Up to [cvs.NetBSD.org] / pkgsrc / security / py-paramiko
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.50 / (download) - annotate - [select for diffs], Mon Jul 31 16:16:48 2023 UTC (4 months ago) by adam
CVS Tags: pkgsrc-2023Q3-base, pkgsrc-2023Q3, HEAD
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)
py-paramiko: updated to 3.3.1 3.3.1 2023-07-28 [Bug]: Cleaned up some very old root level files, mostly just to exercise some of our doc build and release machinery. This changelog entry intentionally left blank! nothing-to-see-here-move-along.gif 3.3.0 2023-07-28 [Feature] Add an explicit max_concurrent_prefetch_requests argument to paramiko.client.SSHClient.get and paramiko.client.SSHClient.getfo, allowing users to limit the number of concurrent requests used during prefetch. Patch by @kschoelhorn, with a test by @bwinston-sdp. [Feature] Add support and tests for Match final „ŗ(frequently used in ProxyJump configurations to exclude the jump host) to our SSH config parser. Patch by @commonism.
Revision 1.49 / (download) - annotate - [select for diffs], Tue Jul 18 15:54:43 2023 UTC (4 months, 2 weeks ago) by adam
Changes since 1.48: +9 -6 lines
Diff to previous 1.48 (colored)
py-paramiko: updated to 3.2.0 3.2.0 2023-05-25 [Feature]: PKey grew a new .fingerprint property which emits a fingerprint string matching the SHA256+Base64 values printed by various OpenSSH tooling (eg ssh-add -l, ssh -v). This is intended to help troubleshoot Paramiko-vs-OpenSSH behavior and will eventually replace the venerable get_fingerprint method. [Feature]: PKey grew a new .algorithm_name property which displays the key algorithm; this is typically derived from the value of get_name. For example, ED25519 keys have a get_name of ssh-ed25519 (the SSH protocol key type field value), and now have a algorithm_name of ED25519. [Feature]: PKey now offers convenience ◊őeta-constructors„ŗ static methods that simplify the process of instantiating the correct subclass for a given key input. For example, PKey.from_path can load a file path without knowing a priori what type of key it is (thanks to some handy methods within our cryptography dependency). Going forwards, we expect this to be the primary method of loading keys by user code that runs on „ŗ◊…uman time„ŗ(i.e. where some minor efficiencies are worth the convenience). In addition, PKey.from_type_string now exists, and is being used in some internals to load ssh-agent keys. As part of these changes, PKey and friends grew an identifiers classmethod; this is inspired by the supported_key_format_identifiers classmethod (which now refers to the new method.) This also includes adding a .name attribute to most key classes (which will eventually replace .get_name(). [Feature]: Enhanced AgentKey with new attributes, such as: Added a comment attribute (and constructor argument); Agent.get_keys() now uses this kwarg to store any comment field sent over by the agent. The original version of the agent feature inexplicably did not store the comment anywhere. Agent-derived keys now attempt to instantiate a copy of the appropriate key class for access to other algorithm-specific members (eg key size). This is available as the .inner_key attribute. Note This functionality is now in use in Fabric„ŗ—‘ new --list-agent-keys feature, as well as in Paramiko„ŗ—‘ debug logging. [Feature] Users of SSHClient can now configure the authentication logic Paramiko uses when connecting to servers; this functionality is intended for advanced users and higher-level libraries such as Fabric. See auth_strategy for details. Fabric„ŗ—‘ co-temporal release includes a proof-of-concept use of this feature, implementing an auth flow much closer to that of the OpenSSH client (versus Paramiko„ŗ—‘ legacy behavior). It is strongly recommended that if this interests you, investigate replacing any direct use of SSHClient with Fabric„ŗ—‘ Connection. Warning This feature is EXPERIMENTAL; please see its docs for details. [Feature]: Implement _fields() on AgentKey so that it may be compared (via ==) with other PKey instances. [Bug]: AgentKey had a dangling Python 3 incompatible __str__ method returning bytes. This method has been removed, allowing the superclass„ŗ(PKey) method to run instead. [Bug] Since its inception, Paramiko has (for reasons lost to time) implemented authentication as a side effect of handling affirmative replies to MSG_SERVICE_REQUEST protocol messages. What this means is Paramiko makes one such request before every MSG_USERAUTH_REQUEST, i.e. every auth attempt. OpenSSH doesn„ŗ—’ care if clients send multiple service requests, but other server implementations are often stricter in what they accept after an initial service request (due to the RFCs not being clear). This can result in odd behavior when a user doesn„ŗ—’ authenticate successfully on the very first try (for example, when the right key for a target host is the third in one„ŗ—‘ ssh-agent). This version of Paramiko now contains an opt-in Transport subclass, ServiceRequestingTransport, which more-correctly implements service request handling in the Transport, and uses an auth-handler subclass internally which has been similarly adapted. Users wanting to try this new experimental code path may hand this class to SSHClient.connect as its transport_factory kwarg. Warning This feature is EXPERIMENTAL and its code may be subject to change. In addition: minor backwards incompatible changes exist in the new code paths, most notably the removal of the (inconsistently applied and rarely used) event arguments to the auth_xxx methods. GSSAPI support has only been partially implemented, and is untested. Note Some minor backwards-compatible changes were made to the existing Transport and AuthHandler classes to facilitate the new code. For example, Transport._handler_table and AuthHandler._client_handler_table are now properties instead of raw attributes. [Bug] The server-sig-algs and RSA-SHA2 features added around Paramiko 2.9 or so, had the annoying side effect of not working with servers that don„ŗ—’ support either of those feature sets, requiring use of disabled_algorithms to forcibly disable the SHA2 algorithms on Paramiko„ŗ—‘ end. The experimental ServiceRequestingTransport (noted in its own entry in this changelog) includes a fix for this issue, specifically by falling back to the same algorithm as the in-use pubkey if it„ŗ—‘ in the algorithm list (leaving the „ŗ◊«irst algorithm in said list„ŗas an absolute final fallback). [Bug]: Fixed a very sneaky bug found at the apparently rarely-traveled intersection of RSA-SHA2 keys, certificates, SSH agents, and stricter-than-OpenSSH server targets. This manifested as yet another „ŗ◊ōell, if we turn off SHA2 at one end or another, everything works again„ŗproblem, for example with version 12 of the Teleport server endpoint. This has been fixed; Paramiko tweaked multiple aspects of how it requests agent signatures, and the agent appears to do the right thing now.
