Merge branch 'develop' into aesgcm-netframework

Author: scott-xu

.editorconfig

@@ -456,22 +456,22 @@ dotnet_diagnostic.SA1601.severity = none
 # SA1648: <inheritdoc> must be used with inheriting class
 #
 # This rule is disabled by default, hence we need to explicitly enable it.
-dotnet_diagnostic.SA1648.severity = error
+dotnet_diagnostic.SA1648.severity = warning
 
 # SX1101: Do not prefix local members with 'this.'
 #
 # This rule is disabled by default, hence we need to explicitly enable it.
-dotnet_diagnostic.SX1101.severity = error
+dotnet_diagnostic.SX1101.severity = warning
 
 # SX1309: Field names must begin with underscore
 #
 # This rule is disabled by default, hence we need to explicitly enable it.
-dotnet_diagnostic.SX1309.severity = error
+dotnet_diagnostic.SX1309.severity = warning
 
 # SX1309S: Static field names must begin with underscore
 #
 # This rule is disabled by default, hence we need to explicitly enable it.
-dotnet_diagnostic.SX1309S.severity = error
+dotnet_diagnostic.SX1309S.severity = warning
 
 #### Meziantou.Analyzer rules ####
 
@@ -608,7 +608,7 @@ MA0053.class_with_virtual_member_shoud_be_sealed = true
 # MA0112: Use 'Count > 0' instead of 'Any()'
 #
 # This rule is disabled by default, hence we need to explicitly enable it.
-dotnet_diagnostic.MA0112.severity = error
+dotnet_diagnostic.MA0112.severity = warning
 
 # MA0165: Make interpolated string
 dotnet_diagnostic.MA0165.severity = none
@@ -646,7 +646,7 @@ dotnet_diagnostic.CA1008.severity = none
 #
 # Even when enabled, this diagnostic does not appear to be reported for assemblies without CLSCompliantAttribute.
 # We reported this issue as https://github.com/dotnet/roslyn-analyzers/issues/6563.
-dotnet_diagnostic.CA1014.severity = error
+dotnet_diagnostic.CA1014.severity = warning
 
 # CA1051: Do not declare visible instance fields
 # https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca1051
@@ -1003,19 +1003,19 @@ dotnet_naming_rule.non_field_members_should_be_pascal_case.style = pascal_case
 
 dotnet_naming_rule.private_fields_camel_case_begins_with_underscore.symbols = private_fields
 dotnet_naming_rule.private_fields_camel_case_begins_with_underscore.style = camel_case_begins_with_underscore
-dotnet_naming_rule.private_fields_camel_case_begins_with_underscore.severity = error
+dotnet_naming_rule.private_fields_camel_case_begins_with_underscore.severity = warning
 
 dotnet_naming_rule.private_static_fields_camel_case_begins_with_underscore.symbols = private_static_fields
 dotnet_naming_rule.private_static_fields_camel_case_begins_with_underscore.style = camel_case_begins_with_underscore
-dotnet_naming_rule.private_static_fields_camel_case_begins_with_underscore.severity = error
+dotnet_naming_rule.private_static_fields_camel_case_begins_with_underscore.severity = warning
 
 dotnet_naming_rule.private_static_readonly_fields_pascal_case.symbols = private_static_readonly_fields
 dotnet_naming_rule.private_static_readonly_fields_pascal_case.style = pascal_case
-dotnet_naming_rule.private_static_readonly_fields_pascal_case.severity = error
+dotnet_naming_rule.private_static_readonly_fields_pascal_case.severity = warning
 
 dotnet_naming_rule.private_const_fields_pascal_case.symbols = private_const_fields
 dotnet_naming_rule.private_const_fields_pascal_case.style = pascal_case
-dotnet_naming_rule.private_const_fields_pascal_case.severity = error
+dotnet_naming_rule.private_const_fields_pascal_case.severity = warning
 
 # Symbol specifications
 
@@ -1067,7 +1067,7 @@ dotnet_naming_style.camel_case_begins_with_underscore.capitalization = camel_cas
 #### .NET Compiler Platform general options ####
 
 # Change the default rule severity for all analyzer rules that are enabled by default
-dotnet_analyzer_diagnostic.severity = error
+dotnet_analyzer_diagnostic.severity = warning
 
