Update Rust crate russh-keys to 0.40.0 - autoclosed

[oxide-renovate]

This PR contains the following updates:

Package	Type	Update	Change
russh-keys	dependencies	minor	0.38.0 -> 0.40.0

---

Release Notes

warp-tech/russh (russh-keys)

v0.40.0

Compare Source

Breaking changes

• acd744a: ChannelStream rebuild (Maya the bee) #​181
  • ChannelStream is now generic over the same type as the parent Channel
  • You can now obtain separate AsyncRead and AsyncWrite handles for a channel, as well as its extended streams with make_reader(_ext) and make_writer(_ext).

Changes

• 92660ef: Support for NIST P-256 public keys (George Hopkins) #​208
• 4a683d2: Add client-sent keepalives (Milo Mirate) #​196
• c4a0688: Add method to read known host key (George Hopkins) #​205
• 7c03dd9: add sftp client example (Roman) #​184
• 3463ed0: Fix ChannelMsg::Close docs (Lucas Kent) #​212
• cd59590: Added client-side inactivity timeout (Adrian Müller) #​211
• c0f3458: added Server::handle_session_error and session closure logging

Fixes

• d0908de: fixed #​218 - fixed padding calculation, AES-GCM rekey and hmac-sha2-256(-etm) MAC
• 52e5eaa: Use ChannelMsg::WindowAdjusted during data transfer (Joe Grund) #​180
• e81db83: Make winapi dep windows only (Lucas Kent) #​195
• a904a08: Fix handling of key constraints (George Hopkins) #​203
• 72afa2b: Reduce busywaiting in ChannelStream components (Milo Mirate) #​197
• 9c25fa2: Support hashed hostnames in known_hosts file (George Hopkins) #​200
• c66f4b0: fixed #​198 - agent server - ed25519 key parsing

v0.39.0

Compare Source

Breaking changes

• The behaviour or server::Handler::auth_publickey method has been changed.
  • Previously, this method was called before the public key's signature was verified and if you didn't pay attention to the documentation, your application might interpret this call as a successful public key authentication. In reality, it's only meant to decide whether to accept the public key offer from the client or not.
  • Now, the method is called after the signature is verified and the return value is used to decide whether to accept the authentication or not.
  • The old method has been renamed to auth_publickey_offer and will accept all offers by default.
  • If you have not relied on the incorrect interpretation of auth_publickey method, no action is needed.
  • If you explicitly want to control whether public key offers are accepted or not, additionally implement auth_publickey_offer.
  • N.B.: In OpenSSH, the difference in user experience between rejecting a public key offer and rejecting a public key authentication is whether the key passphrase prompt has been shown.

---

Configuration

📅 Schedule: Branch creation - "after 8pm,before 6am" in timezone America/Los_Angeles, Automerge - "after 8pm,before 6am" in timezone America/Los_Angeles.

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.