Revision 1.48 / (download) - annotate - [select for diffs], Mon Nov 14 09:28:16 2022 UTC (12 months, 3 weeks ago) by adam
CVS Tags: pkgsrc-2023Q2-base, pkgsrc-2023Q2, pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
py-paramiko: updated to 2.12.0 2.12.0 2022-11-04 [Feature] Add a transport_factory kwarg to SSHClient.connect for advanced users to gain more control over early Transport setup and manipulation. Thanks to Noah Pederson for the patch.
Revision 1.47 / (download) - annotate - [select for diffs], Wed Oct 19 13:56:33 2022 UTC (13 months, 2 weeks ago) by nia
Changes since 1.46: +3 -2 lines
Diff to previous 1.46 (colored)
fighting a losing battle against py-cryptography rustification, part 2 Switch users to versioned_dependencies.mk.
Revision 1.46 / (download) - annotate - [select for diffs], Wed Jul 13 20:06:23 2022 UTC (16 months, 3 weeks ago) by adam
CVS Tags: pkgsrc-2022Q3-base, pkgsrc-2022Q3
Changes since 1.45: +9 -8 lines
Diff to previous 1.45 (colored)
py-paramiko: updated to 2.11.0 2.11.0 2022-05-16 [Feature]: Add SSH config token expansion (eg %h, %p) when parsing ProxyJump directives. Patch courtesy of Bruno Inec. [Support]: Apply unittest skipIf to tests currently using SHA1 in their critical path, to avoid failures on systems starting to disable SHA1 outright in their crypto backends (eg RHEL 9). Report & patch via Paul Howarth. [Support]: Update camelCase method calls against the threading module to be snake_case; this and related tweaks should fix some deprecation warnings under Python 3.10. Thanks to Karthikeyan Singaravelan for the report, @Narendra-Neerukonda for the patch, and to Thomas Grainger and Jun Omae for patch workshopping. [Support]: Recent versions of Cryptography have deprecated Blowfish algorithm support; in lieu of an easy method for users to remove it from the list of algorithms Paramiko tries to import and use, we„ŗ—◊e decided to remove it from our „ŗ◊—referred algorithms„ŗlist. This will both discourage use of a weak algorithm, and avoid warnings. Credit for report/patch goes to Mike Roest.
Revision 1.45 / (download) - annotate - [select for diffs], Thu May 5 17:59:35 2022 UTC (19 months ago) by adam
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2
Changes since 1.44: +4 -4 lines
Diff to previous 1.44 (colored)
py-paramiko: updated to 2.10.4 2.10.4 2022-04-25 [Bug]: Servers offering certificate variants of hostkey algorithms (eg email@example.com) could not have their host keys verified by Paramiko clients, as it only ever considered non-cert key types for that part of connection handshaking. This has been fixed. [Bug]: PKey instances„ŗ__eq__ did not have the usual safety guard in place to ensure they were being compared to another PKey object, causing occasional spurious BadHostKeyException (among other things). This has been fixed. Thanks to Shengdun Hua for the original report/patch and to Christopher Papke for the final version of the fix. [Support]: Update camelCase method calls against the threading module to be snake_case; this and related tweaks should fix some deprecation warnings under Python 3.10. Thanks to Karthikeyan Singaravelan for the report, @Narendra-Neerukonda for the patch, and to Thomas Grainger and Jun Omae for patch workshopping.
Revision 1.44 / (download) - annotate - [select for diffs], Thu Apr 21 11:00:01 2022 UTC (19 months, 2 weeks ago) by wiz
Changes since 1.43: +3 -3 lines
Diff to previous 1.43 (colored)
*: convert to versioned_dependencies for py-cryptography
Revision 1.43 / (download) - annotate - [select for diffs], Tue Jan 4 20:54:43 2022 UTC (23 months ago) by wiz
CVS Tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1
Changes since 1.42: +2 -1 lines
Diff to previous 1.42 (colored)
*: bump PKGREVISION for egg.mk users They now have a tool dependency on py-setuptools instead of a DEPENDS
Revision 1.42 / (download) - annotate - [select for diffs], Mon Nov 29 09:33:19 2021 UTC (2 years ago) by adam
CVS Tags: pkgsrc-2021Q4-base, pkgsrc-2021Q4
Changes since 1.41: +3 -3 lines
Diff to previous 1.41 (colored)
py-paramiko: updated to 2.8.1 2.8.1 2021-11-28 [Bug]: (also 908) Update PKey and subclasses to compare (__eq__) via direct field/attribute comparison instead of hashing (while retaining the existing behavior of __hash__ via a slight refactor). Big thanks to Josh Snyder and Jun Omae for the reports, and to Josh Snyder for reproduction details & patch. Warning This fixes a security flaw! If you are running Paramiko on 32-bit systems with low entropy (such as any 32-bit Python 2, or a 32-bit Python 3 which is running with PYTHONHASHSEED=0) it is possible for an attacker to craft a new keypair from an exfiltrated public key, which Paramiko would consider equal to the original key. This could enable attacks such as, but not limited to, the following: Paramiko server processes would incorrectly authenticate the attacker (using their generated private key) as if they were the victim. We see this as the most plausible attack using this flaw. Paramiko client processes would incorrectly validate a connected server (when host key verification is enabled) while subjected to a man-in-the-middle attack. This impacts more users than the server-side version, but also carries higher requirements for the attacker, namely successful DNS poisoning or other MITM techniques. [Bug] 1257: (also 1266) Update RSA and ECDSA key decoding subroutines to correctly catch exception types thrown by modern versions of Cryptography (specifically TypeError and its internal UnsupportedAlgorithm). These exception classes will now become SSHException instances instead of bubbling up. Thanks to Ignat Semenov for the report and @tylergarcianet for an early patch. [Bug] 1024: Deleting items from HostKeys would incorrectly raise KeyError even for valid keys, due to a logic bug. This has been fixed. Report & patch credit: Jia Zhang. [Bug] 985: (via 992) Fix listdir failure when server uses a locale. Now on Python 2.7 SFTPAttributes will decode abbreviated month names correctly rather than raise UnicodeDecodeError`. Patch courtesy of Martin Packman.
