rsa" >> /etc/ssh/sshd_config && echo "PubkeyAcceptedAlgorithms=+ssh-rsa" >> /etc/ssh/sshd_config && echo "KexAlgorithms=+diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" >> /etc/ssh/sshd_config && sed -i -E "s/#?(ChallengeResponseAuthentication|PasswordAuthentication).*/\1 yes/g" /etc/ssh/sshd_config
+      - name: config ssh keys
+        run: ssh-keygen -A 
+      - name: generate dsa keys
+        run: ssh-keygen -t dsa -b 1024 -N '' -f /etc/ssh/ssh_host_dsa_key
+      - name: add pubkey authentication
+        run: sed -i -E "s|(AuthorizedKeysFile).*|\1 %h/.ssh/authorized_keys|g" /etc/ssh/sshd_config
+      - name: enable password authentication
+        run: sed -i -E "s/#?(ChallengeResponseAuthentication|PasswordAuthentication).*/\1 yes/g" /etc/ssh/sshd_config
+      - name: add deprecated pubkeys
+        run: echo "HostKeyAlgorithms=+ssh-rsa,ssh-dss" >> /etc/ssh/sshd_config && echo "PubkeyAcceptedAlgorithms=+ssh-rsa,ssh-dss" >> /etc/ssh/sshd_config
+      - name: add deprecated kexes
+        run: echo "KexAlgorithms=+diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" >> /etc/ssh/sshd_config
+      - name: add deprecated ciphers
+        run: echo "Ciphers=+aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc" >> /etc/ssh/sshd_config
+      - name: add deprecated dsa keys
+        run: echo "HostKey /etc/ssh/ssh_host_dsa_key" >> /etc/ssh/sshd_config
+      - name: add rsa keys
+        run: echo "HostKey /etc/ssh/ssh_host_rsa_key" >> /etc/ssh/sshd_config
+      - name: add ed25519 keys
+        run: echo "HostKey /etc/ssh/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
+      - name: add ecdsa keys
+        run: echo "HostKey /etc/ssh/ssh_host_ecdsa_key" >> /etc/ssh/sshd_config
       - name: create .ssh
         run: mkdir -p /home/ubuntu/.ssh && umask 066; touch /home/ubuntu/.ssh/authorized_keys
       - name: generate rsa files
@@ -98,6 +118,6 @@ jobs:
       - name: run ssh
         run: mkdir /run/sshd && /usr/sbin/sshd -T &&/usr/sbin/sshd -D -p 8888 &
       - name: Test
-        run: cargo test --all-features
+        run: cargo test --all-features -- --test-threads 1
       - name: Doc test
         run: cargo test --doc --all-features

.gitignore

@@ -1,6 +1,7 @@
 .idea
 target
 .gitignore
+.vscode
 # Generated by Cargo
 # will have compiled files and executables
 /target/

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "ssh-rs"
-version = "0.3.2"
+version = "0.4.5"
 edition = "2021"
 authors = [
     "Gao Xiang Kang <[email protected]>",
@@ -14,41 +14,65 @@ repository = "https://github.com/1148118271/ssh-rs"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 [features]
-dangerous-algorithms = ["dangerous-rsa-sha1", "dangerous-dh-group1-sha1"]
-dangerous-rsa-sha1 = ["sha1"]
-dangerous-dh-group1-sha1 = []
+deprecated-algorithms = [
+    "deprecated-rsa-sha1",
+    "deprecated-dh-group1-sha1",
+    "deprecated-aes-cbc",
+    "deprecated-des-cbc",
+    "deprecated-dss-sha1"
+    ]
+deprecated-rsa-sha1 = ["dep:sha1"]
+deprecated-dss-sha1 = ["dep:sha1", "dep:dsa"]
+deprecated-dh-group1-sha1 = ["dep:sha1"]
+deprecated-aes-cbc = ["dep:cbc", "dep:cipher"]
+deprecated-des-cbc = ["dep:cbc", "dep:cipher", "dep:des"]
+deprecated-zlib = []
+scp = ["dep:filetime"]
+
+[lib]
+name = "ssh"
+path = "src/lib.rs"
 
 [dependencies]
-log = "0.4"
+## error
+thiserror = "^1.0"
+
+## log
+tracing = { version = "0.1.36", features = ["log"] }
+
+## string enum
+strum = "0.25"
+strum_macros = "0.25"
+
+## algorithm
 rand = "0.8"
 num-bigint = { version = "0.4", features = ["rand"] }
-strum = "0.24"
-strum_macros = "0.24"
 # the crate rsa has removed the internal hash implement from 0.7.0
 sha1  = { version = "0.10.5", default-features = false, features = ["oid"], optional = true }
 sha2  = { version = "0.10.6", default-features = false, features = ["oid"]}
-rsa = "^0.7"
-aes = { version = "0.7", features = ["ctr"] }
-ssh-key = { version = "0.5.1", features = ["rsa", "ed25519"]}
-signature = "1.6.4"
-ring = "0.16.20"
-filetime = "0.2"
+dsa = { version = "0.6.1", optional = true }
+rsa = "0.9"
+aes = "0.8"
+ctr = "0.9"
+des = { version = "0.8", optional = true }
+cbc = { version = "0.1", optional = true }
+cipher = { version = "0.4", optional = true }
+ssh-key = { version = "0.6", features = ["rsa", "ed25519", "alloc"]}
+signature = "2.1"
+ring = "0.17"
+
+## compression
+flate2 = "^1.0"
 
