The NetBSD Project

CVS log for pkgsrc/security/py-paramiko/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / security / py-paramiko

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.38 / (download) - annotate - [select for diffs], Sun Jan 26 17:32:07 2020 UTC (2 months, 1 week ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1, HEAD
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)

all: migrate homepages from http to https

pkglint -r --network --only "migrate"

As a side-effect of migrating the homepages, pkglint also fixed a few
indentations in unrelated lines. These and the new homepages have been
checked manually.

Revision 1.37 / (download) - annotate - [select for diffs], Wed Dec 11 10:43:53 2019 UTC (3 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)

py-paramiko: updated to 2.7.1

2.7.1:
[Bug] Fix a bug in support for ECDSA keys under the newly supported OpenSSH key format. Thanks to Pierce Lopez for the patch.
[Bug] The new-style private key format (added in 2.7) suffered from an unpadding bug which had been fixed earlier for Ed25519 (as that key type has always used the newer format). That fix has been refactored and applied to the base key class, courtesy of Pierce Lopez.

2.7.0:
[Feature]: Add new convenience classmethod constructors to SSHConfig: from_text, from_file, and from_path. No more annoying two-step process!
[Feature] Implement most „ŗŌńanonical hostname„ŗssh_config functionality (CanonicalizeHostname, CanonicalDomains, CanonicalizeFallbackLocal, and CanonicalizeMaxDots; CanonicalizePermittedCNAMEs has not yet been implemented). All were previously silently ignored. Reported by Michael Leinartas.
[Feature] Implement support for the Match keyword in ssh_config files. Previously, this keyword was simply ignored & keywords inside such blocks were treated as if they were part of the previous block. Thanks to Michael Leinartas for the initial patchset.

Note
This feature adds a new optional install dependency, Invoke, for managing Match exec subprocesses.

[Feature]: A couple of outright SSHConfig parse errors were previously represented as vanilla Exception instances; as part of recent feature work a more specific exception class, ConfigParseError, has been created. It is now also used in those older spots, which is naturally backwards compatible.
[Feature] Implement support for OpenSSH 6.5-style private key files (typically denoted as having BEGIN OPENSSH PRIVATE KEY headers instead of PEM format„ŗ—‘ BEGIN RSA PRIVATE KEY or similar). If you were getting any sort of weird auth error from „ŗ◊őodern„ŗkeys generated on newer operating system releases (such as macOS Mojave), this is the first update to try.

Major thanks to everyone who contributed or tested versions of the patch, including but not limited to: Kevin Abel, Michiel Tiller, Pierce Lopez, and Jared Hobbs.

[Bug]: Perform deduplication of IdentityFile contents during ssh_config parsing; previously, if your config would result in the same value being encountered more than once, IdentityFile would contain that many copies of the same string.
[Bug]: Paramiko„ŗ—‘ use of subprocess for ProxyCommand support is conditionally imported to prevent issues on limited interpreter platforms like Google Compute Engine. However, any resulting ImportError was lost instead of preserved for raising (in the rare cases where a user tried leveraging ProxyCommand in such an environment). This has been fixed.
[Bug]: ssh_config token expansion used a different method of determining the local username ($USER env var), compared to what the (much older) client connection code does (getpass.getuser, which includes $USER but may check other variables first, and is generally much more comprehensive). Both modules now use getpass.getuser.
[Support]: Explicitly document which ssh_config features we currently support. Previously users just had to guess, which is simply no good.
[Support]: Additional installation extras_require „ŗ◊«lavors„ŗ(ed25519, invoke, and all) have been added to our packaging metadata; see the install docs for details.

Revision 1.36 / (download) - annotate - [select for diffs], Tue Jul 2 04:31:13 2019 UTC (9 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3
Changes since 1.35: +4 -5 lines
Diff to previous 1.35 (colored)

py-paramiko: updated to 2.6.0

2.6.0:
Add a new keyword argument to SSHClient.connect and Transport, disabled_algorithms, which allows selectively disabling one or more kex/key/cipher/etc algorithms. This can be useful when disabling algorithms your target server (or client) does not support cleanly, or to work around unpatched bugs in Paramiko„ŗ—‘ own implementation thereof.

SSHClient.exec_command previously returned a naive ChannelFile object for its stdin value; such objects don„ŗ—’ know to properly shut down the remote end„ŗ—‘ stdin when they .close(). This lead to issues (such as hangs) when running remote commands that read from stdin.

Add backwards-compatible support for the gssapi GSSAPI library, as the previous backend (python-gssapi) has since become defunct. This change also includes tests for the GSSAPI functionality.

Tweak many exception classes so their string representations are more human-friendly; this also includes incidental changes to some super() calls.

Revision 1.35 / (download) - annotate - [select for diffs], Mon Jun 10 08:42:57 2019 UTC (9 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2
Changes since 1.34: +3 -2 lines
Diff to previous 1.34 (colored)

py-paramiko: updated to 2.5.0

2.5.0:
[Feature] Updated SSHConfig.lookup so it returns a new, type-casting-friendly dict subclass (SSHConfigDict) in lieu of dict literals. This ought to be backwards compatible, and allows an easier way to check boolean or int type ssh_config values.

