$Id: Changes,v 1.47 2001/05/11 18:42:28 btrott Exp $
Revision history for Net::SSH::Perl
1.10 2001.05.11
- Added Key::RSA, an SSH2 key implementation, using Crypt::RSA;
this provides support for the 'ssh-rsa' public key
negotiation. Also supported by pssh-keygen (even for key
generation).
- Added HostKeyAlgorithms as a supported config option to set
server host key algorithms.
- Restructured DSA/publickey-auth implementation to allow for
multiple public key algorithms, not just DSA. Moved Auth/DSA
=> Auth/Pubkey.
- Added support for determining PEM private key file types (eg.
RSA vs. DSA) from the first line of the PEM file.
- Fixed broken Rhosts-RSA support (SSH1).
- Added support for reading/writing comments from read_private
and write_private method for RSA1 SSH1 keys (-c option in
pssh-keygen).
- Renamed Key::RSA to Key::RSA1 to allow for Key::RSA as SSH2
RSA implementation.
- Changed Key::DSA::size to use Crypt::DSA::Key::size; removed
redundant Key initialization from Key::DSA::init.
- Kex::DH1 now works with any type of server public key, not
just DSA (ie. also works with ssh-rsa in addition to ssh-dss).
1.06 2001.05.07
- Fixed bug with Blowfish cipher in SSH1 protocol; symptom would
be "Corrupted check bytes on input" after sending the
RSA-encrypted session key, and turning on encryption.
This was due to an incorrect key length when setting the
Blowfish key. Thanks to Dan Berger (djberge@uswest.com) for
the spot.
1.05 2001.05.04
- Fixed bug when entering password at prompt; entering an
incorrect password more than three times would cause the
authentication to hang. Thanks to Matt Good (mgood@nextdoor.com)
for the spot and a fix.
1.04 2001.05.04
- Fixed bug in version/protocol exchange that was causing a DSA
signature verification error. I was cutting off just a newline,
and some versions of ssh2 were sending ctrl-M characters as
well that should be cut off. This caused errors like "DSA
verification failed for server host key" during key exchange.
Thanks to Matt Good (mgood@nextdoor.com) for the spot.
- Fixed host wildcard matching in Net::SSH::Perl::Config so that
the directive 'Host foo' no longer matches the host 'foobar';
this was incorrect behavior and inconsistent with ssh.
- Added more documentation for Key::DSA and Key::RSA.
1.03 2001.05.03
- Fixed error with Net::SSH::Perl::Key::DSA and MIME::Base64.
- Added better docs for Key classes.
1.02 2001.05.03
- Fixed some doc errors, both syntax and content.
- Reworked Makefile.PL to give more feedback about what's
happening w/r/t testing prerequisite modules. Added
Digest::BubbleBabble as optional prereq, and made Convert::PEM
optional as well.
- Added support for bubble-babble fingerprints, both in
Key libraries (restructured to work with multiple types
of fingerprinting) and in pssh-keygen (-B option).
1.01 2001.05.02
- Added SSH2 support.
- Added Channel, ChannelMgr classes to manage open SSH2
channels.
- Added Key and subclasses Key::DSA, Key::RSA; managed
access to keys and keyfiles.
- Split Util functions into sub-modules that are loaded
on demand. Added more utility functions for SSH2 bigints,
etc. Deprecated _load_private_key, _save_private_key,
_load_public_key, in favor of usage of Net::SSH::Perl::Key
classes.
- Changed Constants implementation; don't use 'constant'
module, just keep constants in hash, then export them
in custom import method.
- Added eg/pssh-keygen, which has *almost* all of the
functionality in the OpenSSH ssh-keygen.
- Added Mac classes for MAC packet integrity.
- Added Cipher/RC4, an arcfour implementation (only for
SSH2).
- Added Kex and subclass for Diffie-Hellman Group 1.
- Buffer now works for both SSH1 and SSH2; different
mp_int representations.
- SSH1 implementation: now uses Net::SSH::Perl::Comp for
compression; uses Net::SSH::Perl::Key::RSA to hold RSA
keys; now lives in Net::SSH::Perl::SSH1 and is loaded on
demand; etc.
0.67 2001.04.20
- now use _mp_linearize in _rsa_private_decrypt.
- fixed bug with sending large STDIN packets. The symptom was
that, when trying to send STDIN packets larger than MAX_PACKET_SIZE,
you'd get an error and the packet wouldn't be sent. Thanks to
Chris Beatson (chris@neonova.net) for the spot and a patch.
- fixed odd bug with _mp_linearize. Aaron Paetznick
(aaronp@critd.com) pointed this out, and I could only
reproduce it on his system. The symptoms were that encryption
would not work, resulting in "Corrupted check bytes on input"
messages after encryption was turned on. This was due to a
problem generating the session ID. Fixed by using a whole new
version of _mp_linearize.