-# async
-# [target.'cfg(not(target_arch = "wasm32"))'.dependencies]
-# tokio = { version = "^1", features = ["full"] }
+## utils
+filetime = { version = "0.2", optional = true }
 
 [target.'cfg(target_arch = "wasm32")'.dependencies]
-getrandom = { version = "0.2", features = ["js"] }
-# tokio = { version = "^1", features = [
-#     "sync",
-#     "macros",
-#     "io-util",
-#     "rt",
-#     "time"
-#     ]}
+ring = { version = "0.17", features = ["wasm32_unknown_unknown_js"] }
+
 
 [dev-dependencies]
+tracing-subscriber = { version = "^0.3" }
 paste = "1"
 
 

README.md

@@ -46,7 +46,8 @@ or [PR](https://github.com/1148118271/ssh-rs/pulls) .
 ### 1. Password:
 
 ```rust
-use ssh_rs::ssh;
+use ssh;
+
 let mut session = ssh::create_session()
     .username("ubuntu")
     .password("password")
@@ -67,7 +68,8 @@ let mut session = ssh::create_session()
 // and end with
 //       -----END RSA PRIVATE KEY----- / -----END OPENSSH PRIVATE KEY-----
 // simply generated by `ssh-keygen -t rsa -m PEM -b 4096`
-use ssh_rs::ssh;
+use ssh;
+
 let mut session = ssh::create_session()
     .username("ubuntu")
     .private_key_path("./id_rsa")
@@ -82,7 +84,8 @@ let mut session = ssh::create_session()
 //      -----BEGIN RSA PRIVATE KEY----- / -----BEGIN OPENSSH PRIVATE KEY-----
 // and end with
 //       -----END RSA PRIVATE KEY----- / -----END OPENSSH PRIVATE KEY-----
-use ssh_rs::ssh;
+use ssh;
+
 let mut session = ssh::create_session()
     .username("ubuntu")
     .private_key("rsa_string")
@@ -95,7 +98,8 @@ let mut session = ssh::create_session()
 * According to the implementation of OpenSSH, it will try public key first and fallback to password. So both of them can be provided.
 
 ```Rust
-use ssh_rs::ssh;
+use ssh;
+
 let mut session = ssh::create_session()
     .username("username")
     .password("password")
@@ -106,33 +110,38 @@ let mut session = ssh::create_session()
 
 ## Enable global logging：
 
-* There are two APIs to enable logs, basicly `enable_log()` will set the log level to `INFO`, and `debug()` will set it to `Debug`
-
-* But you can implement your own logger as well.
+* This crate now uses the `log` compatible `tracing` for logging functionality
 
 ```rust
-use ssh_rs::ssh;
+use tracing::Level;
+use tracing_subscriber::FmtSubscriber;
+
 // this will generate some basic event logs
-ssh::enable_log();
-// this will generate verbose logs
-ssh::debug()
+// a builder for `FmtSubscriber`.
+let subscriber = FmtSubscriber::builder()
+    // all spans/events with a level higher than INFO (e.g, info, warn, etc.)
+    // will be written to stdout.
+    .with_max_level(Level::INFO)
+    // completes the builder.
+    .finish();
+
+tracing::subscriber::set_global_default(subscriber).expect("setting default subscriber failed");
 ```
 