[Feature] Add support for Curve25519 key exchange (aka curve25519-sha256@libssh.org).

[Feature] Add support for encrypt-then-MAC (ETM) schemes (hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com) and two newer Diffie-Hellman group key exchange algorithms (group14, using SHA256; and group16, using SHA512). Patch courtesy of Edgar Sousa.

[Support] Update our install docs with (somewhat) recently added additional dependencies; we previously only required Cryptography, but the docs never got updated after we incurred bcrypt and pynacl requirements for Ed25519 key support.

Additionally, pyasn1 was never actually hard-required; it was necessary during a development branch, and is used by the optional GSSAPI support, but is not required for regular installation. Thus, it has been removed from our setup.py and its imports in the GSSAPI code made optional.

[Support] Add *.pub files to the MANIFEST so distributed source packages contain some necessary test assets. Credit: Alexander Kapshuna.

[Support] Add support for the modern (as of Python 3.3) import location of MutableMapping (used in host key management) to avoid the old location becoming deprecated in Python 3.8.
[Support] Raise Cryptography dependency requirement to version 2.5 (from 1.5) and update some deprecated uses of its API.

Revision 1.34 / (download) - annotate - [select for diffs], Fri Sep 21 11:04:16 2018 UTC (18 months, 1 week ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)

py-paramiko: updated to 2.4.2

2.4.2:
Fix exploit (CVE pending) in Paramiko„ŗ—‘ server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication.

Specifically, steps have been taken to start separating client and server related message types in the message handling tables within Transport and AuthHandler; this work is not complete but enough has been performed to close off this particular exploit (which was the only obvious such exploit for this particular channel).

Modify protocol message handling such that Transport does not respond to MSG_UNIMPLEMENTED with its own MSG_UNIMPLEMENTED. This behavior probably didn„ŗ—’ cause any outright errors, but it doesn„ŗ—’ seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends).
Add *.pub files to the MANIFEST so distributed source packages contain some necessary test assets. Credit: Alexander Kapshuna.
Backport pytest support and application of the black code formatter (both of which previously only existed in the 2.4 branch and above) to everything 2.0 and newer. This makes back/forward porting bugfixes significantly easier.
Backport changes from 979 (added in Paramiko 2.3) to Paramiko 2.0-2.2, using duck-typing to preserve backwards compatibility. This allows these older versions to use newer Cryptography sign/verify APIs when available, without requiring them (as is the case with Paramiko 2.3+).

Revision 1.33 / (download) - annotate - [select for diffs], Thu Sep 6 13:28:00 2018 UTC (18 months, 4 weeks ago) by adam
Branch: MAIN
Changes since 1.32: +3 -3 lines
Diff to previous 1.32 (colored)

py-paramiko: BUILD_DEPENDS -> TEST_DEPENDS

Revision 1.32 / (download) - annotate - [select for diffs], Tue Mar 13 18:35:29 2018 UTC (2 years ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)

py-paramiko: updated to 2.4.1

2.4.1:
[Bug] Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3). Report by Theodor van Nahl and fix by Pierce Lopez.
[Bug] Add newer key classes for Ed25519 and ECDSA to paramiko.__all__ so that code introspecting that attribute, or using from paramiko import * (such as some IDEs) sees them. Thanks to @patriksevallius for the patch.
[Bug] Fix a security flaw (CVE-2018-7750) in Paramiko„ŗ—‘ server mode (emphasis on server mode; this does not impact client use!) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating. Big thanks to Matthijs Kooijman for the report.

Revision 1.31 / (download) - annotate - [select for diffs], Wed Nov 15 09:24:14 2017 UTC (2 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4
Changes since 1.30: +5 -3 lines
Diff to previous 1.30 (colored)

py-paramiko: updated to 2.4.0

2.4.0:

[Feature]: Add a new passphrase kwarg to SSHClient.connect so users may disambiguate key-decryption passphrases from password-auth passwords. (This is a backwards compatible change; password will still pull double duty as a passphrase when passphrase is not given.)
[Support]: Drop Python 2.6 and Python 3.3 support; now only 2.7 and 3.4+ are supported. If you„ŗ—”e unable to upgrade from 2.6 or 3.3, please stick to the Paramiko 2.3.x (or below) release lines.
[Support]: Include LICENSE file in wheel archives.
[Support]: Updated the test suite & related docs/metadata/config to be compatible with pytest instead of using the old, custom, crufty unittest-based test.py.

This includes marking known-slow tests (mostly the SFTP ones) so they can be filtered out by inv test„ŗŌ‘ default behavior; as well as other minor tweaks to test collection and/or display (for example, GSSAPI tests are collected, but skipped, instead of not even being collected by default as in test.py.)

[Support]: Update tearDown of client test suite to avoid hangs due to eternally blocking accept() calls on the internal server thread (which can occur when test code raises an exception before actually connecting to the server.)

