pijul/thrussh - Change 5POTCWP5BFLZA7Z4KMTXMK44FGG7M3BEBKAO5GNCXMTKZCMDJDYAC

Refactoring

Created by pmeunier on September 12, 2025

5POTCWP5BFLZA7Z4KMTXMK44FGG7M3BEBKAO5GNCXMTKZCMDJDYAC

Dependencies

In channels

main

Change contents

Replacement in thrussh/src/negotiation.rs at line 56 [3.268386]

B:BD[3.270058] → [3.270058:270075]

B:BD[4.4473] → [4.4473:4617]

impl Preferred {
    pub fn compressed(self) -> Self {
        Self {
            compression: &["zlib", "zlib@openssh.com"],
            ..self
        }
    }

[3.270058]

[4.4617]

macro_rules! mac {
    () => {{ &[mac::hmac_sha256::NAME, mac::Name("none")] }};
}

Replacement in thrussh/src/negotiation.rs at line 60 [3.268386]

∅:D[4.4618] → [5.15271:15326]

B:BD[3.270075] → [5.15271:15326]

B:BD[5.15326] → [6.136:190]

B:BD[6.190] → [7.214:239]

∅:D[7.239] → [6.190:254]

B:BD[6.190] → [6.190:254]

    #[cfg(all(feature = "openssl", feature = "p256"))]
    pub const DEFAULT_SERVER: Preferred = Preferred {
        is_server: true,
        kex: &[kex::CURVE25519, kex::STRICT_S],
        key: &[

[4.4618]

[6.254]

#[cfg(all(feature = "openssl", feature = "p256"))]
macro_rules! key {
    () => {
        &[

Replacement in thrussh/src/negotiation.rs at line 68 [3.268386]

B:BD[6.380] → [6.380:391]

B:BD[6.391] → [8.0:77]

B:BD[8.77] → [2.1620:1655]

∅:D[2.1655] → [6.466:526]

B:BD[6.466] → [6.466:526]

        ],
        cipher: &[cipher::chacha20poly1305::NAME, cipher::aes256_gcm::NAME],
        mac: &[mac::Name("none")],
        compression: &["none", "zlib", "zlib@openssh.com"],

[6.380]

[6.526]

Replacement in thrussh/src/negotiation.rs at line 70 [3.268386]

B:BD[6.533] → [6.533:642]

B:BD[6.642] → [7.240:266]

∅:D[7.266] → [6.642:690]

B:BD[6.642] → [6.642:690]

∅:D[6.690] → [5.15406:15559]

∅:D[9.1101] → [5.15406:15559]

B:BD[5.15406] → [5.15406:15559]

B:BD[5.15559] → [8.78:155]

B:BD[8.155] → [2.1656:1715]

∅:D[2.1715] → [5.15634:15694]

B:BD[5.15634] → [5.15634:15694]

    #[cfg(all(feature = "openssl", feature = "p256"))]
    pub const DEFAULT_CLIENT: Preferred = Preferred {
        is_server: false,
        kex: &[kex::CURVE25519, kex::STRICT_C],
        key: &[
            key::ED25519,
            key::ECDSA_SHA2_NISTP256,
            key::RSA_SHA2_256,
            key::RSA_SHA2_512,
        ],
        cipher: &[cipher::chacha20poly1305::NAME, cipher::aes256_gcm::NAME],
        mac: &[mac::hmac_sha256::NAME, mac::Name("none")],
        compression: &["none", "zlib", "zlib@openssh.com"],

[6.533]

[5.15694]

}
#[cfg(all(feature = "openssl", not(feature = "p256")))]
macro_rules! key {
    () => {
        &[key::ED25519, key::RSA_SHA2_256, key::RSA_SHA2_512]

Insertion in thrussh/src/negotiation.rs at line 77 [3.268386]
[5.15701]
[5.15701]
```
}
```

Replacement in thrussh/src/negotiation.rs at line 79 [3.268386]

B:BD[5.15702] → [5.15702:15762]

B:BD[5.15762] → [6.691:745]

B:BD[6.745] → [7.267:292]

∅:D[7.292] → [6.745:900]

B:BD[6.745] → [6.745:900]

B:BD[6.900] → [2.1716:1751]

∅:D[2.1751] → [6.924:984]

B:BD[6.924] → [6.924:984]

    #[cfg(all(not(feature = "openssl"), feature = "p256"))]
    pub const DEFAULT_SERVER: Preferred = Preferred {
        is_server: true,
        kex: &[kex::CURVE25519, kex::STRICT_S],
        key: &[key::ED25519, key::ECDSA_SHA2_NISTP256],
        cipher: &[cipher::chacha20poly1305::NAME],
        mac: &[mac::Name("none")],
        compression: &["none", "zlib", "zlib@openssh.com"],

