bumped russh to 0.44

warpgate-admin/Cargo.toml

@@ -24,8 +24,7 @@ poem-openapi = { version = "2.0", features = [
     "uuid",
     "static-files",
 ] }
-russh-keys = { version = "0.44.0-beta.5", features = ["legacy-ed25519-pkcs8-parser"] }
-# russh-keys = { version = "0.23.0-beta.1", path = "../../russh/russh-keys" }
+russh = { version = "0.44.0", features = ["legacy-ed25519-pkcs8-parser"] }
 rust-embed = "8.3"
 sea-orm = { version = "0.12.2", features = [
     "runtime-tokio-rustls",

warpgate-admin/src/api/ssh_keys.rs

@@ -3,7 +3,7 @@ use std::sync::Arc;
 use poem::web::Data;
 use poem_openapi::payload::Json;
 use poem_openapi::{ApiResponse, Object, OpenApi};
-use russh_keys::PublicKeyBase64;
+use russh::keys::PublicKeyBase64;
 use serde::Serialize;
 use tokio::sync::Mutex;
 use warpgate_common::WarpgateConfig;

warpgate-protocol-ssh/Cargo.toml

@@ -14,10 +14,8 @@ dialoguer = "0.10"
 curve25519-dalek = "4.0.0" # pin due to build fail on x86
 ed25519-dalek = "2.0.0" # pin due to build fail on x86 in 2.1
 futures = "0.3"
-russh = { version = "0.44.0-beta.5" }
+russh = { version = "0.44.0", features = ["legacy-ed25519-pkcs8-parser"] }
 # russh = { version = "0.35.0-beta.6", path = "../../russh/russh"}
-russh-keys = { version = "0.44.0-beta.5", features = ["legacy-ed25519-pkcs8-parser"] }
-# russh-keys = { version = "0.23.0-beta.1", path = "../../russh/russh-keys" }
 sea-orm = { version = "0.12.2", features = [
     "runtime-tokio-rustls",
 ], default-features = false }

warpgate-protocol-ssh/src/client/handler.rs

@@ -1,8 +1,8 @@
 use async_trait::async_trait;
 use russh::client::{Msg, Session};
+use russh::keys::key::PublicKey;
+use russh::keys::PublicKeyBase64;
 use russh::Channel;
-use russh_keys::key::PublicKey;
-use russh_keys::PublicKeyBase64;
 use tokio::sync::mpsc::UnboundedSender;
 use tokio::sync::oneshot;
 use tracing::*;

warpgate-protocol-ssh/src/client/mod.rs

@@ -16,8 +16,8 @@ pub use error::SshClientError;
 use futures::pin_mut;
 use handler::ClientHandler;
 use russh::client::Handle;
+use russh::keys::key::PublicKey;
 use russh::{kex, Preferred, Sig};
-use russh_keys::key::PublicKey;
 use tokio::sync::mpsc::{unbounded_channel, UnboundedReceiver, UnboundedSender};
 use tokio::sync::{oneshot, Mutex};
 use tokio::task::JoinHandle;
@@ -47,7 +47,7 @@ pub enum ConnectionError {
     Io(#[from] std::io::Error),
 
     #[error(transparent)]
-    Key(#[from] russh_keys::Error),
+    Key(#[from] russh::keys::Error),
 
     #[error(transparent)]
     Ssh(#[from] russh::Error),

warpgate-protocol-ssh/src/helpers.rs

@@ -1,5 +1,5 @@
-use russh_keys::key::KeyPair;
-use russh_keys::PublicKeyBase64;
+use russh::keys::key::KeyPair;
+use russh::keys::PublicKeyBase64;
 
 pub trait PublicKeyAsOpenSSH {
     fn as_openssh(&self) -> String;

warpgate-protocol-ssh/src/keys.rs

@@ -2,8 +2,8 @@ use std::fs::{create_dir_all, File};
 use std::path::{Path, PathBuf};
 
 use anyhow::{Context, Result};
-use russh_keys::key::{KeyPair, SignatureHash};
-use russh_keys::{encode_pkcs8_pem, load_secret_key};
+use russh::keys::key::{KeyPair, SignatureHash};
+use russh::keys::{encode_pkcs8_pem, load_secret_key};
 use tracing::*;
 use warpgate_common::helpers::fs::{secure_directory, secure_file};
 use warpgate_common::WarpgateConfig;
@@ -41,7 +41,7 @@ pub fn generate_host_keys(config: &WarpgateConfig) -> Result<()> {
     Ok(())
 }
 
-pub fn load_host_keys(config: &WarpgateConfig) -> Result<Vec<KeyPair>, russh_keys::Error> {
+pub fn load_host_keys(config: &WarpgateConfig) -> Result<Vec<KeyPair>, russh::keys::Error> {
     let path = get_keys_path(config);
     let mut keys = Vec::new();
 