Revision 1.30 / (download) - annotate - [select for diffs], Wed Oct 25 06:38:53 2017 UTC (2 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)

Updated HOMEPAGE

Revision 1.29 / (download) - annotate - [select for diffs], Thu Oct 12 12:42:26 2017 UTC (2 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.28: +16 -18 lines
Diff to previous 1.28 (colored)

py-paramiko: update to 2.3.1

2.3.1:
[Bug] 1071: Certificate support broke the no-certificate case for Ed25519 keys (symptom is an AttributeError about public_blob.) This went uncaught due to cert autoload behavior (i.e. our test suite never actually ran the no-cert case, because the cert existed!) Both issues have been fixed. Thanks to John Hu for the report.

Revision 1.28 / (download) - annotate - [select for diffs], Fri May 19 14:47:10 2017 UTC (2 years, 10 months ago) by he
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)

Upgrade py-paramiko from 1.15.3 to 1.18.2.

Pkgsrc changes:
Adapt PLIST.

Upstream changes:

1.18.2 2017-02-20
  [Bug] #895: Fix a bug in server-mode concerning multiple interactive
     auth steps (which were incorrectly responded to). Thanks to Dennis
     Kaarsemaker for catch & patch.
  [Bug] #713: (via #714 and #889) Don't pass initialization vectors
     to PyCrypto when dealing with counter-mode ciphers; newer PyCrypto
     versions throw an exception otherwise (older ones simply ignored
     this parameter altogether). Thanks to @jmh045000 for report &
     patches.
  [Bug] #44: (via #891) SSHClient now gives its internal Transport
     a handle on itself, preventing garbage collection of the client
     until the session is closed. Without this, some code which returns
     stream or transport objects without the client that generated
     them, would result in premature session closure when the client
     was GCd. Credit: @w31rd0 for original report, Omer Anson for the
     patch.
  [Bug] #862: (via #863) Avoid test suite exceptions on platforms
    lacking errno.ETIME (which seems to be some FreeBSD and some
    Windows environments.) Thanks to Sofian Brabez.
  [Bug] #853: Tweak how RSAKey.__str__ behaves so it doesn't
    cause TypeError under Python 3. Thanks to Francisco Couzo for
    the report.
  [Support] #866: (also #838) Remove an old test-related file we
    don't support, and add PyPy to Travis-CI config. Thanks to
    Pierce Lopez for the final patch and Pedro Rodrigues for an
    earlier edition.

1.18.1 2016-12-12
  [Bug] #859: (via #860) A tweak to the original patch implementing
    #398 was not fully applied, causing calls to invoke_shell to
    fail with AttributeError. This has been fixed. Patch credit:
    Kirk Byers.

1.18.0 2016-12-09
  [Feature] #398: Add an environment dict argument to
    Client.exec_command (plus the lower level Channel.update_environment
    and Channel.set_environment_variable methods) which implements
    the env SSH message type. This means the remote shell environment
    can be set without the use of VARNAME=value shell tricks,
    provided the server's AcceptEnv lists the variables you need
    to set. Thanks to Philip Lorenz for the pull request.
  [Feature] #780: (also #779, and may help users affected by
    #520) Add an optional timeout parameter to Transport.start_client
    (and feed it the value of the configured connection timeout
    when used within SSHClient.) This helps prevent situations
    where network connectivity isn't timing out, but the remote
    server is otherwise unable to service the connection in a timely
    manner. Credit to @sanseihappa.
  [Support] #819: Document how lacking gmp headers at install
    time can cause a significant performance hit if you build
    PyCrypto from source. (Most system-distributed packages already
    have this enabled.)
  [Support] #854: Fix incorrect docstring/param-list for
    Transport.auth_gssapi_keyex so it matches the real signature.
    Caught by @Score_Under.
  [Support] #792: Minor updates to the README and demos; thanks to Alan Yee.
  [Support] #801: Skip a Unix-only test when on Windows; thanks to Gabi Davar.

For pre-1.18.0 changes, see
  http://www.paramiko.org/changelog.html

Revision 1.27 / (download) - annotate - [select for diffs], Wed Jun 8 17:43:38 2016 UTC (3 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)

Switch to MASTER_SITES_PYPI.

Revision 1.26 / (download) - annotate - [select for diffs], Wed May 18 12:43:00 2016 UTC (3 years, 10 months ago) by he
Branch: MAIN
Changes since 1.25: +1 -2 lines
Diff to previous 1.25 (colored)

Undo previous, contaminated testing environment, py-cryptography isn't
needed after all.

Revision 1.25 / (download) - annotate - [select for diffs], Wed May 18 12:01:53 2016 UTC (3 years, 10 months ago) by he
Branch: MAIN
Changes since 1.24: +2 -1 lines
Diff to previous 1.24 (colored)

Add missing dependency on py-cryptography.  Without this, usage fails
with "ImportError: No module named cryptography.hazmat.backends" from
paramiko/transport.py.

Revision 1.24 / (download) - annotate - [select for diffs], Sat Oct 3 22:54:17 2015 UTC (4 years, 6 months ago) by rodent
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4
Changes since 1.23: +2 -4 lines
Diff to previous 1.23 (colored)

Update to 1.15.3. Mostly, the point of this update is to clarify that paramiko
is not, from what I can tell by building and using (also from the repo),
broken under py3x. Therefore, dependencies marked as broken under py3x due to
paramiko will be unmarked (unless they are broken for lack of py3x support).