[5.15702]

[6.984]

#[cfg(all(not(feature = "openssl"), feature = "p256"))]
macro_rules! key {
    () => {
        &[key::ED25519, key::ECDSA_SHA2_NISTP256]

Insertion in thrussh/src/negotiation.rs at line 84 [3.268386]
[6.991]
[6.991]
```
}
```

Replacement in thrussh/src/negotiation.rs at line 86 [3.268386]

B:BD[6.992] → [6.992:1106]

B:BD[6.1106] → [7.293:319]

∅:D[7.319] → [6.1106:1154]

B:BD[6.1106] → [6.1106:1154]

∅:D[9.1148] → [5.15842:15949]

∅:D[6.1154] → [5.15842:15949]

B:BD[5.15842] → [5.15842:15949]

B:BD[5.15949] → [2.1752:1787]

∅:D[2.1787] → [5.15973:16033]

B:BD[5.15973] → [5.15973:16033]

    #[cfg(all(not(feature = "openssl"), feature = "p256"))]
    pub const DEFAULT_CLIENT: Preferred = Preferred {
        is_server: false,
        kex: &[kex::CURVE25519, kex::STRICT_C],
        key: &[key::ED25519, key::ECDSA_SHA2_NISTP256],
        cipher: &[cipher::chacha20poly1305::NAME],
        mac: &[mac::Name("none")],
        compression: &["none", "zlib", "zlib@openssh.com"],

[6.992]

[5.16033]

#[cfg(all(not(feature = "openssl"), not(feature = "p256")))]
macro_rules! key {
    () => {
        &[key::ED25519]

Insertion in thrussh/src/negotiation.rs at line 91 [3.268386]
[5.16040]
[5.16040]
```
}
```

Replacement in thrussh/src/negotiation.rs at line 93 [3.268386]

B:BD[5.16041] → [5.16041:16101]

B:BD[5.16101] → [6.1155:1209]

B:BD[6.1209] → [7.320:345]

∅:D[7.345] → [6.1209:1325]

B:BD[6.1209] → [6.1209:1325]

B:BD[6.1325] → [8.156:233]

B:BD[8.233] → [2.1788:1847]

∅:D[2.1847] → [6.1400:1460]

B:BD[6.1400] → [6.1400:1460]

    #[cfg(all(feature = "openssl", not(feature = "p256")))]
    pub const DEFAULT_SERVER: Preferred = Preferred {
        is_server: true,
        kex: &[kex::CURVE25519, kex::STRICT_S],
        key: &[key::ED25519, key::RSA_SHA2_256, key::RSA_SHA2_512],
        cipher: &[cipher::chacha20poly1305::NAME, cipher::aes256_gcm::NAME],
        mac: &[mac::hmac_sha256::NAME, mac::Name("none")],
        compression: &["none", "zlib", "zlib@openssh.com"],

[5.16041]

[6.1460]

#[cfg(feature = "openssl")]
macro_rules! cipher {
    () => {
        &[
            cipher::chacha20poly1305::NAME,
            cipher::aes256_gcm::NAME,
            cipher::aes256_ctr::NAME,
        ]

Insertion in thrussh/src/negotiation.rs at line 102 [3.268386]
[6.1467]
[6.1467]
```
}
```

Replacement in thrussh/src/negotiation.rs at line 104 [3.268386]

B:BD[6.1468] → [6.1468:1582]

B:BD[6.1582] → [7.346:372]

∅:D[7.372] → [6.1582:1630]

B:BD[6.1582] → [6.1582:1630]

∅:D[9.1195] → [3.270155:270223]

∅:D[6.1630] → [3.270155:270223]

B:BD[3.270155] → [3.270155:270223]

B:BD[3.270223] → [8.234:311]

B:BD[8.311] → [2.1848:1907]

∅:D[2.1907] → [10.108:168]

B:BD[10.108] → [10.108:168]

    #[cfg(all(feature = "openssl", not(feature = "p256")))]
    pub const DEFAULT_CLIENT: Preferred = Preferred {
        is_server: false,
        kex: &[kex::CURVE25519, kex::STRICT_C],
        key: &[key::ED25519, key::RSA_SHA2_256, key::RSA_SHA2_512],
        cipher: &[cipher::chacha20poly1305::NAME, cipher::aes256_gcm::NAME],
        mac: &[mac::hmac_sha256::NAME, mac::Name("none")],
        compression: &["none", "zlib", "zlib@openssh.com"],

[6.1468]

[10.168]