 #### .NET Compiler Platform code refactoring rules ####
 

.github/workflows/build.yml

@@ -16,8 +16,6 @@ jobs:
 
     - name: Setup .NET
       uses: actions/setup-dotnet@v4
-      with:
-        dotnet-version: 9.0.x
 
     - name: Build Unit Tests .NET
       run: dotnet build -f net9.0 test/Renci.SshNet.Tests/
@@ -65,8 +63,6 @@ jobs:
 
     - name: Setup .NET
       uses: actions/setup-dotnet@v4
-      with:
-        dotnet-version: 9.0.x
 
     - name: Build Solution
       run: dotnet build Renci.SshNet.sln
@@ -118,11 +114,9 @@ jobs:
 
     - name: Setup .NET
       uses: actions/setup-dotnet@v4
-      with:
-        dotnet-version: 9.0.x
 
     - name: Setup WSL2
-      uses: Vampire/setup-wsl@v5
+      uses: Vampire/setup-wsl@f40fb59d850112c9a292b0218bca8271305b9127 # v5.0.0
       with:
         distribution: Ubuntu-24.04
 

.github/workflows/docs.yml

@@ -27,10 +27,8 @@ jobs:
       - name: Setup Pages
         uses: actions/configure-pages@v5
 
-      - name: Setup .NET 8.0
+      - name: Setup .NET
         uses: actions/setup-dotnet@v4
-        with:
-          dotnet-version: 8.x
 
       - name: Setup docfx
         run: dotnet tool update -g docfx

CONTRIBUTING.md

@@ -41,3 +41,11 @@ The tests always log to the console. See the [Logging documentation](https://ssh
 ### Wireshark
 
 Wireshark is able to dissect initial connection packets, such as key exchange, before encryption happens. Enter "ssh" as the display filter. See https://wiki.wireshark.org/SSH.md for more information.
+
+The Debug build of SSH.NET has helpers to also allow dissection of the encrypted traffic by dumping the session keys in a format that Wireshark understands. Set a value for `SshNetLoggingConfiguration.WiresharkKeyLogFilePath` before connecting, and supply the same value to Wireshark in Edit -> Preferences -> Protocols -> SSH -> "Key log filename".
+
+```c#
+using Renci.SshNet;
+
+SshNetLoggingConfiguration.WiresharkKeyLogFilePath = @"C:\tmp\sshkeylogfile.txt";
+```

Directory.Build.props

@@ -9,8 +9,12 @@
     <SignAssembly>true</SignAssembly>
     <AssemblyOriginatorKeyFile>$(MSBuildThisFileDirectory)Renci.SshNet.snk</AssemblyOriginatorKeyFile>
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
+    <EnablePackageValidation>true</EnablePackageValidation>
     <LangVersion>latest</LangVersion>
     <WarningLevel>9999</WarningLevel>
+  </PropertyGroup>
+
+  <PropertyGroup Condition="'$(Configuration)' == 'Release' Or '$(CI)' != ''">
     <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
   </PropertyGroup>
 

Directory.Packages.props

@@ -8,22 +8,14 @@
     <PackageVersion Include="BouncyCastle.Cryptography" Version="2.5.1" />
     <PackageVersion Include="coverlet.collector" Version="6.0.4" />
     <PackageVersion Include="coverlet.msbuild" Version="6.0.4" />
-    <PackageVersion Include="GitHubActionsTestLogger" Version="2.4.1">
-      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-      <PrivateAssets>all</PrivateAssets>
-    </PackageVersion>
+    <PackageVersion Include="GitHubActionsTestLogger" Version="2.4.1" />
     <PackageVersion Include="Meziantou.Analyzer" Version="2.0.188" />
-    
-    <!-- Must be kept at version 1.0.0, see https://github.com/sshnet/SSH.NET/pull/1288 for details. -->
-    <PackageVersion Include="Microsoft.Bcl.AsyncInterfaces" Version="1.0.0" />
-    <PackageVersion Include="Microsoft.Bcl.Cryptography" Version="10.0.0-preview.3.25171.5" />
 
