Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#11793 deprecated legacy ciphers for conch #11794

Open
wants to merge 22 commits into
base: trunk
Choose a base branch
from
Open

#11793 deprecated legacy ciphers for conch #11794

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
a37fe97
removed deprecated ciphers
llouislu Jan 5, 2023
c60c952
added a newsfragment
llouislu Jan 5, 2023
b222435
reverted cipher tests
llouislu Jan 5, 2023
5e9af03
rerun ci
llouislu Jan 5, 2023
4fb2060
grouped out and deprecated legacy ciphers
llouislu Jan 5, 2023
cd36e57
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Jan 5, 2023
aeed574
added test case
llouislu Jan 5, 2023
b82d442
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Jan 5, 2023
8f882ec
fixed warning and test
llouislu Jan 6, 2023
cb62b82
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Jan 6, 2023
ebf6343
rerun ci
llouislu Jan 6, 2023
16d10f5
fixed import for flake8
llouislu Jan 6, 2023
3b51bf3
updated documentation
llouislu Jan 6, 2023
d993552
fixed deprecated cipher list
llouislu Jan 6, 2023
32abf9e
fixed unit test
llouislu Jan 6, 2023
ff08b39
fixed unit test for mindeps-withcov-posix
llouislu Jan 6, 2023
3e4b9a5
updated version placeholder
llouislu Jan 10, 2023
2301075
Updated test case name
llouislu Jan 10, 2023
ca8eacc
added comment to deprecation test
llouislu Jan 10, 2023
efc0e42
updated newsfragment
llouislu Jan 10, 2023
2b627a4
updated to private APIs
llouislu Jan 10, 2023
945b76f
updated test case
llouislu Jan 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/conch/man/conch.1
View file
Open in desktop
Expand Up @@ -108,7 +108,7 @@ Enable compression.
.It Fl c Ar cipher_spec
Selects encryption algorithms to be used for this connection, as a comma-separated list of ciphers in order of preference. The list that
.Nm
supports is (in order of default preference): aes256-ctr, aes256-cbc, aes192-ctr, aes192-cbc, aes128-ctr, aes128-cbc, cast128-ctr, cast128-cbc, blowfish-ctr, blowfish, idea-ctr, idea-cbc, 3des-ctr, 3des-cbc.
supports is (in order of default preference): aes256-ctr, aes256-cbc, aes192-ctr, aes192-cbc, aes128-ctr, aes128-cbc, 3des-ctr, 3des-cbc.
.It Fl e Ar ch | ^ch | none
Sets the escape character for sessions with a PTY (default:
.Ql ~ ) .
Expand Down
8 changes: 0 additions & 8 deletions src/twisted/conch/ssh/transport.py
View file
Open in desktop
Expand Up @@ -94,17 +94,13 @@ class SSHCiphers:

cipherMap = {
b"3des-cbc": (algorithms.TripleDES, 24, modes.CBC),
b"blowfish-cbc": (algorithms.Blowfish, 16, modes.CBC),
llouislu marked this conversation as resolved.
Show resolved Hide resolved
b"aes256-cbc": (algorithms.AES, 32, modes.CBC),
b"aes192-cbc": (algorithms.AES, 24, modes.CBC),
b"aes128-cbc": (algorithms.AES, 16, modes.CBC),
b"cast128-cbc": (algorithms.CAST5, 16, modes.CBC),
b"aes128-ctr": (algorithms.AES, 16, modes.CTR),
b"aes192-ctr": (algorithms.AES, 24, modes.CTR),
b"aes256-ctr": (algorithms.AES, 32, modes.CTR),
b"3des-ctr": (algorithms.TripleDES, 24, modes.CTR),
b"blowfish-ctr": (algorithms.Blowfish, 16, modes.CTR),
b"cast128-ctr": (algorithms.CAST5, 16, modes.CTR),
b"none": (None, 0, modes.CBC),
}
macMap = {
Expand Down Expand Up @@ -284,10 +280,6 @@ def _getSupportedCiphers():
b"aes192-cbc",
b"aes128-ctr",
b"aes128-cbc",
b"cast128-ctr",
llouislu marked this conversation as resolved.
Show resolved Hide resolved
b"cast128-cbc",
b"blowfish-ctr",
b"blowfish-cbc",
b"3des-ctr",
b"3des-cbc",
]
Expand Down
1 change: 1 addition & 0 deletions src/twisted/newsfragments/11793.removal
View file
Open in desktop
@@ -0,0 +1 @@
Twisted Conch has removed and no longer supports legacy ciphers (CAST5, SEED, IDEA, Blowfish) as the upstream library "cryptography" has deprecated them since version 37.