From sites/www/changelog.rst:

:support:`554 backported` Fix inaccuracies in the docstring for the ECDSA key class. Thanks to Jared Hance for the patch.

:support:`516 backported` Document ~paramiko.agent.AgentRequestHandler. Thanks to @toejough for report & suggestions.

:bug:`496` Fix a handful of small but critical bugs in Paramiko's GSSAPI support (note: this includes switching from PyCrypo's Random to os.urandom). Thanks to Anselm Kruis for catch & patch.

:bug:`491` (combines :issue:`62` and :issue:`439`) Implement timeout functionality to address hangs from dropped network connections and/or failed handshakes. Credit to @vazir and @dacut for the original patches and to Olle Lundberg for reimplementation.

:bug:`490` Skip invalid/unparseable lines in known_hosts files, instead of raising ~paramiko.ssh_exception.SSHException. This brings Paramiko's behavior more in line with OpenSSH, which silently ignores such input. Catch & patch courtesy of Martin Topholm.

:bug:`404` Print details when displaying ~paramiko.ssh_exception.BadHostKeyException objects (expected vs received data) instead of just "hey shit broke". Patch credit: Loic Dachary.

:bug:`469` (also :issue:`488`, :issue:`461` and like a dozen others) Fix a typo introduced in the 1.15 release which broke WinPageant support. Thanks to everyone who submitted patches, and to Steve Cohen who was the lucky winner of the cherry-pick lottery.

:bug:`353` (via :issue:`482`) Fix a bug introduced in the Python 3 port which caused OverFlowError (and other symptoms) in SFTP functionality. Thanks to @dboreham for leading the troubleshooting charge, and to Scott Maxwell for the final patch.

:support:`582` Fix some old setup.py related helper code which was breaking bdist_dumb on Mac OS X. Thanks to Peter Odding for the patch.

:bug:`22 major` Try harder to connect to multiple network families (e.g. IPv4 vs IPv6) in case of connection issues; this helps with problems such as hosts which resolve both IPv4 and IPv6 addresses but are only listening on IPv4. Thanks to Dries Desmet for original report and Torsten Landschoff for the foundational patchset.

:bug:`402` Check to see if an SSH agent is actually present before trying to forward it to the remote end. This replaces what was usually a useless TypeError with a human-readable ~paramiko.ssh_exception.AuthenticationException. Credit to Ken Jordan for the fix and Yvan Marques for original report.

Revision 1.23 / (download) - annotate - [select for diffs], Mon Jan 5 13:18:28 2015 UTC (5 years, 2 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored)

update to 0.15.2
There is no useful changelog, but it makes the client work again a recent
OpenSSH server (6.7p1-hpn14v5) again. Tested with "duplicity".

Revision 1.22 / (download) - annotate - [select for diffs], Thu Jun 12 00:43:28 2014 UTC (5 years, 9 months ago) by gls
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)

Update security/py-paramiko to 1.14.0

Upstream changes:
-----------------

:release:`1.14.0 <2014-05-07>`
------------------------------

:bug:`-` paramiko.file.BufferedFile.read incorrectly returned text
 strings after the Python 3 migration, despite bytes being more
 appropriate for file contents
(which may be binary or of an unknown encoding.) This has been addressed.

Note
paramiko.file.BufferedFile.readline continues to return strings,
 not bytes, as "lines" only make sense for textual data.
 It assumes UTF-8 by default.

This should fix this issue raised on the Obnam mailing list.
 Thanks to Antoine Brenner for the patch.

:bug:`-` Added self.args for exception classes. Used for unpickling.
 Related to (Fabric #986, Fabric #714). Thanks to Alex Plugaru.

:bug:`-` Fix logging error in sftp_client for filenames containing
 the '%' character. Thanks to Antoine Brenner.

:bug:`308` Fix regression in dsskey.py that caused sporadic
 signature verification failures. Thanks to Chris Rose.

:support:`299` Use deterministic signatures for ECDSA keys for
 improved security. Thanks to Alex Gaynor.

:support:`297` Replace PyCrypto's Random with os.urandom for
 improved speed and security. Thanks again to Alex.

:support:`295` Swap out a bunch of PyCrypto hash functions with use of
 hashlib. Thanks to Alex Gaynor.

:support:`290` (also :issue:`292`) Add support for building universal
 (Python 2+3 compatible) wheel files during the release process.
 Courtesy of Alex Gaynor.

:support:`284` Add Python language trove identifiers to setup.py.
 Thanks to Alex Gaynor for catch & patch.

:bug:`235` Improve string type testing in a handful of spots
 (e.g. s/if type(x) is str/if isinstance(x, basestring)/g.)
 Thanks to @ksamuel for the report.

:release:`1.13.0 <2014-03-13>`
------------------------------

:feature:`16` Python 3 support! Our test suite passes under Python 3,
 and it (& Fabric's test suite) continues to pass under Python 2.
 Python 2.5 is no longer supported with this change!