 ## Set timeout：
 
 * Only global timeouts per r/w are currently supported.
 
 ```rust
-use ssh_rs::ssh;
+use ssh;
 
-ssh::debug();
 let _listener = TcpListener::bind("127.0.0.1:7777").unwrap();
 
 match ssh::create_session()
     .username("ubuntu")
     .password("password")
     .private_key_path("./id_rsa")
-    .timeout(5 * 1000)
+    .timeout(Some(std::time::Duration::from_secs(5)))
     .connect("127.0.0.1:7777")
 {
     Err(e) => println!("Got error {}", e),
@@ -159,44 +168,39 @@ match ssh::create_session()
 * `ecdh-sha2-nistp256`
 * `diffie-hellman-group14-sha256`
 * `diffie-hellman-group14-sha1`
-* `diffie-hellman-group1-sha1` (behind feature "dangerous-dh-group1-sha1")
+* `diffie-hellman-group1-sha1` (behind feature "deprecated-dh-group1-sha1")
 
 ### 2. Server host key algorithms
 
 * `ssh-ed25519`
 * `rsa-sha2-256`
 * `rsa-sha2-512`
-* `rsa-sha` (behind feature "dangerous-rsa-sha1")
-
-### 3. Encryption algorithms (client to server)
+* `rsa-sha` (behind feature "deprecated-rsa-sha1")
+* `ssh-dss` (behind feature "deprecated-dss-sha1")
 
-* `[email protected]`
-* `aes128-ctr`
 
-### 4. Encryption algorithms (server to client)
+### 3. Encryption algorithms
 
 * `[email protected]`
 * `aes128-ctr`
+* `aes192-ctr`
+* `aes256-ctr`
+* `aes128-cbc` (behind feature "deprecated-aes-cbc")
+* `aes192-cbc` (behind feature "deprecated-aes-cbc")
+* `aes256-cbc` (behind feature "deprecated-aes-cbc")
+* `3des-cbc` (behind feature "deprecated-des-cbc")
 
-### 5. Mac algorithms (client to server)
+### 4. Mac algorithms
 
 * `hmac-sha2-256`
 * `hmac-sha2-512`
 * `hmac-sha1`
 
-### 6. Mac algorithms (server to client)
-
-* `hmac-sha2-256`
-* `hmac-sha2-512`
-* `hmac-sha1`
-
-### 7. Compression algorithms (client to server)
-
-* `none`
-
-### 8. Compression algorithms (server to client)
+### 5. Compression algorithms
 
 * `none`
+* `[email protected]`
+* `zlib` (behind feature "zlib")
 
 ---
 

README_ZH.md

@@ -49,25 +49,39 @@ fn main() {
 ```
 
 ### 启用全局日志：
-
+本crate现在使用兼容`log`的`tracing` crate记录log
+使用下面的代码片段启用log
 ```rust
- ssh::debug();
+use tracing::Level;
+use tracing_subscriber::FmtSubscriber;
+// this will generate some basic event logs
+// a builder for `FmtSubscriber`.
+let subscriber = FmtSubscriber::builder()
+    // all spans/events with a level higher than INFO (e.g, info, warn, etc.)
+    // will be written to stdout.
+    .with_max_level(Level::INFO)
+    // completes the builder.
+    .finish();
+
+tracing::subscriber::set_global_default(subscriber).expect("setting default subscriber failed");
 ```
 
-### 设置超时时间：
+### 设置全局超时时间：
 
 ```rust
-ssh::create_session().timeout(50);
+ssh::create_session().timeout(Some(std::time::Duration::from_secs(5)));
 ```
 
-### 目前只支持 exec shell scp 三种使用方式： 
-1. [exec示例](examples/exec/src/main.rs) 
-2. [shell示例](examples/shell/src/main.rs) 
-3. [scp示例](examples/scp/src/main.rs)
+### 使用样例
+* 更多使用样例请参考[examples](examples)目录
 
+1. [执行单个命令](examples/exec/src/main.rs)
+2. [通过scp传输文件](examples/scp/src/main.rs)
+3. [启动一个pty](examples/shell/src/main.rs)
+4. [运行一个交互式的shell](examples/shell_interactive/src/main.rs)
+5. [使用非tcp连接](examples/bio/src/main.rs)
+6. [自行配置密码组](examples/customized_algorithms/src/main.rs)
 
-### 自定义连接方式:
-[bio示例](examples/bio/src/main.rs)
 
 ### 算法支持：
 
@@ -81,33 +95,30 @@ ssh::create_session().timeout(50);
 * `ssh-ed25519`
 * `rsa-sha2-512`
 * `rsa-sha2-256`
-* `rsa-sha` (features = ["dangerous-rsa-sha1"])
-
-#### 3. 加密算法（客户端到服务端）
-
-* `[email protected]`
-* `aes128-ctr`
+* `rsa-sha` (features = ["deprecated-rsa-sha1"])
+* `ssh-dss` (features = ["deprecated-dss-sha1"])
 
-#### 4. 加密算法（服务端到客户端）
+#### 3. 加密算法
 
 * `[email protected]`
 * `aes128-ctr`
+* `aes192-ctr`
+* `aes256-ctr`
+* `aes128-cbc` (features = ["deprecated-aes-cbc"])
+* `aes192-cbc` (features = ["deprecated-aes-cbc"])
+* `aes256-cbc` (features = ["deprecated-aes-cbc"])
+* `3des-cbc` (features = ["deprecated-des-cbc"])
 
-#### 5. MAC算法（客户端到服务端）
+#### 4. MAC算法
 
+* `hmac-sha2-256`
+* `hmac-sha2-512`
 * `hmac-sha1`
 
-#### 6. MAC算法（服务端到客户端）
-
-* `hmac-sha1`
-
-#### 7. 压缩算法（客户端到服务端）
-
-* `none`
-
-#### 8. 压缩算法（服务端到客户端）
+#### 5. 压缩算法
 
 * `none`
+* `zlib` (behind feature "zlib")
 
 ---