Revisions of python-paramiko
Tomas Cech (sleep_walker)
accepted
request 502890
from
Ondřej Súkup (mimi_vx)
(revision 62)
- update to 2.1.3
* Make util.log_to_file append instead of replace.
* SSHClient and Transport could cause a memory leak if there’s a connection
problem or protocol error, even if Transport.close() is called.
* Prior support for ecdsa-sha2-nistp(384|521) algorithms didn’t fully extend
to covering host keys, preventing connection to hosts which only offer
these key types and no others. This is now fixed.
* Prefer newer ecdsa-sha2-nistp keys over RSA and DSA keys during host key
selection. This improves compatibility with OpenSSH, both in terms of general
behavior, and also re: ability to properly leverage OpenSSH-modified
known_hosts files.
* The RC4/arcfour family of ciphers has been broken since version 2.0; but since
the algorithm is now known to be completely insecure, we are opting
to remove support outright instead of fixing it.
* Move sha1 above the now-arguably-broken md5 in the list of preferred MAC
algorithms, as an incremental security improvement for users whose target
systems offer both.
* Writing encrypted/password-protected private key files was silently broken
since 2.0 due to an incorrect API call
Includes a directly related fix, namely adding the ability to read AES-256-CBC
ciphered private keys (which is now what we tend to write out as it is
Cryptography’s default private key cipher.)
* Allow any type implementing the buffer API to be used with BufferedFile,
Channel, and SFTPFile. This resolves a regression introduced in 1.13
with the Python 3 porting changes, when using types such as memoryview.
* Enhance default cipher preference order such that aes(192|256)-cbc are preferred
over blowfish-cbc.
* SSHClient now requests the type of host key it has (e.g. from known_hosts)
and does not consider a different type to be a “Missing” host key. This fixes
a common case where an ECDSA key is in known_hosts and the server also has
buildservice-autocommit
accepted
request 489399
from
Todd R (TheBlackCat)
(revision 61)
Todd R (TheBlackCat)
(revision 61)
baserev update by copy to link target
Todd R (TheBlackCat)
accepted
request 489398
from
Todd R (TheBlackCat)
(revision 60)
Implement single-spec version.
buildservice-autocommit
accepted
request 482604
from
Factory Maintainer (factory-maintainer)
(revision 59)
Factory Maintainer (factory-maintainer)
(revision 59)
baserev update by copy to link target
Robert Schweikert (rjschwei)
committed
(revision 58)
- Fix version setting for cryptography for build
Robert Schweikert (rjschwei)
committed
(revision 57)
- Add python-pyasn1 as Buildrequires for testing - update to version 1.15.2 (bsc#962291)
Dirk Mueller (dirkmueller)
accepted
request 460370
from
Ondřej Súkup (mimi_vx)
(revision 56)
- update to 2.1.2
* Fix a bug in server-mode concerning multiple interactive auth steps
* SSHClient now gives its internal Transport a handle on itself, preventing
garbage collection of the client until the session is closed. Without this,
some code which returns stream or transport objects without the client that
generated them, would result in premature session closure
when the client was GCd
* Avoid test suite exceptions on platforms lacking errno.ETIME
* weak how RSAKey.__str__ behaves so it doesn’t cause TypeError under Python 3.
buildservice-autocommit
accepted
request 445600
from
Tomas Cech (sleep_walker)
(revision 55)
Tomas Cech (sleep_walker)
(revision 55)
baserev update by copy to link target
Tomas Cech (sleep_walker)
accepted
request 445578
from
Ondřej Súkup (mimi_vx)
(revision 54)
- update to 2.1.1
* A tweak to the original patch implementing gh#398 was not fully applied,
causing calls to ~paramiko.client.SSHClient.invoke_shell to fail with
AttributeError. This has been fixed.
* Fix the implementation of PKey.write_private_key_file (this method is only
publicly defined on subclasses; the fix was in the private real
implementation) so it passes the correct params to open()
* Add an optional timeout parameter to Transport.start_clienti
<paramiko.transport.Transport.start_client> (and feed it the value of the
configured connection timeout when used within SSHClient
<paramiko.client.SSHClient>.)
* Catch AssertionError thrown by Cryptography when attempting to load bad
ECDSA keys, turning it into an SSHException.
* Add a missing .closed attribute (plus ._closed because reasons) to
ProxyCommand <paramiko.proxy.ProxyCommand>
* Make the subprocess import in proxy.py lazy so users on platforms without
it (such as Google App Engine) can import Paramiko successfully
* Fix incorrect docstring/param-list for Transport.auth_gssapi_keyex
<paramiko.transport.Transport.auth_gssapi_keyex> so it matches
the real signature.
* Add an environment dict argument to Client.exec_command
buildservice-autocommit
accepted
request 433751
from
Dirk Mueller (dirkmueller)
(revision 53)
Dirk Mueller (dirkmueller)
(revision 53)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
accepted
request 433728
from
Thomas Bechtold (tbechtold)
(revision 52)
- Fix Requires for python-cryptography - Add missing Requires for python-pyasn1
buildservice-autocommit
accepted
request 416421
from
Robert Schweikert (rjschwei)
(revision 51)
Robert Schweikert (rjschwei)
(revision 51)
baserev update by copy to link target
Robert Schweikert (rjschwei)
accepted
request 416173
from
Michael Ströder (stroeder)
(revision 50)
update 2.0.2
Dirk Mueller (dirkmueller)
accepted
request 414636
from
Michael Ströder (stroeder)
(revision 49)
update to upstream bugfix release 2.0.1
buildservice-autocommit
accepted
request 407224
from
Dirk Mueller (dirkmueller)
(revision 48)
Dirk Mueller (dirkmueller)
(revision 48)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 46)
Dirk Mueller (dirkmueller)
committed
(revision 45)
Dirk Mueller (dirkmueller)
accepted
request 394312
from
Hans-Peter Jansen (frispete)
(revision 43)
- update to 2.0.0:
* Add support for 384- and 512-bit elliptic curve groups in ECDSA
key types (aka ecdsa-sha2-nistp384 / ecdsa-sha2-nistp521).
* Due to an earlier bugfix, less-specific Host blocks' ProxyCommand
values were overriding ProxyCommand none in more-specific Host
blocks. This has been fixed in a backwards compatible manner (i.e.
ProxyCommand none continues to appear as a total lack of any
proxycommand key in parsed config structures).
* Fix a backwards incompatibility issue that cropped up in
SFTPFile.prefetch <~paramiko.sftp_file.prefetch> re: the
erroneously non-optional file_size parameter. Should only affect
users who manually call prefetch.
* Replace PyCrypto with the Python Cryptographic Authority (PyCA)
'Cryptography' library suite. This improves security,
installability, and performance; adds PyPy support; and much more.
* Fix stalled/hung SFTP downloads by cleaning up some threading lock
issues.
* Fix a Python 3 compatibility issue when handling two-factor
authentication.
* Clean up setup.py to always use setuptools, not doing so was a
historical artifact from bygone days.
* Update the module in charge of handling SSH moduli so it's
consistent with OpenSSH behavior re: prime number selection.
* Fix up ~paramiko.ssh_exception.NoValidConnectionsError so it
pickles correctly, and fix a related Python 3 compatibility issue.
* Update to jaraco.windows 3.4.1 to fix some errors related to
ctypes on Windows platforms.
* Annotate some public attributes on ~paramiko.channel.Channel such
as .closed.
* Fix logic bug in the SFTP client's callback-calling functionality;
Displaying revisions 61 - 80 of 122