Revision 1.41 / (download) - annotate - [select for diffs], Mon Oct 11 09:34:52 2021 UTC (2 years, 1 month ago) by adam
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)
py-paramiko: updated to 2.8.0 2.8.0 2021-10-09 [Feature] Add a prefetch keyword argument to SFTPClient.get/SFTPClient.getfo so users who need to skip SFTP prefetching are able to conditionally turn it off. Thanks to Github user @h3ll0r for the PR. [Bug] Newer server-side key exchange algorithms not intended to use SHA1 (diffie-hellman-group14-sha256, diffie-hellman-group16-sha512) were incorrectly using SHA1 after all, due to a bug causing them to ignore the hash_algo class attribute. This has been corrected. Big thanks to @miverson for the report and to Benno Rice for the patch. [Support] Remove leading whitespace from OpenSSH RSA test suite static key fixture, to conform better to spec. Credit: Alex Gaynor. [Support] Add missing test suite fixtures directory to MANIFEST.in, reinstating the ability to run Paramiko„ŗ—‘ tests from an sdist tarball. Thanks to Sandro Tosi for reporting the issue and to Blazej Michalik for the PR. [Support]: Update our CI to catch issues with sdist generation, installation and testing. [Support]: Administrivia overhaul, including but not limited to: Migrate CI to CircleCI Primary dev branch is now main (renamed) Many README edits for clarity, modernization etc; including a bunch more (and consistent) status badges & unification with main project site index PyPI page much more fleshed out (long_description is now filled in with the README; sidebar links expanded; etc) flake8, pytest configs split out of setup.cfg into their own files Invoke/invocations (used by maintainers/contributors) upgraded to modern versions
Revision 1.40 / (download) - annotate - [select for diffs], Tue Sep 8 17:43:12 2020 UTC (3 years, 2 months ago) by adam
CVS Tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2, pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
py-paramiko: updated to 2.7.2 2.7.2: [Bug] Fix incorrectly swapped order of p and q numbers when loading OpenSSH-format RSA private keys. At minimum this should address a slowdown when using such keys, and it also means Paramiko works with Cryptography 3.1 and above (which complains strenuously when this problem appears). Thanks to Alex Gaynor for the patch. [Bug]: Fix incorrect string formatting causing unhelpful error message annotation when using Kerberos/GSSAPI. (Thanks, newer version of flake8!) [Support] Remove leading whitespace from OpenSSH RSA test suite static key fixture, to conform better to spec. Credit: Alex Gaynor. [Support] Add missing test suite fixtures directory to MANIFEST.in, reinstating the ability to run Paramiko„ŗ—‘ tests from an sdist tarball. Thanks to Sandro Tosi for reporting the issue and to Blazej Michalik for the PR. [Support]: Update our CI to catch issues with sdist generation, installation and testing.
Revision 1.39 / (download) - annotate - [select for diffs], Sun May 17 19:34:13 2020 UTC (3 years, 6 months ago) by adam
CVS Tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2
Changes since 1.38: +4 -2 lines
Diff to previous 1.38 (colored)
pytest from versioned depends
Revision 1.38 / (download) - annotate - [select for diffs], Sun Jan 26 17:32:07 2020 UTC (3 years, 10 months ago) by rillig
CVS Tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)
all: migrate homepages from http to https pkglint -r --network --only "migrate" As a side-effect of migrating the homepages, pkglint also fixed a few indentations in unrelated lines. These and the new homepages have been checked manually.