The merged code was built on many contributors' efforts, both code &
 feedback. In no particular order, we thank Daniel Goertzen, Ivan
 Kolodyazhny, Tomi Pieviläinen, Jason R. Coombs, Jan N. Schulze,
 @Lazik, Dorian Pula, Scott Maxwell, Tshepang Lekhonkhobe, Aaron Meurer,
 and Dave Halter.

:support:`256 backported` Convert API documentation to Sphinx, yielding
 a new API docs website to replace the old Epydoc one.
 Thanks to Olle Lundberg for the initial conversion work.

:bug:`-` Use constant-time hash comparison operations where possible,
to protect against timing-based attacks. Thanks to Alex Gaynor for the patch.

:release:`1.12.2 <2014-02-14>`
------------------------------

:feature:`58` Allow client code to access the stored SSH server banner via
 Transport.get_banner <paramiko.transport.Transport.get_banner>.
 Thanks to @Jhoanor for the patch.

:bug:`252` (Fabric #1020) Enhanced the implementation of ProxyCommand to
 avoid a deadlock/hang condition that frequently occurs at Transport
 shutdown time. Thanks to Mateusz Kobos, Matthijs van der Vleuten and
 Guillaume Zitta for the original reports and to Marius Gedminas for
 helping test nontrivial use cases.

:bug:`268` Fix some missed renames of ProxyCommand related error classes.
 Thanks to Marius Gedminas for catch & patch.

:bug:`34` (PR :issue:`35`) Fix SFTP prefetching incompatibility with some
 SFTP servers regarding request/response ordering.
 Thanks to Richard Kettlewell.

:bug:`193` (and its attentant PRs :issue:`230` & :issue:`253`) Fix SSH
 agent problems present on Windows. Thanks to David Hobbs for initial
 report and to Aarni Koskela & Olle Lundberg for the patches.

:release:`1.12.1 <2014-01-08>`
------------------------------

:bug:`225 (1.12+)` Note ecdsa requirement in README. Thanks to Amaury
 Rodriguez for the catch.

:bug:`176` Fix AttributeError bugs in known_hosts file (re)loading.
 Thanks to Nathan Scowcroft for the patch & Martin Blumenstingl for the
 initial test case.

Revision 1.21 / (download) - annotate - [select for diffs], Fri May 9 07:37:18 2014 UTC (5 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)

Mark packages that are not ready for python-3.3 also not ready for 3.4,
until proven otherwise.

Revision 1.20 / (download) - annotate - [select for diffs], Mon Jan 27 18:41:14 2014 UTC (6 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.19: +1 -2 lines
Diff to previous 1.19 (colored)

Do not set FETCH_USING, should not be set in a package Makefile.

Revision 1.19 / (download) - annotate - [select for diffs], Sat Jan 25 10:30:20 2014 UTC (6 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.18: +3 -1 lines
Diff to previous 1.18 (colored)

Mark packages as not ready for python-3.x where applicable;
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE=  33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE=  33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.

Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.

Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.

Whitespace cleanups and other nits corrected, where necessary.

Revision 1.18 / (download) - annotate - [select for diffs], Sun Oct 20 17:02:02 2013 UTC (6 years, 5 months ago) by gls
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4
Changes since 1.17: +4 -2 lines
Diff to previous 1.17 (colored)

Update security/py-paramiko to 1.12.0

pkgsrc changes:
---------------
- Depends on security/py-ecdsa
- FETCH_USING=curl to deal with PyPi's htpps only website.

upstream changes:
-----------------
v1.12.0 (27th Sep 2013)
-----------------------

* #152: Add tentative support for ECDSA keys. *This adds the ecdsa
  module as a new dependency of Paramiko.* The module is available at
  [warner/python-ecdsa on Github](https://github.com/warner/python-ecdsa) and
  [ecdsa on PyPI](https://pypi.python.org/pypi/ecdsa).
    * Note that you might still run into problems with key negotiation --
      Paramiko picks the first key that the server offers, which might not be
      what you have in your known_hosts file.
    * Mega thanks to Ethan Glasser-Camp for the patch.
* #136: Add server-side support for the SSH protocol's 'env' command. Thanks to
  Benjamin Pollack for the patch.

v1.11.2 (27th Sep 2013)
-----------------------

* #156: Fix potential deadlock condition when using Channel objects as sockets
  (e.g. when using SSH gatewaying). Thanks to Steven Noonan and Frank Arnold
  for catch & patch.
* #179: Fix a missing variable causing errors when an ssh_config file has a
  non-default AddressFamily set. Thanks to Ed Marshall & Tomaz Muraus for catch
  & patch.
* #200: Fix an exception-causing typo in `demo_simple.py`. Thanks to Alex
  Buchanan for catch & Dave Foster for patch.
* #199: Typo fix in the license header cross-project. Thanks to Armin Ronacher
  for catch & patch.

v1.12.0 (27th Sep 2013)
-----------------------

* #152: Add tentative support for ECDSA keys. *This adds the ecdsa
  module as a new dependency of Paramiko.* The module is available at
  [warner/python-ecdsa on Github](https://github.com/warner/python-ecdsa) and
  [ecdsa on PyPI](https://pypi.python.org/pypi/ecdsa).
    * Note that you might still run into problems with key negotiation --
      Paramiko picks the first key that the server offers, which might not be
      what you have in your known_hosts file.
    * Mega thanks to Ethan Glasser-Camp for the patch.
* #136: Add server-side support for the SSH protocol's 'env' command. Thanks to
  Benjamin Pollack for the patch.