-    <!-- No reason to require later than 6.0.0 at this time. -->
-    <PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="6.0.0" />
-    <PackageVersion Include="Microsoft.Extensions.Logging.Console" Version="9.0.2" />
-    <PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.13.0" />
-    <PackageVersion Include="MSTest.TestAdapter" Version="3.8.2" />
-    <PackageVersion Include="MSTest.TestFramework" Version="3.8.2" />
+    <!-- Should stay on LTS .NET releases. -->
+    <PackageVersion Include="Microsoft.Bcl.Cryptography" Version="10.0.0-preview.3.25171.5" />
+    <PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.3" />
+    <PackageVersion Include="Microsoft.Extensions.Logging.Console" Version="9.0.3" />
+    <PackageVersion Include="MSTest" Version="3.8.3" />
     <PackageVersion Include="Moq" Version="4.20.72" />
     <PackageVersion Include="Nerdbank.GitVersioning" Version="3.7.115" />
     <PackageVersion Include="PolySharp" Version="1.15.0" />

README.md

@@ -8,12 +8,12 @@ SSH.NET is a Secure Shell (SSH-2) library for .NET, optimized for parallelism.
 
 ## Key Features
 
-* Execution of SSH command using both synchronous and asynchronous methods
+* Execution of SSH commands using both synchronous and asynchronous methods
 * SFTP functionality for both synchronous and asynchronous operations
 * SCP functionality
-* Remote, dynamic and local port forwarding 
+* Remote, dynamic and local port forwarding
 * Interactive shell/terminal implementation
-* Authentication via publickey, password and keyboard-interactive methods, including multi-factor
+* Authentication via public key, password and keyboard-interactive methods, including multi-factor
 * Connection via SOCKS4, SOCKS5 or HTTP proxy
 
 ## How to Use
@@ -52,12 +52,12 @@ using (var client = new SftpClient("sftp.foo.com", "guest", "pwd"))
 
 The main types provided by this library are:
 
-* Renci.SshNet.SshClient
-* Renci.SshNet.SftpClient
-* Renci.SshNet.ScpClient
-* Renci.SshNet.PrivateKeyFile
-* Renci.SshNet.SshCommand
-* Renci.SshNet.ShellStream
+* [Renci.SshNet.SshClient](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.SshClient.html)
+* [Renci.SshNet.SftpClient](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.SftpClient.html)
+* [Renci.SshNet.PrivateKeyFile](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.PrivateKeyFile.html)
+* [Renci.SshNet.SshCommand](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.SshCommand.html)
+* [Renci.SshNet.ForwardedPort](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.ForwardedPort.html)
+* [Renci.SshNet.ShellStream](https://sshnet.github.io/SSH.NET/api/Renci.SshNet.ShellStream.html)
 
 ## Additional Documentation
 
@@ -106,11 +106,6 @@ The main types provided by this library are:
   * ssh.com format ("BEGIN SSH2 ENCRYPTED PRIVATE KEY")
   * OpenSSH key format ("BEGIN OPENSSH PRIVATE KEY")
   * PuTTY private key format ("PuTTY-User-Key-File-2", "PuTTY-User-Key-File-3")
-* DSA in
-  * OpenSSL traditional PEM format ("BEGIN DSA PRIVATE KEY")
-  * OpenSSL PKCS#8 PEM format ("BEGIN PRIVATE KEY", "BEGIN ENCRYPTED PRIVATE KEY")
-  * ssh.com format ("BEGIN SSH2 ENCRYPTED PRIVATE KEY")
-  * PuTTY private key format ("PuTTY-User-Key-File-2", "PuTTY-User-Key-File-3")
 * ECDSA 256/384/521 in
   * OpenSSL traditional PEM format ("BEGIN EC PRIVATE KEY")
   * OpenSSL PKCS#8 PEM format ("BEGIN PRIVATE KEY", "BEGIN ENCRYPTED PRIVATE KEY")
@@ -158,7 +153,8 @@ Private keys in PuTTY private key format can be encrypted using the following ci
 * rsa-sha2-512
 * rsa-sha2-256
 * ssh-rsa
-* ssh-dss
+
+OpenSSH certificate authentication is supported for all of the above, e.g. ssh-ed25519-cert-v01<span></span>@openssh.com.
 
