migrate to ssh2 0.5+ #386
migrate to ssh2 0.5+ #386
Conversation
| @@ -25,5 +25,9 @@ module.exports = function(size) { | |||
| buffer[i] = Math.floor(Math.random() * 256); | |||
| } | |||
| } | |||
| return buffer; | |||
| if (cb) { | |||
There was a problem hiding this comment.
Having a callback could simplify switching to the cryptographically secure core.crypto fill (in cases where there is a callback you won't even need to maintain a separate buffer). I won't assert whether or not that's something that needs to be done in this pull request, but I do think it's something worth getting done soon, as Math.random is pretty bad.
|
Comments added, some thoughts/TODOs but nothing blocking (monkey patching is always a bit ugly regardless as you said). Let me know if you'd like me to take a stab at using core.crypto for randombytes, since I've worked with it in a few other places. |
|
Please take a look at using core.crypto, that would be great! I'm investigating Travis failures...this all works fine for me locally, in any version node...then will submit. Thanks! |
Yeah, this was fun. Fixes:
UWNetworksLab/uProxy-p2p#2320
Summary:
ssh2-streamsaliasrandombytes' callback (forgot to do this first time around, I guess - ssh2 0.5+ uses it)processshim (otherwise ssh2-streams won't load)The monkey patching stuff isn't great. Rather than getting it perfect I'd like to start moving the ssh module into its own browserified file which could be included by whichever module wants it - this would also avoid duplicating the source (1MB+) between the
digitaloceanandcloudsocialmodules.Note that while this gets us closer to EC support, some quick hacking suggests there are still some missing pieces: namely, I think ssh2 wants Node.js 5+ but browserify currently gives us Node.js 4. Still, getting closer :-)
This change is