Sunset 0.4.0 - 2026-01-11
Added
-
Add server authentication helpers
matches_username(),
matches_password()for constant time comparison. -
Add environment session variable support
-
Add mlkem768x25519 hybrid post-quantum key exchange
Enabled bymlkemfeature, will soon be default.
Fixed
-
Fix public key authentication for the server, previously signatures
would not validate. Github #30 -
Don't fail in some circumstances during key exchange when
packets are received in particular order. Github #25, Github #27 -
Fix a hang where channels wouldn't get woken for more output
after the SSH stream was written out. Github #25 -
Fix using sshwire-derive outside of sunset
Changed
-
Server auth events such as
ServFirstAuthcan enable or disable
password or public key auth for subsequent attempts. Now no authentication methods are enabled by default, they must be explicitly enabled with egenable_password_auth(),enable_pubkey_auth(). -
Minimum Rust version is 1.87
-
Channels::by_handle_mut()renamed fromfrom_handle_mut()to be
more idiomatic. -
Log a better warning when host key signatures fail
-
Code size improvements.
-
Fail with
PacketWrongwhen calling an event method, rather
than on a subsequentprogress()call. -
CI scripts now build in
target/cirather thantesting/target
sunset-async 0.4.0 - 2026-01-11
- Fix discarded channel input data. If async
progress()
ran beforeChanIndata was consumed, it could result
in discarded data. This didn't seem to affect sunsetc,
but could affect other applications.
sunset-stdasync 0.4.0 - 2026-01-11
Fixed
-
CmdlineClient: fix exit code, flush logs on completio n -
sunsetc: fix winch signal being lost (regression in 0.3.0)
Added
-
sunsetc:--versionargument -
sunsetc: Allow%pin tracefile filename for PID
Changed
-
sunsetc: buffer tracefile output for performance -
sunsetc: escape banner sent from a serve
sunset-sshwire-derive 0.2.1 - 2026-01-11
Fixed
- Allow external use without needing
use sunset::sshwire.
Changed
- Disallow enum values which would be ignored.