Revision 1.37 / (download) - annotate - [select for diffs], Wed Dec 11 10:43:53 2019 UTC (3 years, 11 months ago) by adam
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)
py-paramiko: updated to 2.7.1 2.7.1: [Bug] Fix a bug in support for ECDSA keys under the newly supported OpenSSH key format. Thanks to Pierce Lopez for the patch. [Bug] The new-style private key format (added in 2.7) suffered from an unpadding bug which had been fixed earlier for Ed25519 (as that key type has always used the newer format). That fix has been refactored and applied to the base key class, courtesy of Pierce Lopez. 2.7.0: [Feature]: Add new convenience classmethod constructors to SSHConfig: from_text, from_file, and from_path. No more annoying two-step process! [Feature] Implement most „ŗŌńanonical hostname„ŗssh_config functionality (CanonicalizeHostname, CanonicalDomains, CanonicalizeFallbackLocal, and CanonicalizeMaxDots; CanonicalizePermittedCNAMEs has not yet been implemented). All were previously silently ignored. Reported by Michael Leinartas. [Feature] Implement support for the Match keyword in ssh_config files. Previously, this keyword was simply ignored & keywords inside such blocks were treated as if they were part of the previous block. Thanks to Michael Leinartas for the initial patchset. Note This feature adds a new optional install dependency, Invoke, for managing Match exec subprocesses. [Feature]: A couple of outright SSHConfig parse errors were previously represented as vanilla Exception instances; as part of recent feature work a more specific exception class, ConfigParseError, has been created. It is now also used in those older spots, which is naturally backwards compatible. [Feature] Implement support for OpenSSH 6.5-style private key files (typically denoted as having BEGIN OPENSSH PRIVATE KEY headers instead of PEM format„ŗ—‘ BEGIN RSA PRIVATE KEY or similar). If you were getting any sort of weird auth error from „ŗ◊őodern„ŗkeys generated on newer operating system releases (such as macOS Mojave), this is the first update to try. Major thanks to everyone who contributed or tested versions of the patch, including but not limited to: Kevin Abel, Michiel Tiller, Pierce Lopez, and Jared Hobbs. [Bug]: Perform deduplication of IdentityFile contents during ssh_config parsing; previously, if your config would result in the same value being encountered more than once, IdentityFile would contain that many copies of the same string. [Bug]: Paramiko„ŗ—‘ use of subprocess for ProxyCommand support is conditionally imported to prevent issues on limited interpreter platforms like Google Compute Engine. However, any resulting ImportError was lost instead of preserved for raising (in the rare cases where a user tried leveraging ProxyCommand in such an environment). This has been fixed. [Bug]: ssh_config token expansion used a different method of determining the local username ($USER env var), compared to what the (much older) client connection code does (getpass.getuser, which includes $USER but may check other variables first, and is generally much more comprehensive). Both modules now use getpass.getuser. [Support]: Explicitly document which ssh_config features we currently support. Previously users just had to guess, which is simply no good. [Support]: Additional installation extras_require „ŗ◊«lavors„ŗ(ed25519, invoke, and all) have been added to our packaging metadata; see the install docs for details.
Revision 1.36 / (download) - annotate - [select for diffs], Tue Jul 2 04:31:13 2019 UTC (4 years, 5 months ago) by adam
CVS Tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3
Changes since 1.35: +4 -5 lines
Diff to previous 1.35 (colored)
py-paramiko: updated to 2.6.0 2.6.0: Add a new keyword argument to SSHClient.connect and Transport, disabled_algorithms, which allows selectively disabling one or more kex/key/cipher/etc algorithms. This can be useful when disabling algorithms your target server (or client) does not support cleanly, or to work around unpatched bugs in Paramiko„ŗ—‘ own implementation thereof. SSHClient.exec_command previously returned a naive ChannelFile object for its stdin value; such objects don„ŗ—’ know to properly shut down the remote end„ŗ—‘ stdin when they .close(). This lead to issues (such as hangs) when running remote commands that read from stdin. Add backwards-compatible support for the gssapi GSSAPI library, as the previous backend (python-gssapi) has since become defunct. This change also includes tests for the GSSAPI functionality. Tweak many exception classes so their string representations are more human-friendly; this also includes incidental changes to some super() calls.
Revision 1.35 / (download) - annotate - [select for diffs], Mon Jun 10 08:42:57 2019 UTC (4 years, 5 months ago) by adam
CVS Tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2
Changes since 1.34: +3 -2 lines
Diff to previous 1.34 (colored)
py-paramiko: updated to 2.5.0 2.5.0: [Feature] Updated SSHConfig.lookup so it returns a new, type-casting-friendly dict subclass (SSHConfigDict) in lieu of dict literals. This ought to be backwards compatible, and allows an easier way to check boolean or int type ssh_config values. [Feature] Add support for Curve25519 key exchange (aka firstname.lastname@example.org). [Feature] Add support for encrypt-then-MAC (ETM) schemes (email@example.com, firstname.lastname@example.org) and two newer Diffie-Hellman group key exchange algorithms (group14, using SHA256; and group16, using SHA512). Patch courtesy of Edgar Sousa. [Support] Update our install docs with (somewhat) recently added additional dependencies; we previously only required Cryptography, but the docs never got updated after we incurred bcrypt and pynacl requirements for Ed25519 key support. Additionally, pyasn1 was never actually hard-required; it was necessary during a development branch, and is used by the optional GSSAPI support, but is not required for regular installation. Thus, it has been removed from our setup.py and its imports in the GSSAPI code made optional. [Support] Add *.pub files to the MANIFEST so distributed source packages contain some necessary test assets. Credit: Alexander Kapshuna. [Support] Add support for the modern (as of Python 3.3) import location of MutableMapping (used in host key management) to avoid the old location becoming deprecated in Python 3.8. [Support] Raise Cryptography dependency requirement to version 2.5 (from 1.5) and update some deprecated uses of its API.
Revision 1.34 / (download) - annotate - [select for diffs], Fri Sep 21 11:04:16 2018 UTC (5 years, 2 months ago) by adam
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)
py-paramiko: updated to 2.4.2 2.4.2: Fix exploit (CVE pending) in Paramiko„ŗ—‘ server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication. Specifically, steps have been taken to start separating client and server related message types in the message handling tables within Transport and AuthHandler; this work is not complete but enough has been performed to close off this particular exploit (which was the only obvious such exploit for this particular channel). Modify protocol message handling such that Transport does not respond to MSG_UNIMPLEMENTED with its own MSG_UNIMPLEMENTED. This behavior probably didn„ŗ—’ cause any outright errors, but it doesn„ŗ—’ seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends). Add *.pub files to the MANIFEST so distributed source packages contain some necessary test assets. Credit: Alexander Kapshuna. Backport pytest support and application of the black code formatter (both of which previously only existed in the 2.4 branch and above) to everything 2.0 and newer. This makes back/forward porting bugfixes significantly easier. Backport changes from 979 (added in Paramiko 2.3) to Paramiko 2.0-2.2, using duck-typing to preserve backwards compatibility. This allows these older versions to use newer Cryptography sign/verify APIs when available, without requiring them (as is the case with Paramiko 2.3+).