#[cfg(not(feature = "openssl"))]
macro_rules! cipher {
    () => {
        &[cipher::chacha20poly1305::NAME]

Insertion in thrussh/src/negotiation.rs at line 109 [3.268386]
[10.175]
[10.175]
```
}
```

Replacement in thrussh/src/negotiation.rs at line 111 [3.268386]

B:BD[10.176] → [5.16102:16167]

    #[cfg(all(not(feature = "openssl"), not(feature = "p256")))]

[10.176]

[6.1631]

impl Preferred {
    pub fn compressed(self) -> Self {
        Self {
            compression: &["zlib", "zlib@openssh.com"],
            ..self
        }
    }

Replacement in thrussh/src/negotiation.rs at line 122 [3.268386]
∅:D[9.1242] → [10.293:323]
∅:D[6.1733] → [10.293:323]
B:BD[10.293] → [10.293:323]
∅:D[10.323] → [3.270223:270274]
B:BD[3.270223] → [3.270223:270274]
B:BD[3.270274] → [2.1908:1943]
```
        key: &[key::ED25519],
        cipher: &[cipher::chacha20poly1305::NAME],
        mac: &[mac::Name("none")],
```
[6.1733]
[3.270298]
```
        key: key!(),
        cipher: cipher!(),
        mac: mac!(),
```
Deletion in thrussh/src/negotiation.rs at line 128 [3.268386]
B:BD[3.270366] → [6.1734:1799]
```
    #[cfg(all(not(feature = "openssl"), not(feature = "p256")))]
```

Replacement in thrussh/src/negotiation.rs at line 129 [3.268386]

B:BD[6.1853] → [7.399:425]

∅:D[7.425] → [6.1853:1931]

B:BD[6.1853] → [6.1853:1931]

∅:D[6.1931] → [3.270517:270568]

∅:D[5.16321] → [3.270517:270568]

B:BD[3.270517] → [3.270517:270568]

B:BD[3.270568] → [2.1944:1979]

        is_server: false,
        kex: &[kex::CURVE25519, kex::STRICT_C],
        key: &[key::ED25519],
        cipher: &[cipher::chacha20poly1305::NAME],
        mac: &[mac::Name("none")],

[6.1853]

[6.1932]

        is_server: true,
        kex: &[kex::CURVE25519, kex::STRICT_S],
        key: key!(),
        cipher: cipher!(),
        mac: mac!(),

Insertion in thrussh/src/mac/mod.rs at line 76 [2.2445]
[2.4751]
[2.4751]
```
        debug!("out {:?} h {:?}", out, h);
```
Deletion in thrussh/src/cipher/mod.rs at line 18 [3.409086]
∅:D[4.9376] → [3.409737:409776]
B:BD[3.409737] → [3.409737:409776]
```
use byteorder::{BigEndian, ByteOrder};
```

Replacement in thrussh/src/cipher/mod.rs at line 104 [3.409086]

B:BD[3.411340] → [3.411340:411433]

    fn decrypt_packet_length(&self, seqn: u32, encrypted_packet_length: [u8; 4]) -> [u8; 4];

[3.411340]

[3.411433]

    fn length_block_size(&self) -> usize;
    fn decrypt_packet_length(&self, seqn: u32, encrypted_packet_length: &[u8]) -> u32;

Insertion in thrussh/src/cipher/mod.rs at line 127 [3.409086]
[3.411887]
[3.411887]
```
const MAX_BLOCK_SIZE: usize = 16;
```

Replacement in thrussh/src/cipher/mod.rs at line 134 [3.409086]

∅:D[11.23216] → [12.50:149]

B:BD[3.412048] → [12.50:149]

    if buffer.len == 0 {
        let mut len = [0; 4];
        stream.read_exact(&mut len).await?;

[11.23216]

[12.149]

    let len_block_size = if buffer.len == 0 {
        let mut len = [0; MAX_BLOCK_SIZE];
        let len = {
            let key = pair.remote_to_local.as_opening_key();
            &mut len[..key.length_block_size()]
        };
        stream.read_exact(len).await?;

Replacement in thrussh/src/cipher/mod.rs at line 149 [3.409086]

B:BD[12.487] → [12.487:564]

            buffer.len = BigEndian::read_u32(&len) as usize + key.tag_len();

[12.487]

[12.564]

            buffer.len = len as usize + key.tag_len();