 ## Message Authentication Code
 
@@ -187,17 +183,17 @@ Private keys in PuTTY private key format can be encrypted using the following ci
 
 The library has no special requirements to build, other than an up-to-date .NET SDK. See also [CONTRIBUTING.md](https://github.com/sshnet/SSH.NET/blob/develop/CONTRIBUTING.md).
 
-## Using Pre-Release NuGet Package
+## Using Pre-Release NuGet Packages
 
-If you need an unreleased bugfix or feature, you can use the Pre-Release NuGet packages from the `develop` branch which are published to the [GitHub NuGet Registry](https://github.com/sshnet/SSH.NET/pkgs/nuget/SSH.NET).
-In order to pull packages from the registry you first have to create a Personal Access Token with the `read:packages` permissions. Then add a NuGet Source for SSH.NET:
-
-Note: you may have to add `--store-password-in-clear-text` on non-Windows platforms.
+Pre-release NuGet packages are published from the `develop` branch to the [GitHub NuGet Registry](https://github.com/sshnet/SSH.NET/pkgs/nuget/SSH.NET).
+In order to pull packages from the registry, create a Personal Access Token with the `read:packages` permissions. Then add a package source for SSH.NET:
 
 ```
 dotnet nuget add source --name SSH.NET --username <username> --password <personalaccesstoken> https://nuget.pkg.github.com/sshnet/index.json
 ```
 
+Note: you may have to add `--store-password-in-clear-text` on non-Windows platforms.
+
 Then you can add the the package as described [here](https://github.com/sshnet/SSH.NET/pkgs/nuget/SSH.NET).
 
 ## Supporting SSH.NET

docfx/toc.yml

@@ -4,3 +4,5 @@
   href: examples.md
 - name: API
   href: api/
+- name: Logging
+  href: logging.md

global.json

@@ -1,6 +1,6 @@
 {
   "sdk": {
-    "version": "9.0.100",
-    "rollForward": "latestMajor"
+    "version": "9.0.200",
+    "rollForward": "latestFeature"
   }
 }

src/Renci.SshNet/Abstractions/StreamExtensions.cs

@@ -1,4 +1,5 @@
 #if NETFRAMEWORK || NETSTANDARD2_0
+using System;
 using System.IO;
 using System.Threading.Tasks;
 
@@ -8,8 +9,15 @@ internal static class StreamExtensions
     {
         public static ValueTask DisposeAsync(this Stream stream)
         {
-            stream.Dispose();
-            return default;
+            try
+            {
+                stream.Dispose();
+                return default;
+            }
+            catch (Exception exc)
+            {
+                return new ValueTask(Task.FromException(exc));
+            }
         }
     }
 }

src/Renci.SshNet/Channels/Channel.cs

@@ -17,6 +17,7 @@ internal abstract class Channel : IChannel
     {
         private readonly Lock _serverWindowSizeLock = new Lock();
         private readonly Lock _messagingLock = new Lock();
+        private readonly Lock _sendDataLock = new Lock();
         private readonly uint _initialWindowSize;
         private readonly ISession _session;
         private readonly ILogger _logger;
@@ -340,19 +341,22 @@ public void SendData(byte[] data, int offset, int size)
                 return;
             }
 
-            var totalBytesToSend = size;
-            while (totalBytesToSend > 0)
+            lock (_sendDataLock)
             {
-                var sizeOfCurrentMessage = GetDataLengthThatCanBeSentInMessage(totalBytesToSend);
+                var totalBytesToSend = size;
+                while (totalBytesToSend > 0)
+                {
+                    var sizeOfCurrentMessage = GetDataLengthThatCanBeSentInMessage(totalBytesToSend);
 
-                var channelDataMessage = new ChannelDataMessage(RemoteChannelNumber,
-                                                                data,
-                                                                offset,
-                                                                sizeOfCurrentMessage);
-                _session.SendMessage(channelDataMessage);
+                    var channelDataMessage = new ChannelDataMessage(RemoteChannelNumber,
+                                                                    data,
+                                                                    offset,
+                                                                    sizeOfCurrentMessage);
+                    _session.SendMessage(channelDataMessage);
 
-                totalBytesToSend -= sizeOfCurrentMessage;
-                offset += sizeOfCurrentMessage;
+                    totalBytesToSend -= sizeOfCurrentMessage;
+                    offset += sizeOfCurrentMessage;
+                }
             }
         }