v0.51.1

Changes

• 71cd4ab: fixed #468 - allow RSA keys below 2048-bit length

russh has previously disallowed <2048-bit RSA keys - whether as private or as server host keys, both as server and client due to a security check in the ssh-key crate.

This behaviour has now been changed to allow these keys, and the decision to accept or reject them now lies on the library consumer. To recreate the old behaviour within your Handler, add the following check to your check_server_key implementation. You'll need to import the rsa crate.

async fn check_server_key(
    &mut self,
    server_public_key: &PublicKey,
) -> Result<bool, Self::Error> {
    use rsa::traits::PublicKeyParts;

    if let Some(ssh_pk) = server_public_key.key_data().rsa() {
        let rsa_pk: rsa::RsaPublicKey = ssh_pk.try_into()?;
        if rsa_pk.size() < 2048 {
            return Ok(false);
        }
    }
    
    ...
}

• 0c722b8: partial_success support (#478) #478
• 32a9ee1: Add a crate feature to enable DSA support (#473) (Francesco Degrassi) #473
• db5e5ba: wait for extension info from the server in the best_supported_rsa_hash method. Previously there was a race condition between calling best_supported_rsa_hash and the server sending the EXT_INFO message. Now russh will wait for up to one second to receive EXT_INFO when you call best_supported_rsa_hash.
• 92362fc: Introduce Channel::split() to allow splitting a channel into a read half and a write half (#482) (Uli Schlachter) #482
• 32667df: Added support for additional DH groups (#486) (Jacob Van Brunt) #486
• replaced libc dependency with nix (#483) #483 (iHsin)

Fixes

• 0665aac: Cryptovec/Windows: Add reference counting per Page, improve error-msg (#471) (Adrian Müller (DTT)) #471
• 0b4cf36: Optimize examples/client_open_direct_tcpip.rs (#477) (handewo) #477
• ffc5726: Remove unused dependencies (#488) (Uli Schlachter) #488