Revision 1.33 / (download) - annotate - [select for diffs], Thu Sep 6 13:28:00 2018 UTC (5 years, 3 months ago) by adam
Changes since 1.32: +3 -3 lines
Diff to previous 1.32 (colored)
py-paramiko: BUILD_DEPENDS -> TEST_DEPENDS
Revision 1.32 / (download) - annotate - [select for diffs], Tue Mar 13 18:35:29 2018 UTC (5 years, 8 months ago) by adam
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)
py-paramiko: updated to 2.4.1 2.4.1: [Bug] Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3). Report by Theodor van Nahl and fix by Pierce Lopez. [Bug] Add newer key classes for Ed25519 and ECDSA to paramiko.__all__ so that code introspecting that attribute, or using from paramiko import * (such as some IDEs) sees them. Thanks to @patriksevallius for the patch. [Bug] Fix a security flaw (CVE-2018-7750) in Paramiko„ŗ—‘ server mode (emphasis on server mode; this does not impact client use!) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating. Big thanks to Matthijs Kooijman for the report.
Revision 1.31 / (download) - annotate - [select for diffs], Wed Nov 15 09:24:14 2017 UTC (6 years ago) by adam
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4
Changes since 1.30: +5 -3 lines
Diff to previous 1.30 (colored)
py-paramiko: updated to 2.4.0 2.4.0: [Feature]: Add a new passphrase kwarg to SSHClient.connect so users may disambiguate key-decryption passphrases from password-auth passwords. (This is a backwards compatible change; password will still pull double duty as a passphrase when passphrase is not given.) [Support]: Drop Python 2.6 and Python 3.3 support; now only 2.7 and 3.4+ are supported. If you„ŗ—”e unable to upgrade from 2.6 or 3.3, please stick to the Paramiko 2.3.x (or below) release lines. [Support]: Include LICENSE file in wheel archives. [Support]: Updated the test suite & related docs/metadata/config to be compatible with pytest instead of using the old, custom, crufty unittest-based test.py. This includes marking known-slow tests (mostly the SFTP ones) so they can be filtered out by inv test„ŗŌ‘ default behavior; as well as other minor tweaks to test collection and/or display (for example, GSSAPI tests are collected, but skipped, instead of not even being collected by default as in test.py.) [Support]: Update tearDown of client test suite to avoid hangs due to eternally blocking accept() calls on the internal server thread (which can occur when test code raises an exception before actually connecting to the server.)
Revision 1.30 / (download) - annotate - [select for diffs], Wed Oct 25 06:38:53 2017 UTC (6 years, 1 month ago) by adam
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)
Revision 1.29 / (download) - annotate - [select for diffs], Thu Oct 12 12:42:26 2017 UTC (6 years, 1 month ago) by adam
Changes since 1.28: +16 -18 lines
Diff to previous 1.28 (colored)
py-paramiko: update to 2.3.1 2.3.1: [Bug] 1071: Certificate support broke the no-certificate case for Ed25519 keys (symptom is an AttributeError about public_blob.) This went uncaught due to cert autoload behavior (i.e. our test suite never actually ran the no-cert case, because the cert existed!) Both issues have been fixed. Thanks to John Hu for the report.
Revision 1.28 / (download) - annotate - [select for diffs], Fri May 19 14:47:10 2017 UTC (6 years, 6 months ago) by he
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)
Upgrade py-paramiko from 1.15.3 to 1.18.2. Pkgsrc changes: Adapt PLIST. Upstream changes: 1.18.2 2017-02-20 [Bug] #895: Fix a bug in server-mode concerning multiple interactive auth steps (which were incorrectly responded to). Thanks to Dennis Kaarsemaker for catch & patch. [Bug] #713: (via #714 and #889) Don't pass initialization vectors to PyCrypto when dealing with counter-mode ciphers; newer PyCrypto versions throw an exception otherwise (older ones simply ignored this parameter altogether). Thanks to @jmh045000 for report & patches. [Bug] #44: (via #891) SSHClient now gives its internal Transport a handle on itself, preventing garbage collection of the client until the session is closed. Without this, some code which returns stream or transport objects without the client that generated them, would result in premature session closure when the client was GCd. Credit: @w31rd0 for original report, Omer Anson for the patch. [Bug] #862: (via #863) Avoid test suite exceptions on platforms lacking errno.ETIME (which seems to be some FreeBSD and some Windows environments.) Thanks to Sofian Brabez. [Bug] #853: Tweak how RSAKey.__str__ behaves so it doesn't cause TypeError under Python 3. Thanks to Francisco Couzo for the report. [Support] #866: (also #838) Remove an old test-related file we don't support, and add PyPy to Travis-CI config. Thanks to Pierce Lopez for the final patch and Pedro Rodrigues for an earlier edition. 1.18.1 2016-12-12 [Bug] #859: (via #860) A tweak to the original patch implementing #398 was not fully applied, causing calls to invoke_shell to fail with AttributeError. This has been fixed. Patch credit: Kirk Byers. 1.18.0 2016-12-09 [Feature] #398: Add an environment dict argument to Client.exec_command (plus the lower level Channel.update_environment and Channel.set_environment_variable methods) which implements the env SSH message type. This means the remote shell environment can be set without the use of VARNAME=value shell tricks, provided the server's AcceptEnv lists the variables you need to set. Thanks to Philip Lorenz for the pull request. [Feature] #780: (also #779, and may help users affected by #520) Add an optional timeout parameter to Transport.start_client (and feed it the value of the configured connection timeout when used within SSHClient.) This helps prevent situations where network connectivity isn't timing out, but the remote server is otherwise unable to service the connection in a timely manner. Credit to @sanseihappa. [Support] #819: Document how lacking gmp headers at install time can cause a significant performance hit if you build PyCrypto from source. (Most system-distributed packages already have this enabled.) [Support] #854: Fix incorrect docstring/param-list for Transport.auth_gssapi_keyex so it matches the real signature. Caught by @Score_Under. [Support] #792: Minor updates to the README and demos; thanks to Alan Yee. [Support] #801: Skip a Unix-only test when on Windows; thanks to Gabi Davar. For pre-1.18.0 changes, see http://www.paramiko.org/changelog.html
Revision 1.27 / (download) - annotate - [select for diffs], Wed Jun 8 17:43:38 2016 UTC (7 years, 6 months ago) by wiz
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)
Switch to MASTER_SITES_PYPI.
