summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* v 7.0.0.beta1 release preparev7.0.0.beta1Miklós Fazekas2022-04-301-2/+2
|
* Fix #854 regressionFlorian Wininger2022-04-291-5/+1
|
* Fix unit tests for OpenSSL 3Florian Wininger2022-04-293-2/+14
|
* fix rubocop issuesFlorian Wininger2022-04-295-44/+64
|
* diffie-hellman: create the key by generating the PEM fileSimon Chopin2022-04-291-17/+17
| | | | | | | | | | This makes the code compatible with OpenSSL 3.0. However, an issue with this is that it is not possible anymore to ensure a specific size for the private key, as indicated in the inline comment. v2: avoid PKey.generate_key on older releases (< 2.7) Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
* Use OpenSSL::PKey::EC.generate static methodSimon Chopin2022-04-296-12/+12
| | | | | | | | | | | Migrate all instances of the pattern EC.new(foo).generate_key to EC.generate(foo), as the old pattern isn't supported when using OpenSSL 3.0, since one is not allowed to mess with the internal data of already created objects now. The new API has been introduced in Ruby 2.4. Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
* transport: create EC keys by loading PEM data directlySimon Chopin2022-04-291-3/+11
| | | | | | | | | The OpenSSL 3.0 changes don't allow for us to modify the private key details directly, and there are no dedicated constructors as of Ruby 3.0, so we need to actually create a PEM certificate in-memory and load that instead. Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
* buffer: create DSA keys by loading PEM data directlySimon Chopin2022-04-292-23/+36
| | | | | | | | | | | | | The OpenSSL 3.0 changes don't allow for us to modify the private key details directly, and there are no dedicated constructors as of Ruby 3.0, so we need to actually create a PEM certificate in-memory and load that instead. To add insult to injury, contrary to other types of keys such as RSA, we need to actually build the full PEM data and not just pack the numbers in a simple sequence, making the code even a bit more complicated. Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
* buffer: create RSA keys by loading PEM data directlySimon Chopin2022-04-293-24/+25
| | | | | | | | | The OpenSSL 3.0 changes don't allow for us to modify the private key details directly, and there are no dedicated constructors as of Ruby 3.0, so we need to actually create a PEM certificate in-memory and load that instead. Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
* tests: Enable legacy providers if using OpenSSL 3.0Simon Chopin2022-04-292-0/+31
| | | | | | | Quite a few tests rely on outdated algorithms that have been relegated to the legacy provider in OpenSSL 3.0. `rake test` now loads a custom OpenSSL configuration file to enable said legacy provider, which is usually disabled by default.
* update rubocop configFlorian Wininger2022-04-292-16/+25
|
* Test all kexFlorian Wininger2022-04-201-0/+16
|
* Update tests suiteFlorian Wininger2022-04-152-7/+21
|
* Fix a typoFlorian Wininger2022-04-151-4/+4
|
* Read ecdsa private key in openssh formatMartin Sander2022-04-122-0/+69
| | | | Fixes #657.
* Add unit-test for openssl 3Florian Wininger2022-04-122-0/+31
|
* Generate all DSA keys with 1024 bitsSimon Chopin2022-04-125-11/+11
| | | | | | 512bits keys are refused in newer OpenSSL libraries as too weak. Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
* openssl: DSA: don't hardcode expected signature sizeAntonio Terceiro2022-04-121-1/+2
| | | | | | | | | | | The default value of the Q parameters for DSA keys changed in Ruby OpenSSL 3.0.0, and that causes DSA signatures to be longer by default. This change might have been accidental, and this may be reverted; see https://github.com/ruby/openssl/issues/483 This changes the check for the signature length to not be against a hardcoded expected lenght, but against the expected length as calculated from the Q parameter.
* Update README.mdFlorian Wininger2022-04-121-0/+6
|
* Run only once unit testsFlorian Wininger2022-04-121-1/+3
|
* Run test with dockerFlorian Wininger2022-04-124-0/+75
|
* Use ruby 2.6 and newerFlorian Wininger2022-04-121-1/+1
|
* Configure rubocop for gh actionsFlorian Wininger2022-04-123-94/+128
|
* Run rubocop on the sideFlorian Wininger2022-04-122-3/+13
|
* Fix some nitsFlorian Wininger2022-04-122-4/+1
|
* Fix linkFlorian Wininger2022-04-121-1/+1
|
* enhance readmeFlorian Wininger2022-04-122-19/+1
|
* Remove travis configuration filesFlorian Wininger2022-04-121-51/+0
|
* Add support of ruby 3.1 and drop 2.5Florian Wininger2022-04-113-19/+33
|
* Merge pull request #855 from zzambers/delegate-fixMiklós Fazekas2022-04-051-0/+1
|\ | | | | known_hosts.rb: Added missing require delegate
| * known_hosts.rb: Added missing require delegateZdenek Zambersky2022-04-051-0/+1
|/
* Merge pull request #850 from boblail/lail/expand-paths-to-identity-agentMiklós Fazekas2022-03-282-2/+7
|\ | | | | Support `~` in the path to the SSH agent's unix socket
| * Support `~` in the path to the SSH agent's unix socketBob Lail2022-03-042-2/+7
| |
* | Added support for RSA client authentication with SHA-2Zdenek Zambersky2021-11-189-27/+161
| |
* | Update rubocop versionFlorian Wininger2021-10-251-1/+1
| |
* | Fix rubocop coding style.Florian Wininger2021-10-2594-545/+475
| | | | | | | | Lot of spacing issues :)
* | Fix rubucop configFlorian Wininger2021-10-252-126/+146
| |
* | Disable codecovFlorian Wininger2021-10-251-2/+2
| |
* | Update expired certsv6.3.0.beta1Miklós Fazekas2021-08-101-8/+8
| |
* | 6.3.0.beta1 releaseMiklós Fazekas2021-08-102-2/+3
| |
* | Merge pull request #765 from dax/fix_translated_strict_host_key_checkingMiklós Fazekas2021-08-102-12/+42
|\ \ | | | | | | Fix StrictHostKeyChecking ssh config parameter translation
| * | Fix StrictHostKeyChecking ssh config parameter translationDavid Rousselie2020-10-122-12/+42
| | |
* | | Merge pull request #781 from haccht/missing_ssh_signature_typeMiklós Fazekas2021-08-101-9/+5
|\ \ \ | | | | | | | | Fix missing OpenSSL::Pkey::EC::Point#ssh_signature_type
| * | | Make it clear that ssh_signature_type is an alias for ssh_type by using ↵haccht2020-08-071-12/+4
| | | | | | | | | | | | | | | | alias keyword
| * | | Fix missing OpenSSL::Pkey::EC::Point#ssh_signature_typehaccht2020-08-061-0/+4
| | | |
* | | | Merge pull request #835 from net-ssh/mfazekas/frozen-literalMiklós Fazekas2021-08-1018-35/+38
|\ \ \ \ | | | | | | | | | | Support frozen_string_literals
| * | | | Support frozen_string_literalsmfazekas/frozen-literalMiklós Fazekas2021-08-0718-35/+38
| | | | |
* | | | | Merge pull request #833 from net-ssh/mfazekas/cert-base-authMiklós Fazekas2021-08-1012-25/+257
|\ \ \ \ \ | |/ / / / |/| | | | Cert based host auth
| * | | | CHangelog, ignore vedor from rubocopmfazekas/cert-base-authMiklós Fazekas2021-08-062-0/+7
| | | | |
| * | | | Allow single asterisk in known hosts and asterisk should match mutliple dotsMiklós Fazekas2021-08-062-5/+39
| | | | |
View Lorry Controller Status