@@ -90,7 +90,7 @@ pub fn generate_client_keys(config: &WarpgateConfig) -> Result<()> {
     Ok(())
 }
 
-pub fn load_client_keys(config: &WarpgateConfig) -> Result<Vec<KeyPair>, russh_keys::Error> {
+pub fn load_client_keys(config: &WarpgateConfig) -> Result<Vec<KeyPair>, russh::keys::Error> {
     let path = get_keys_path(config);
     let mut keys = Vec::new();
 
@@ -105,7 +105,7 @@ pub fn load_client_keys(config: &WarpgateConfig) -> Result<Vec<KeyPair>, russh_k
 
 /// russh 0.43 has a bug that generates incorrect PKCS#8 encoding for Ed25519 keys
 /// This will preemptively try to correctly re-encode and save the key
-fn load_and_maybe_resave_ed25519_key<P: AsRef<Path>>(p: P) -> Result<KeyPair, russh_keys::Error> {
+fn load_and_maybe_resave_ed25519_key<P: AsRef<Path>>(p: P) -> Result<KeyPair, russh::keys::Error> {
     let key = load_secret_key(&p, None)?;
     if let KeyPair::Ed25519(_) = &key {
         if let Ok(f) = File::create(p) {

warpgate-protocol-ssh/src/known_hosts.rs

@@ -1,7 +1,7 @@
 use std::sync::Arc;
 
-use russh_keys::key::PublicKey;
-use russh_keys::PublicKeyBase64;
+use russh::keys::key::PublicKey;
+use russh::keys::PublicKeyBase64;
 use sea_orm::{ActiveModelTrait, ColumnTrait, DatabaseConnection, EntityTrait, QueryFilter};
 use tokio::sync::Mutex;
 use uuid::Uuid;

warpgate-protocol-ssh/src/lib.rs

@@ -14,7 +14,7 @@ use async_trait::async_trait;
 pub use client::*;
 pub use common::*;
 pub use keys::*;
-use russh_keys::PublicKeyBase64;
+use russh::keys::PublicKeyBase64;
 pub use server::run_server;
 use uuid::Uuid;
 use warpgate_common::{ProtocolName, SshHostKeyVerificationMode, Target, TargetOptions};

warpgate-protocol-ssh/src/server/mod.rs

@@ -34,10 +34,10 @@ pub async fn run_server(services: Services, address: SocketAddr) -> Result<()> {
             event_buffer_size: 100,
             preferred: Preferred {
                 key: Cow::Borrowed(&[
-                    russh_keys::key::ED25519,
-                    russh_keys::key::RSA_SHA2_256,
-                    russh_keys::key::RSA_SHA2_512,
-                    russh_keys::key::SSH_RSA,
+                    russh::keys::key::ED25519,
+                    russh::keys::key::RSA_SHA2_256,
+                    russh::keys::key::RSA_SHA2_512,
+                    russh::keys::key::SSH_RSA,
                 ]),
                 ..<_>::default()
             },

warpgate-protocol-ssh/src/server/russh_handler.rs

@@ -2,9 +2,9 @@ use std::fmt::Debug;
 
 use async_trait::async_trait;
 use bytes::Bytes;
+use russh::keys::key::PublicKey;
 use russh::server::{Auth, Handle, Msg, Session};
 use russh::{Channel, ChannelId, Pty, Sig};
-use russh_keys::key::PublicKey;
 use tokio::sync::mpsc::UnboundedSender;
 use tokio::sync::oneshot;
 use tracing::*;
@@ -181,7 +181,7 @@ impl russh::server::Handler for ServerHandler {
     async fn auth_publickey_offered(
         &mut self,
         user: &str,
-        key: &russh_keys::key::PublicKey,
+        key: &russh::keys::key::PublicKey,
     ) -> Result<Auth, Self::Error> {
         let user = Secret::new(user.to_string());
         let (tx, rx) = oneshot::channel();
@@ -205,7 +205,7 @@ impl russh::server::Handler for ServerHandler {
     async fn auth_publickey(
         &mut self,
         user: &str,
-        key: &russh_keys::key::PublicKey,
+        key: &russh::keys::key::PublicKey,
     ) -> Result<Auth, Self::Error> {
         let user = Secret::new(user.to_string());
         let (tx, rx) = oneshot::channel();

warpgate-protocol-ssh/src/server/session.rs

@@ -12,9 +12,9 @@ use anyhow::{Context, Result};
 use bimap::BiMap;
 use bytes::Bytes;
 use futures::{Future, FutureExt};
+use russh::keys::key::{PublicKey, SignatureHash};
+use russh::keys::PublicKeyBase64;
 use russh::{CryptoVec, MethodSet, Sig};
-use russh_keys::key::{PublicKey, SignatureHash};
-use russh_keys::PublicKeyBase64;
 use tokio::sync::mpsc::{UnboundedReceiver, UnboundedSender};
 use tokio::sync::{broadcast, oneshot, Mutex};
 use tracing::*;