Revision 1.26 / (download) - annotate - [select for diffs], Wed May 18 12:43:00 2016 UTC (7 years, 6 months ago) by he
Changes since 1.25: +1 -2 lines
Diff to previous 1.25 (colored)
Undo previous, contaminated testing environment, py-cryptography isn't needed after all.
Revision 1.25 / (download) - annotate - [select for diffs], Wed May 18 12:01:53 2016 UTC (7 years, 6 months ago) by he
Changes since 1.24: +2 -1 lines
Diff to previous 1.24 (colored)
Add missing dependency on py-cryptography. Without this, usage fails with "ImportError: No module named cryptography.hazmat.backends" from paramiko/transport.py.
Revision 1.24 / (download) - annotate - [select for diffs], Sat Oct 3 22:54:17 2015 UTC (8 years, 2 months ago) by rodent
CVS Tags: pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4
Changes since 1.23: +2 -4 lines
Diff to previous 1.23 (colored)
Update to 1.15.3. Mostly, the point of this update is to clarify that paramiko is not, from what I can tell by building and using (also from the repo), broken under py3x. Therefore, dependencies marked as broken under py3x due to paramiko will be unmarked (unless they are broken for lack of py3x support). From sites/www/changelog.rst: :support:`554 backported` Fix inaccuracies in the docstring for the ECDSA key class. Thanks to Jared Hance for the patch. :support:`516 backported` Document ~paramiko.agent.AgentRequestHandler. Thanks to @toejough for report & suggestions. :bug:`496` Fix a handful of small but critical bugs in Paramiko's GSSAPI support (note: this includes switching from PyCrypo's Random to os.urandom). Thanks to Anselm Kruis for catch & patch. :bug:`491` (combines :issue:`62` and :issue:`439`) Implement timeout functionality to address hangs from dropped network connections and/or failed handshakes. Credit to @vazir and @dacut for the original patches and to Olle Lundberg for reimplementation. :bug:`490` Skip invalid/unparseable lines in known_hosts files, instead of raising ~paramiko.ssh_exception.SSHException. This brings Paramiko's behavior more in line with OpenSSH, which silently ignores such input. Catch & patch courtesy of Martin Topholm. :bug:`404` Print details when displaying ~paramiko.ssh_exception.BadHostKeyException objects (expected vs received data) instead of just "hey shit broke". Patch credit: Loic Dachary. :bug:`469` (also :issue:`488`, :issue:`461` and like a dozen others) Fix a typo introduced in the 1.15 release which broke WinPageant support. Thanks to everyone who submitted patches, and to Steve Cohen who was the lucky winner of the cherry-pick lottery. :bug:`353` (via :issue:`482`) Fix a bug introduced in the Python 3 port which caused OverFlowError (and other symptoms) in SFTP functionality. Thanks to @dboreham for leading the troubleshooting charge, and to Scott Maxwell for the final patch. :support:`582` Fix some old setup.py related helper code which was breaking bdist_dumb on Mac OS X. Thanks to Peter Odding for the patch. :bug:`22 major` Try harder to connect to multiple network families (e.g. IPv4 vs IPv6) in case of connection issues; this helps with problems such as hosts which resolve both IPv4 and IPv6 addresses but are only listening on IPv4. Thanks to Dries Desmet for original report and Torsten Landschoff for the foundational patchset. :bug:`402` Check to see if an SSH agent is actually present before trying to forward it to the remote end. This replaces what was usually a useless TypeError with a human-readable ~paramiko.ssh_exception.AuthenticationException. Credit to Ken Jordan for the fix and Yvan Marques for original report.
Revision 1.23 / (download) - annotate - [select for diffs], Mon Jan 5 13:18:28 2015 UTC (8 years, 11 months ago) by drochner
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored)
update to 0.15.2 There is no useful changelog, but it makes the client work again a recent OpenSSH server (6.7p1-hpn14v5) again. Tested with "duplicity".
