Merge branch 'feature/issue-56-phase5-practical-ssh-options'

inureyes · inureyes · commit 8e6d60d38568 · 2025-10-24T10:49:15.000+09:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,7 +5,7 @@ All notable changes to bssh will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
+## [1.0.0] - 2025-10-24
 
 ### Added
 - **SSH Configuration: Certificate Authentication Options**
@@ -309,7 +309,8 @@ None
 - russh library for native SSH implementation
 - Cross-platform support (Linux and macOS)
 
-[Unreleased]: https://github.com/lablup/bssh/compare/v0.9.1...HEAD
+[Unreleased]: https://github.com/lablup/bssh/compare/v1.0.0...HEAD
+[1.0.0]: https://github.com/lablup/bssh/compare/v0.9.1...v1.0.0
 [0.9.1]: https://github.com/lablup/bssh/compare/v0.9.0...v0.9.1
 [0.9.0]: https://github.com/lablup/bssh/compare/v0.8.0...v0.9.0
 [0.8.0]: https://github.com/lablup/bssh/compare/v0.7.0...v0.8.0
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "bssh"
-version = "0.9.1"
+version = "1.0.0"
 authors = ["Jeongkyu Shin <inureyes@gmail.com>"]
 description = "Parallel SSH command execution tool for cluster management"
 license = "Apache-2.0"
diff --git a/README.md b/README.md
@@ -948,6 +948,7 @@ See the [LICENSE](./LICENSE) file for details.
 ## Changelog
 
 ### Recent Updates
+- **v1.0.0 (2025/10/24):** Major milestone release with comprehensive SSH configuration support (~71 options), certificate authentication, advanced security features, and modular parser architecture
 - **v0.9.1 (2025/10/14):** Complete PTY terminal modes implementation with Shift key input support
 - **v0.9.0 (2025/10/14):** Add SSH ProxyJump support for file transfers and interactive mode, update packages
 - **v0.8.0 (2025/09/12):** Add comprehensive SSH port forwarding (local/remote/dynamic), improve error messages and remove dangerous unwrap() calls
diff --git a/debian/changelog b/debian/changelog
@@ -1,3 +1,53 @@
+bssh (1.0.0-1~jammy1) jammy; urgency=medium
+
+  * v1.0.0
+  ### New Features
+  - **Comprehensive SSH Configuration Support**: Added ~71 SSH configuration options (~69% coverage of OpenSSH's 103 options)
+    - Certificate Authentication Options: CertificateFile, CASignatureAlgorithms, HostbasedAuthentication, HostbasedAcceptedAlgorithms
+    - Advanced Port Forwarding Control: GatewayPorts, ExitOnForwardFailure, PermitRemoteOpen
+    - Command Execution and Automation: PermitLocalCommand, LocalCommand, RemoteCommand, KnownHostsCommand, ForkAfterAuthentication, SessionType, StdinNull
+    - Host Key Verification & Security: NoHostAuthenticationForLocalhost, HashKnownHosts, CheckHostIP, VisualHostKey, HostKeyAlias, VerifyHostKeyDNS, UpdateHostKeys
+    - Additional Authentication Options: NumberOfPasswordPrompts, EnableSSHKeysign
+    - Network & Connection Options: BindInterface, IPQoS, RekeyLimit
+    - X11 Forwarding Options: ForwardX11Timeout, ForwardX11Trusted
+    - Authentication and Security Management: IdentitiesOnly, AddKeysToAgent, IdentityAgent, PubkeyAcceptedAlgorithms, RequiredRSASize, FingerprintHash
+    - Include and Match directive support for flexible configuration
+    - Support for both "Option Value" and "Option=Value" syntax
+
+  ### Improvements
+  - **Modular SSH Config Parser**: Refactored oversized parser.rs (1706 lines) into category-based modules (~200-350 lines each)
+  - **Enhanced Security**: Comprehensive security hardening for SSH configuration
+    - Path validation to prevent usage of sensitive system files
+    - Memory exhaustion prevention with entry limits
+    - Command injection prevention for LocalCommand and KnownHostsCommand
+    - Token validation and dangerous character detection
+    - Algorithm list validation with deduplication
+  - **Terminology Cleanup**: Removed phase terminology from codebase and documentation for better clarity
+
+  ### Bug Fixes
+  - Fixed critical security vulnerabilities in SSH config parser (Priority: CRITICAL/HIGH)
+  - Enhanced input validation and error handling
+
+  ### CI/CD Improvements
+  None
+
+  ### Technical Details
+  - Enhanced SSH configuration merging logic with proper priority handling
+  - Comprehensive test coverage: 278 tests including parser, resolver, integration, and security tests
+  - Improved code organization and maintainability with modular structure
+  - Support for scalar option override and vector option accumulation with deduplication
+
+  ### Dependencies
+  None
+
+  ### Breaking Changes
+  None
+
+  ### Known Issues
+  None
+
+ -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 24 Oct 2025 00:00:00 +0900
+
 bssh (0.9.1-1~jammy1) jammy; urgency=medium
 
   * v0.9.1
diff --git a/docs/man/bssh.1 b/docs/man/bssh.1
@@ -1,6 +1,6 @@
 .\" Manpage for bssh
 .\" Contact the maintainers to correct errors or typos.
-.TH BSSH 1 "October 2025" "v0.9.1" "bssh Manual"
+.TH BSSH 1 "October 2025" "v1.0.0" "bssh Manual"
 
 .SH NAME
 bssh \- Broadcast SSH - SSH-compatible client with parallel execution capabilities