Insertion in thrussh/src/cipher/mod.rs at line 151 [3.409086]
[12.625]
[12.625]
```
            key.length_block_size()
```
Replacement in thrussh/src/cipher/mod.rs at line 153 [3.409086]
∅:D[12.635] → [3.412515:412521]
B:BD[3.412515] → [3.412515:412521]
```
    }
```
[12.635]
[12.636]
```
    } else {
        0
    };
```
Replacement in thrussh/src/cipher/mod.rs at line 158 [3.409086]
∅:D[12.725] → [3.412521:412576]
B:BD[3.412521] → [3.412521:412576]
```
    stream.read_exact(&mut buffer.buffer[4..]).await?;
```
[12.725]
[12.726]
```
    stream.read_exact(&mut buffer.buffer[len_block_size..]).await?;
```
Insertion in thrussh/src/cipher/clear.rs at line 17 [3.414933]
[3.415552]
[3.415552]
```
use byteorder::{BigEndian, ByteOrder};
```

Replacement in thrussh/src/cipher/clear.rs at line 23 [3.414933]

B:BD[3.415620] → [3.415620:415727]

    fn decrypt_packet_length(&self, _seqn: u32, packet_length: [u8; 4]) -> [u8; 4] {
        packet_length

[3.415620]

[3.415727]

    fn length_block_size(&self) -> usize {
        4
    }
    fn decrypt_packet_length(&self, _seqn: u32, packet_length: &[u8]) -> u32 {
        BigEndian::read_u32(packet_length)

Insertion in thrussh/src/cipher/chacha20poly1305.rs at line 67 [3.417020]
[3.418984]
[3.418984]
```
    fn length_block_size(&self) -> usize {
        4
    }
```

Replacement in thrussh/src/cipher/chacha20poly1305.rs at line 74 [3.417020]

B:BD[3.419059] → [3.419059:419124]

        mut encrypted_packet_length: [u8; 4],
    ) -> [u8; 4] {

[3.419059]

[3.419124]

        encrypted_packet_length: &[u8],
    ) -> u32 {
        let mut out = [0; 4];
        out.clone_from_slice(encrypted_packet_length);

Replacement in thrussh/src/cipher/chacha20poly1305.rs at line 79 [3.417020]

B:BD[3.419175] → [3.419175:419277]

        chacha20_xor(&mut encrypted_packet_length, &nonce, &self.k1);
        encrypted_packet_length

[3.419175]

[3.419277]

        chacha20_xor(&mut out, &nonce, &self.k1);
        BigEndian::read_u32(&out)

Insertion in thrussh/src/cipher/aes256_gcm.rs at line 65 [8.3954]
[8.5790]
[8.5790]
```
    fn length_block_size(&self) -> usize {
        4
    }
```

Replacement in thrussh/src/cipher/aes256_gcm.rs at line 71 [8.3954]

B:BD[8.5866] → [8.5866:5959]

        encrypted_packet_length: [u8; 4],
    ) -> [u8; 4] {
        encrypted_packet_length

[8.5866]

[8.5959]

        encrypted_packet_length: &[u8],
    ) -> u32 {
        BigEndian::read_u32(&encrypted_packet_length[..4])

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 4 [2.12153]
[2.12229]
[2.12229]
```
use byteorder::{BigEndian, ByteOrder};
```
Insertion in thrussh/src/cipher/aes256_ctr.rs at line 12 [2.12153]
[2.12401]
[2.12401]
```
    length: Mutex<[u8; 16]>,
```
Insertion in thrussh/src/cipher/aes256_ctr.rs at line 36 [2.12153]
[2.13013]
[2.13013]
```
        length: Mutex::new([0; 16]),
```
Insertion in thrussh/src/cipher/aes256_ctr.rs at line 53 [2.12153]
[2.13477]
[2.13477]
```
        length: Mutex::new([0; 16]),
```
Insertion in thrussh/src/cipher/aes256_ctr.rs at line 89 [2.12153]
[2.14680]
[2.14680]
```
    fn length_block_size(&self) -> usize { 16 }
```

Replacement in thrussh/src/cipher/aes256_ctr.rs at line 93 [2.12153]

B:BD[2.14756] → [2.14756:14847]

        encrypted_packet_length: [u8; 4],
    ) -> [u8; 4] {
        let mut out = [0; 4];

[2.14756]

[2.14847]

        encrypted_packet_length: &[u8],
    ) -> u32 {
        let mut out = self.length.lock().unwrap();

Replacement in thrussh/src/cipher/aes256_ctr.rs at line 97 [2.12153]

B:BD[2.14903] → [2.14903:14984]

        let count = crypter.update(&encrypted_packet_length, &mut out).unwrap();

[2.14903]

[2.14984]

        let count = crypter.update(&encrypted_packet_length, &mut out[..]).unwrap();