v1.11.2 (27th Sep 2013)
-----------------------

* #156: Fix potential deadlock condition when using Channel objects as sockets
  (e.g. when using SSH gatewaying). Thanks to Steven Noonan and Frank Arnold
  for catch & patch.
* #179: Fix a missing variable causing errors when an ssh_config file has a
  non-default AddressFamily set. Thanks to Ed Marshall & Tomaz Muraus for catch
  & patch.
* #200: Fix an exception-causing typo in `demo_simple.py`. Thanks to Alex
  Buchanan for catch & Dave Foster for patch.
* #199: Typo fix in the license header cross-project. Thanks to Armin Ronacher
  for catch & patch.

Revision 1.17 / (download) - annotate - [select for diffs], Tue Aug 6 20:12:18 2013 UTC (6 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.16: +1 -3 lines
Diff to previous 1.16 (colored)

Remove FETCH_USING=curl after putting distfile on nbftp.

Revision 1.16 / (download) - annotate - [select for diffs], Tue Aug 6 18:11:28 2013 UTC (6 years, 7 months ago) by gls
Branch: MAIN
Changes since 1.15: +4 -3 lines
Diff to previous 1.15 (colored)

Update security/py-paramiko to 1.11.0

pkgsrc changes:
---------------
FETCH_USING= curl, as PyPi moved to https.

Upstream changes:
-----------------

v1.11.0 (26th Jul 2013)
-----------------------

* #98: On Windows, when interacting with the PuTTY PAgeant, Paramiko now
  creates the shared memory map with explicit Security Attributes of the user,
  which is the same technique employed by the canonical PuTTY library to avoid
  permissions issues when Paramiko is running under a different UAC context
  than the PuTTY Ageant process. Thanks to Jason R. Coombs for the patch.
* #100: Remove use of PyWin32 in `win_pageant` module. Module was already
  dependent on ctypes for constructing appropriate structures and had ctypes
  implementations of all functionality. Thanks to Jason R. Coombs for the
  patch.
* #87: Ensure updates to `known_hosts` files account for any updates to said
  files after Paramiko initially read them. (Includes related fix to guard
  against duplicate entries during subsequent `known_hosts` loads.) Thanks to
  `@sunweaver` for the contribution.

v1.10.2 (26th Jul 2013)
-----------------------

* #153, #67: Warn on parse failure when reading known_hosts file. Thanks to
  `@glasserc` for patch.
* #146: Indentation fixes for readability. Thanks to Abhinav Upadhyay for catch
  & patch.

Revision 1.15 / (download) - annotate - [select for diffs], Thu Apr 11 16:28:50 2013 UTC (6 years, 11 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)

update to 1.10.1
changes: minor fixes

Revision 1.14 / (download) - annotate - [select for diffs], Sat Mar 9 15:46:57 2013 UTC (7 years ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 (colored)

Update to 1.10.0.

Upstream appears to have no changelog or NEWS; the included README is
about changes in 1.8.0.  Browsing github makes this look like minor
features and bugfixes.

Revision 1.13 / (download) - annotate - [select for diffs], Tue Nov 27 22:13:32 2012 UTC (7 years, 4 months ago) by gls
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)

Update security/py-paramiko to 1.9.0.

Fix a tyop in DESCR.

Upstream changes:
-----------------

v1.9.0 (6th Nov 2012)
---------------------

* #97 (with a little #93): Improve config parsing of `ProxyCommand` directives
  and provide a wrapper class to allow subprocess-driven proxy commands to be
  used as `sock=` arguments for `SSHClient.connect`.
* #77: Allow `SSHClient.connect()` to take an explicit `sock` parameter
  overriding creation of an internal, implicit socket object.
* Thanks in no particular order to Erwin Bolwidt, Oskari Saarenmaa, Steven
  Noonan, Vladimir Lazarenko, Lincoln de Sousa, Valentino Volonghi, Olle
  Lundberg, and Github user `@acrish` for the various and sundry patches
  leading to the above changes.

v1.8.1 (6th Nov 2012)
---------------------

* #90: Ensure that callbacks handed to `SFTPClient.get()` always fire at least
  once, even for zero-length files downloaded. Thanks to Github user `@enB` for
  the catch.
* #85: Paramiko's test suite overrides
  `unittest.TestCase.assertTrue/assertFalse` to provide these modern assertions
  to Python 2.2/2.3, which lacked them. However on newer Pythons such as 2.7,
  this now causes deprecation warnings. The overrides have been patched to only
  execute when necessary. Thanks to `@Arfrever` for catch & patch.