0.66 2001.03.22
- fixed bug where calling 'cmd' more than once wouldn't get
anything in returned stdout, stderr, or exit status. Thanks
to John Tyrrell (tyrrell@verio.net) for the spot.
0.65 2001.03.21
- fixed bug with "Cipher <name>" in config file or 'options'
param. This wasn't mapping ssh cipher names to Net::SSH::Perl
cipher names (ie. should map 'idea' => 'IDEA'). Thanks to
Edward Vopata (vopata@pulsar.itg.ti.com) for the spot and
a patch.
- made it clearer that Net::SSH::Perl currently supports only
SSH1 protocol.
- better error checking for getservbyname lookup of ssh
service (to get default port).
- added eg/remoteinteract.pl, which demonstrates how to interact
with a remote (interactive) command.
0.64 2001.03.13
- fixed bug in Net::SSH::Perl::Cipher::new_from_key_str;
empty key string (passphrase) was broken. This never
cropped up in regular usage, only in testing.
- added _save_private_key function to Net::SSH::Perl::Util,
used to save private key files.
- added cipher tests (05-cipher.t).
- PasswordPromptLogin and PasswordPromptHost config options
are now supported (on by default).
- added untainting code for all places where data is read
from external sources (ie. socket, key files, etc.),
which should fix the "Corrupted check bytes" errors when
using -T. It was breaking because substr replacement
doesn't work on tainted values. See this p5p thread:
http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/2000-09/msg00799.html
0.63 2001.03.09
- added documentation to pssh (eg/pssh), as well as a -V
option.
- fixed bug where User specified in config file would be
overridden by lack of user in login method.
- return value of buffer->dump method no longer contains
extra space at the end.
0.62 2001.03.08
- fixed test bug with StringThing package by adding FILENO
method. Should fix problem with 5.6 test suite.
- added merge_directive method to Net::SSH::Perl::Config,
and 'options' arg to Net::SSH::Perl constructor.
0.61 2001.03.07
- changed in_leftover implementation and name. The method
is now named incoming_data, and the implementation is
a Net::SSH::Perl::Buffer object.
- changed to using non-blocking sockets. Net::SSH::Perl::Packet
added a read_poll method, which doesn't block; read still
blocks (using select).
- added shell connection functionality, and abstracted out
interactive session code a bit better. Added pty support.
In the future 'shell' could conceivably be used to execute
multiple commands over the same ssh connection.
- added 3DES as fallback cipher if IDEA isn't supported.
- _check_host_in_hostfile now returns HOST_NEW if the hostfile
can't be opened, consistent with how ssh and openssh work.
0.60 2001.03.02
- added compression support, along with Compression and
CompressionLevel config directives, and docs
- added ability to register handlers for specific packet
types read during the client loop
0.53 2001.02.28
- added Net::SSH::Perl::Config; reads ssh config files
and merges constructor options with config options
- updated DESCRIPTION for Net::SSH::Perl
0.52 2001.02.21
- added ability to specify RSA identity files; defaults
to "$ENV{HOME}/.ssh/identity"
- Blowfish cipher will try to use Crypt::Blowfish_PP if
it can't use Crypt::Blowfish
- added lots of POD
- fixed bug where unknown hosts wouldn't be added to
hostfile
- sorted out common sections between Net::SSH::Perl POD
and README
0.51 2001.02.20
- Blowfish support has now been added.
0.50 2001.02.19
- moved my Net::SSH libraries into the Net::SSH::Perl
namespace; hooked up the main Net::SSH interface lib.
- added ssh and issh wrappers around OO methods.
- added configure method to Net::SSH interface; used to
set up connection params when using procedural
interface.
- added RSA authentication.
- ripped out IO::Socket usage, replaced with manual
socket creation and connection so we can try to bind to
ports 1023 down through 512, if the user wants to
connect on a privileged port.
- added Rhosts-RSA and Rhosts authentication, with the
caveat that they only work when running as root
and on a privileged port.
0.03 2001.01.19
- integrated modified CBC and CFB ciphers into distribution;
no more reliance on Crypt::CFB and Crypt::CBC
- improved cipher checking; added list of ciphers supported
by client, based on which cipher drivers can be loaded
- fixed rsa_private_decrypt bug (occurred when session key
int was 255 chars long as hex string, rather than 256).
- Chip Turner, author of Math::GMP, added my patch to his
distribution, thus making installation much easier. Thanks
Chip.
- added cipher support to installation process.
- abstracted the auth plugins into Auth modules; this will
allow the addition of other authentication modules in
the future.
- moved utility routines into Net::SSH::Util.
- changed Net::SSH::Constants to use Exporter.
0.02 2001.01.18
- added DES and 3DES ciphers
- more host key support: adds new host keys to user host key file
- checked for unsupported Net::SSH::Buffer methods in AUTOLOAD
- added example script, eg/cmd.pl
- can now specify cipher via new method
- checks against server's supported cipher list
0.01 2001.01.10
- original version; created by h2xs 1.19