Replacement in thrussh/src/cipher/aes256_ctr.rs at line 99 [2.12153]
B:BD[2.15038] → [2.15038:15050]
```
        out
```
[2.15038]
[2.15050]
```
        debug!("packet length {:?}", out);
        BigEndian::read_u32(&out[..4])
```
Insertion in thrussh/src/cipher/aes256_ctr.rs at line 113 [2.12153]
[2.15275]
[2.15275]
```
        debug!("payload = {:?}", payload);
```

Replacement in thrussh/src/cipher/aes256_ctr.rs at line 118 [2.12153]

B:BD[2.15464] → [2.15464:15523]

        let count = c.update(&payload, &mut out).unwrap();

[2.15464]

[2.15523]

        (&mut out[..16]).clone_from_slice(&self.length.lock().unwrap()[..]);
        let count = c.update(&payload[16..], &mut out[16..]).unwrap();

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 122 [2.12153]

[2.15572]

        debug!("out = {:?}", &out[..]);
        debug!("tag = {:?}", tag);

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 125 [2.12153]
[2.15630]
[2.15630]
```
            error!("WRONG MAC");
```
Insertion in thrussh/src/cipher/aes256_ctr.rs at line 128 [2.12153]
[2.15688]
[2.15688]

Refactoring

Dependencies

In channels

Change contents

Replacement in thrussh/src/negotiation.rs at line 56 [3.268386]

Replacement in thrussh/src/negotiation.rs at line 60 [3.268386]

Replacement in thrussh/src/negotiation.rs at line 68 [3.268386]

Replacement in thrussh/src/negotiation.rs at line 70 [3.268386]

Insertion in thrussh/src/negotiation.rs at line 77 [3.268386]

Replacement in thrussh/src/negotiation.rs at line 79 [3.268386]

Insertion in thrussh/src/negotiation.rs at line 84 [3.268386]

Replacement in thrussh/src/negotiation.rs at line 86 [3.268386]

Insertion in thrussh/src/negotiation.rs at line 91 [3.268386]

Replacement in thrussh/src/negotiation.rs at line 93 [3.268386]

Insertion in thrussh/src/negotiation.rs at line 102 [3.268386]

Replacement in thrussh/src/negotiation.rs at line 104 [3.268386]

Insertion in thrussh/src/negotiation.rs at line 109 [3.268386]

Replacement in thrussh/src/negotiation.rs at line 111 [3.268386]

Replacement in thrussh/src/negotiation.rs at line 122 [3.268386]

Deletion in thrussh/src/negotiation.rs at line 128 [3.268386]

Replacement in thrussh/src/negotiation.rs at line 129 [3.268386]

Insertion in thrussh/src/mac/mod.rs at line 76 [2.2445]

Deletion in thrussh/src/cipher/mod.rs at line 18 [3.409086]

Replacement in thrussh/src/cipher/mod.rs at line 104 [3.409086]

Insertion in thrussh/src/cipher/mod.rs at line 127 [3.409086]

Replacement in thrussh/src/cipher/mod.rs at line 134 [3.409086]

Replacement in thrussh/src/cipher/mod.rs at line 149 [3.409086]

Insertion in thrussh/src/cipher/mod.rs at line 151 [3.409086]

Replacement in thrussh/src/cipher/mod.rs at line 153 [3.409086]

Replacement in thrussh/src/cipher/mod.rs at line 158 [3.409086]

Insertion in thrussh/src/cipher/clear.rs at line 17 [3.414933]

Replacement in thrussh/src/cipher/clear.rs at line 23 [3.414933]

Insertion in thrussh/src/cipher/chacha20poly1305.rs at line 67 [3.417020]

Replacement in thrussh/src/cipher/chacha20poly1305.rs at line 74 [3.417020]

Replacement in thrussh/src/cipher/chacha20poly1305.rs at line 79 [3.417020]

Insertion in thrussh/src/cipher/aes256_gcm.rs at line 65 [8.3954]

Replacement in thrussh/src/cipher/aes256_gcm.rs at line 71 [8.3954]

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 4 [2.12153]

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 12 [2.12153]

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 36 [2.12153]

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 53 [2.12153]

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 89 [2.12153]

Replacement in thrussh/src/cipher/aes256_ctr.rs at line 93 [2.12153]

Replacement in thrussh/src/cipher/aes256_ctr.rs at line 97 [2.12153]

Replacement in thrussh/src/cipher/aes256_ctr.rs at line 99 [2.12153]

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 113 [2.12153]

Replacement in thrussh/src/cipher/aes256_ctr.rs at line 118 [2.12153]

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 122 [2.12153]

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 125 [2.12153]

Insertion in thrussh/src/cipher/aes256_ctr.rs at line 128 [2.12153]