v1.8.0 (3rd Oct 2012)
---------------------

* #17 ('ssh' 28): Fix spurious `NoneType has no attribute 'error'` and similar
  exceptions that crop up on interpreter exit.
* 'ssh' 32: Raise a more useful error explaining which `known_hosts` key line was
  problematic, when encountering `binascii` issues decoding known host keys.
  Thanks to `@thomasvs` for catch & patch.
* 'ssh' 33: Bring `ssh_config` parsing more in line with OpenSSH spec, re: order of
  setting overrides by `Host` specifiers. Specifically, the overrides now go by
  file order instead of automatically sorting by `Host` value length. In
  addition, the first value found per config key (e.g. `Port`, `User` etc)
  wins, instead of the last. Thanks to Jan Brauer for the contribution.
* 'ssh' 36: Support new server two-factor authentication option
  (`RequiredAuthentications2`), at least re: combining key-based & password
  auth. Thanks to Github user `bninja`.
* 'ssh' 11: When raising an exception for hosts not listed in
  `known_hosts` (when `RejectPolicy` is in effect) the exception message was
  confusing/vague. This has been improved somewhat. Thanks to Cal Leeming for
  highlighting the issue.
* 'ssh' 40: Fixed up & expanded EINTR signal handling. Thanks to Douglas Turk.
* 'ssh' 15: Implemented parameter substitution in SSHConfig, matching the
  implementation of `ssh_config(5)`. Thanks to Olle Lundberg for the patch.
* 'ssh' 24: Switch some internal type checking to use `isinstance` to help prevent
  problems with client libraries using subclasses of builtin types. Thanks to
  Alex Morega for the patch.
* Fabric #562: Agent forwarding would error out (with `Authentication response
  too long`) or freeze, when more than one remote connection to the local agent
  was active at the same time. This has been fixed. Thanks to Steven McDonald
  for assisting in troubleshooting/patching, and to GitHub user `@lynxis` for
  providing the final version of the patch.
* 'ssh' 5: Moved a `fcntl` import closer to where it's used to help avoid
  `ImportError` problems on Windows platforms. Thanks to Jason Coombs for the
  catch + suggested fix.
* 'ssh' 4: Updated implementation of WinPageant integration to work on 64-bit
  Windows. Thanks again to Jason Coombs for the patch.
* Added an IO loop sleep() call to avoid needless CPU usage when agent
  forwarding is in use.
* Handful of internal tweaks to version number storage.
* Updated `setup.py` with `==dev` install URL for `pip` users.
* Updated `setup.py` to account for packaging problems in PyCrypto 2.4.0
* Added an extra `atfork()` call to help prevent spurious RNG errors when
  running under high parallel (multiprocess) load.
* Merge PR #28: https://github.com/paramiko/paramiko/pull/28 which adds a
  ssh-keygen like demo module. (Sofian Brabez)

v1.7.7.2 16may12
----------------
  * Merge pull request #63: https://github.com/paramiko/paramiko/pull/63 which
    fixes exceptions that occur when re-keying over fast connections. (Dwayne
    Litzenberger)

Revision 1.12 / (download) - annotate - [select for diffs], Tue Oct 23 18:16:54 2012 UTC (7 years, 5 months ago) by asau
Branch: MAIN
Changes since 1.11: +1 -3 lines
Diff to previous 1.11 (colored)

Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

Revision 1.11 / (download) - annotate - [select for diffs], Fri Jul 22 14:03:30 2011 UTC (8 years, 8 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3
Changes since 1.10: +4 -7 lines
Diff to previous 1.10 (colored)

Update py-paramiko to 1.7.7.1.
various bug fixes; requires pycrypto 2.1. or newer

Revision 1.10 / (download) - annotate - [select for diffs], Tue Apr 5 08:36:41 2011 UTC (9 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2011Q2-base, pkgsrc-2011Q2
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)

Fix PKGREVISION variable name. From Robert Elz.

Revision 1.9 / (download) - annotate - [select for diffs], Mon Dec 6 22:22:08 2010 UTC (9 years, 3 months ago) by gls
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4
Changes since 1.8: +6 -4 lines
Diff to previous 1.8 (colored)

Direct MASTER_SITES to pypi.org, as the original MASTER_SITE doesn't host the
distfile anymore. Add DIST_SUBDIR to force re-download of the tarball, which
content has been modified.

While here, switch DEPENDS to py-crypto instead of py-amkCrypto.

Bump PKG_REVISION.

Revision 1.8 / (download) - annotate - [select for diffs], Wed Jun 2 18:31:41 2010 UTC (9 years, 10 months ago) by gls
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2
Changes since 1.7: +7 -6 lines
Diff to previous 1.7 (colored)

This is a Python egg.
Don't hardwire paths in PLIST.

As noted by Ryo HAYASAKA in PR/43405.

Revision 1.7 / (download) - annotate - [select for diffs], Mon May 31 20:30:31 2010 UTC (9 years, 10 months ago) by gls
Branch: MAIN
Changes since 1.6: +5 -2 lines
Diff to previous 1.6 (colored)

Update security/py-paramiko to 1.7.6.
pkgsrc changes:
- patches/patch-aa no longer required
- Added LICENSE

Changelog:
ARC4 & CTR support, IP6 support, and various bug fixes (incl. an important
Windows random number generation fix)

Revision 1.6 / (download) - annotate - [select for diffs], Thu Jun 12 02:14:45 2008 UTC (11 years, 9 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2010Q1-base, pkgsrc-2010Q1, pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, cwrapper, cube-native-xorg-base, cube-native-xorg
Changes since 1.5: +3 -1 lines
Diff to previous 1.5 (colored)

Add DESTDIR support.

