Breaking changes
OpenSSL-free RSA
- This release adds a default pure-Rust RSA implementation, meaning that you can disable the
openssl feature to reduce your app size and improve portability and build speed.
- RSA is now enabled by default in
Preferred::DEFAULT when the openssl feature is disabled.
Preferred algorithms config changes - 77cc2f7
- The fields specifying cipher algorithms in
Preferred are now Cow<&'static, [Name]> instead of &'static [Name], allowing you to dynamically construct the lists. If you're using custom algorithm lists, you'll need to update your code:
config.preferred = Preferred {
- kex: &[CURVE25519],
+ kex: Cow::Borrowed(&[CURVE25519]),
..<_>::default()
}
- The type of
Preferred::compression items is now russh::compression::Name instead of String.
- All
Name structs now implement TryFrom<&'static str> which will validate that the named algorithm is actually implemented in the library.
- There are now companion algorithm lists to choose from dynamically:
russh_keys::key::ALL_KEY_TYPES, russh::kex::ALL_KEX_ALGORITHMS, russh::cipher::ALL_CIPHERS, russh::compression::ALL_COMPRESSION_ALGORITHMS and russh::mac::ALL_MAC_ALGORITHMS.
Incorrect Ed25519 PKCS#8 key saving
- Up to
v0.43, russh-keys has generated incorrect key format when saving Ed25519 keys in PKCS#8 format. This is fixed in v0.44 but by default, v0.44 will fail to parse keys generated in v0.43.
- To allow
v0.44 to parse these keys, enable the legacy-ed25519-pkcs8-parser feature of the russh-keys crate.
Other changes
- 3bfd99f:
ecdh-sha2-nistp{256,384,521} kex support (#282) (Michael Gleason) #282
- 800969b: Implement
-cbc ciphers. (#297) (Pierre Barre) #297
- 1eaadfb: Add support for glob pattern matching in Host directives (#306) (Adam Chappell) #306
- 88196a7: allow converting
ChannelId into u32
Fixes