Revision 1.22 / (download) - annotate - [select for diffs], Thu Jun 12 00:43:28 2014 UTC (9 years, 5 months ago) by gls
CVS Tags: pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
Update security/py-paramiko to 1.14.0 Upstream changes: ----------------- :release:`1.14.0 <2014-05-07>` ------------------------------ :bug:`-` paramiko.file.BufferedFile.read incorrectly returned text strings after the Python 3 migration, despite bytes being more appropriate for file contents (which may be binary or of an unknown encoding.) This has been addressed. Note paramiko.file.BufferedFile.readline continues to return strings, not bytes, as "lines" only make sense for textual data. It assumes UTF-8 by default. This should fix this issue raised on the Obnam mailing list. Thanks to Antoine Brenner for the patch. :bug:`-` Added self.args for exception classes. Used for unpickling. Related to (Fabric #986, Fabric #714). Thanks to Alex Plugaru. :bug:`-` Fix logging error in sftp_client for filenames containing the '%' character. Thanks to Antoine Brenner. :bug:`308` Fix regression in dsskey.py that caused sporadic signature verification failures. Thanks to Chris Rose. :support:`299` Use deterministic signatures for ECDSA keys for improved security. Thanks to Alex Gaynor. :support:`297` Replace PyCrypto's Random with os.urandom for improved speed and security. Thanks again to Alex. :support:`295` Swap out a bunch of PyCrypto hash functions with use of hashlib. Thanks to Alex Gaynor. :support:`290` (also :issue:`292`) Add support for building universal (Python 2+3 compatible) wheel files during the release process. Courtesy of Alex Gaynor. :support:`284` Add Python language trove identifiers to setup.py. Thanks to Alex Gaynor for catch & patch. :bug:`235` Improve string type testing in a handful of spots (e.g. s/if type(x) is str/if isinstance(x, basestring)/g.) Thanks to @ksamuel for the report. :release:`1.13.0 <2014-03-13>` ------------------------------ :feature:`16` Python 3 support! Our test suite passes under Python 3, and it (& Fabric's test suite) continues to pass under Python 2. Python 2.5 is no longer supported with this change! The merged code was built on many contributors' efforts, both code & feedback. In no particular order, we thank Daniel Goertzen, Ivan Kolodyazhny, Tomi Pievil√§inen, Jason R. Coombs, Jan N. Schulze, @Lazik, Dorian Pula, Scott Maxwell, Tshepang Lekhonkhobe, Aaron Meurer, and Dave Halter. :support:`256 backported` Convert API documentation to Sphinx, yielding a new API docs website to replace the old Epydoc one. Thanks to Olle Lundberg for the initial conversion work. :bug:`-` Use constant-time hash comparison operations where possible, to protect against timing-based attacks. Thanks to Alex Gaynor for the patch. :release:`1.12.2 <2014-02-14>` ------------------------------ :feature:`58` Allow client code to access the stored SSH server banner via Transport.get_banner <paramiko.transport.Transport.get_banner>. Thanks to @Jhoanor for the patch. :bug:`252` (Fabric #1020) Enhanced the implementation of ProxyCommand to avoid a deadlock/hang condition that frequently occurs at Transport shutdown time. Thanks to Mateusz Kobos, Matthijs van der Vleuten and Guillaume Zitta for the original reports and to Marius Gedminas for helping test nontrivial use cases. :bug:`268` Fix some missed renames of ProxyCommand related error classes. Thanks to Marius Gedminas for catch & patch. :bug:`34` (PR :issue:`35`) Fix SFTP prefetching incompatibility with some SFTP servers regarding request/response ordering. Thanks to Richard Kettlewell. :bug:`193` (and its attentant PRs :issue:`230` & :issue:`253`) Fix SSH agent problems present on Windows. Thanks to David Hobbs for initial report and to Aarni Koskela & Olle Lundberg for the patches. :release:`1.12.1 <2014-01-08>` ------------------------------ :bug:`225 (1.12+)` Note ecdsa requirement in README. Thanks to Amaury Rodriguez for the catch. :bug:`176` Fix AttributeError bugs in known_hosts file (re)loading. Thanks to Nathan Scowcroft for the patch & Martin Blumenstingl for the initial test case.
Revision 1.21 / (download) - annotate - [select for diffs], Fri May 9 07:37:18 2014 UTC (9 years, 7 months ago) by wiz
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
Mark packages that are not ready for python-3.3 also not ready for 3.4, until proven otherwise.
Revision 1.20 / (download) - annotate - [select for diffs], Mon Jan 27 18:41:14 2014 UTC (9 years, 10 months ago) by wiz
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.19: +1 -2 lines
Diff to previous 1.19 (colored)
Do not set FETCH_USING, should not be set in a package Makefile.
Revision 1.19 / (download) - annotate - [select for diffs], Sat Jan 25 10:30:20 2014 UTC (9 years, 10 months ago) by wiz
Changes since 1.18: +3 -1 lines
Diff to previous 1.18 (colored)
Mark packages as not ready for python-3.x where applicable; either because they themselves are not ready or because a dependency isn't. This is annotated by PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z or PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar respectively, please use the same style for other packages, and check during updates. Use versioned_dependencies.mk where applicable. Use REPLACE_PYTHON instead of handcoded alternatives, where applicable. Reorder Makefile sections into standard order, where applicable. Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default with the next commit. Whitespace cleanups and other nits corrected, where necessary.