Revision 1.5 / (download) - annotate - [select for diffs], Thu May 15 18:27:43 2008 UTC (11 years, 10 months ago) by drochner
Branch: MAIN
Changes since 1.4: +5 -2 lines
Diff to previous 1.4 (colored)

update to 1.7.3
changes:
-direct-tcpip support
-bug fixes

pkgsrc change: disable use of Python setuptools
	(gives unpredictable results)

Revision 1.4 / (download) - annotate - [select for diffs], Fri Apr 25 20:39:12 2008 UTC (11 years, 11 months ago) by joerg
Branch: MAIN
Changes since 1.3: +1 -2 lines
Diff to previous 1.3 (colored)

Update PYTHON_VERSIONS_COMPATIBLE
- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.

Revision 1.3 / (download) - annotate - [select for diffs], Fri Dec 14 13:35:04 2007 UTC (12 years, 3 months ago) by bjs
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base, pkgsrc-2008Q1, pkgsrc-2007Q4-base, pkgsrc-2007Q4
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)


Update to version 1.7.1.

Changes:


Update to version 1.7.1.  Changes:

v1.7.1 (Amy) 10jun07
--------------------
  * windows SSH agent support can use the 'ctypes' module now if 'win32all' is
    not available [patch from alexander belchenko]
  * SFTPClient.listdir_attr() now preserves the 'longname' field [patch from
    wesley augur]
  * SFTPClient.get_channel() API added
  * SSHClient constuctor takes an optional 'timeout' parameter [patch from
    james bardin]

v1.7 (zubat) 18feb07
--------------------
  * added x11 channel support (patch from david guerizec)
  * added reverse port forwarding support
  * (bug 75370) raise an exception when contacting a broken SFTP server
  * (bug 80295) SSHClient shouldn't expand the user directory twice when reading
    RSA/DSS keys
  * (bug 82383) typo in DSS key in SSHClient
  * (bug 83523) python 2.5 warning when encoding a file's modification time
  * if connecting to an SSH agent fails, silently fallback instead of raising
    an exception

v1.6.4 (yanma) 19nov06
----------------------
  * fix setup.py on osx (oops!)
  * (bug 69330) check for the existence of RSA/DSA keys before trying to open
    them in SFTPClient
  * (bug 69222) catch EAGAIN in socket code to workaround a bug in recent
    Linux 2.6 kernels
  * (bug 70398) improve dict emulation in HostKeys objects
  * try harder to make sure all worker threads are joined on Transport.close()

v1.6.3 (xatu) 14oct06
---------------------
  * fixed bug where HostKeys.__setitem__ wouldn't always do the right thing
  * fixed bug in SFTPClient.chdir and SFTPAttributes.__str__ [patch from
    mike barber]
  * try harder not to raise EOFError from within SFTPClient
  * fixed bug where a thread waiting in accept() could block forever if the
    transport dies [patch from mike looijmans]

v1.6.2 (weedle) 16aug06
-----------------------
  * added support for "old" group-exchange server mode, for compatibility
    with the windows putty client
  * fixed some more interactions with SFTP file readv() and prefetch()
  * when saving the known_hosts file, preserve the original order [patch from
    warren young]
  * fix a couple of broken lines when exporting classes (bug 55946)

v1.6.1 (vulpix) 10jul06
-----------------------
  * more unit tests fixed for windows/cygwin (thanks to alexander belchenko)
  * a couple of fixes related to exceptions leaking out of SFTPClient
  * added ability to set items in HostKeys via __setitem__
  * HostKeys now retains order and has a save() method
  * added PKey.write_private_key and PKey.from_private_key

v1.6 (umbreon) 10may06
----------------------
  * pageant support on Windows thanks to john arbash meinel and todd whiteman
  * fixed unit tests to work under windows and cygwin (thanks to alexander
    belchenko for debugging)
  * various bugfixes/tweaks to SFTP file prefetch
  * added SSHClient for a higher-level API
  * SFTP readv() now yields results as it gets them
  * several APIs changed to throw an exception instead of "False" on failure

Revision 1.2 / (download) - annotate - [select for diffs], Tue Jul 11 00:21:17 2006 UTC (13 years, 8 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base, pkgsrc-2007Q3, pkgsrc-2007Q2-base, pkgsrc-2007Q2, pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4, pkgsrc-2006Q3-base, pkgsrc-2006Q3
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)

The yield syntax used in one of the modules is not supported by
Python 2.2, so mark it as 2.3+ only.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Tue Jul 4 15:35:54 2006 UTC (13 years, 9 months ago) by drochner
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

add py-paramiko-1.6, a python extension implementing the ssh2 protocol

Revision 1.1 / (download) - annotate - [select for diffs], Tue Jul 4 15:35:54 2006 UTC (13 years, 9 months ago) by drochner
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>