Revision 1.18 / (download) - annotate - [select for diffs], Sun Oct 20 17:02:02 2013 UTC (10 years, 1 month ago) by gls
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4
Changes since 1.17: +4 -2 lines
Diff to previous 1.17 (colored)
Update security/py-paramiko to 1.12.0 pkgsrc changes: --------------- - Depends on security/py-ecdsa - FETCH_USING=curl to deal with PyPi's htpps only website. upstream changes: ----------------- v1.12.0 (27th Sep 2013) ----------------------- * #152: Add tentative support for ECDSA keys. *This adds the ecdsa module as a new dependency of Paramiko.* The module is available at [warner/python-ecdsa on Github](https://github.com/warner/python-ecdsa) and [ecdsa on PyPI](https://pypi.python.org/pypi/ecdsa). * Note that you might still run into problems with key negotiation -- Paramiko picks the first key that the server offers, which might not be what you have in your known_hosts file. * Mega thanks to Ethan Glasser-Camp for the patch. * #136: Add server-side support for the SSH protocol's 'env' command. Thanks to Benjamin Pollack for the patch. v1.11.2 (27th Sep 2013) ----------------------- * #156: Fix potential deadlock condition when using Channel objects as sockets (e.g. when using SSH gatewaying). Thanks to Steven Noonan and Frank Arnold for catch & patch. * #179: Fix a missing variable causing errors when an ssh_config file has a non-default AddressFamily set. Thanks to Ed Marshall & Tomaz Muraus for catch & patch. * #200: Fix an exception-causing typo in `demo_simple.py`. Thanks to Alex Buchanan for catch & Dave Foster for patch. * #199: Typo fix in the license header cross-project. Thanks to Armin Ronacher for catch & patch. v1.12.0 (27th Sep 2013) ----------------------- * #152: Add tentative support for ECDSA keys. *This adds the ecdsa module as a new dependency of Paramiko.* The module is available at [warner/python-ecdsa on Github](https://github.com/warner/python-ecdsa) and [ecdsa on PyPI](https://pypi.python.org/pypi/ecdsa). * Note that you might still run into problems with key negotiation -- Paramiko picks the first key that the server offers, which might not be what you have in your known_hosts file. * Mega thanks to Ethan Glasser-Camp for the patch. * #136: Add server-side support for the SSH protocol's 'env' command. Thanks to Benjamin Pollack for the patch. v1.11.2 (27th Sep 2013) ----------------------- * #156: Fix potential deadlock condition when using Channel objects as sockets (e.g. when using SSH gatewaying). Thanks to Steven Noonan and Frank Arnold for catch & patch. * #179: Fix a missing variable causing errors when an ssh_config file has a non-default AddressFamily set. Thanks to Ed Marshall & Tomaz Muraus for catch & patch. * #200: Fix an exception-causing typo in `demo_simple.py`. Thanks to Alex Buchanan for catch & Dave Foster for patch. * #199: Typo fix in the license header cross-project. Thanks to Armin Ronacher for catch & patch.
Revision 1.17 / (download) - annotate - [select for diffs], Tue Aug 6 20:12:18 2013 UTC (10 years, 4 months ago) by wiz
CVS Tags: pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.16: +1 -3 lines
Diff to previous 1.16 (colored)
Remove FETCH_USING=curl after putting distfile on nbftp.
Revision 1.16 / (download) - annotate - [select for diffs], Tue Aug 6 18:11:28 2013 UTC (10 years, 4 months ago) by gls
Changes since 1.15: +4 -3 lines
Diff to previous 1.15 (colored)
Update security/py-paramiko to 1.11.0 pkgsrc changes: --------------- FETCH_USING= curl, as PyPi moved to https. Upstream changes: ----------------- v1.11.0 (26th Jul 2013) ----------------------- * #98: On Windows, when interacting with the PuTTY PAgeant, Paramiko now creates the shared memory map with explicit Security Attributes of the user, which is the same technique employed by the canonical PuTTY library to avoid permissions issues when Paramiko is running under a different UAC context than the PuTTY Ageant process. Thanks to Jason R. Coombs for the patch. * #100: Remove use of PyWin32 in `win_pageant` module. Module was already dependent on ctypes for constructing appropriate structures and had ctypes implementations of all functionality. Thanks to Jason R. Coombs for the patch. * #87: Ensure updates to `known_hosts` files account for any updates to said files after Paramiko initially read them. (Includes related fix to guard against duplicate entries during subsequent `known_hosts` loads.) Thanks to `@sunweaver` for the contribution. v1.10.2 (26th Jul 2013) ----------------------- * #153, #67: Warn on parse failure when reading known_hosts file. Thanks to `@glasserc` for patch. * #146: Indentation fixes for readability. Thanks to Abhinav Upadhyay for catch & patch.
Revision 1.15 / (download) - annotate - [select for diffs], Thu Apr 11 16:28:50 2013 UTC (10 years, 7 months ago) by drochner
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
update to 1.10.1 changes: minor fixes
Revision 1.14 / (download) - annotate - [select for diffs], Sat Mar 9 15:46:57 2013 UTC (10 years, 9 months ago) by gdt
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 (colored)
Update to 1.10.0. Upstream appears to have no changelog or NEWS; the included README is about changes in 1.8.0. Browsing github makes this look like minor features and bugfixes.
Revision 1.13 / (download) - annotate - [select for diffs], Tue Nov 27 22:13:32 2012 UTC (11 years ago) by gls
CVS Tags: pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)
Update security/py-paramiko to 1.9.0. Fix a tyop in DESCR. Upstream changes: ----------------- v1.9.0 (6th Nov 2012) --------------------- * #97 (with a little #93): Improve config parsing of `ProxyCommand` directives and provide a wrapper class to allow subprocess-driven proxy commands to be used as `sock=` arguments for `SSHClient.connect`. * #77: Allow `SSHClient.connect()` to take an explicit `sock` parameter overriding creation of an internal, implicit socket object. * Thanks in no particular order to Erwin Bolwidt, Oskari Saarenmaa, Steven Noonan, Vladimir Lazarenko, Lincoln de Sousa, Valentino Volonghi, Olle Lundberg, and Github user `@acrish` for the various and sundry patches leading to the above changes. v1.8.1 (6th Nov 2012) --------------------- * #90: Ensure that callbacks handed to `SFTPClient.get()` always fire at least once, even for zero-length files downloaded. Thanks to Github user `@enB` for the catch. * #85: Paramiko's test suite overrides `unittest.TestCase.assertTrue/assertFalse` to provide these modern assertions to Python 2.2/2.3, which lacked them. However on newer Pythons such as 2.7, this now causes deprecation warnings. The overrides have been patched to only execute when necessary. Thanks to `@Arfrever` for catch & patch. v1.8.0 (3rd Oct 2012) --------------------- * #17 ('ssh' 28): Fix spurious `NoneType has no attribute 'error'` and similar exceptions that crop up on interpreter exit. * 'ssh' 32: Raise a more useful error explaining which `known_hosts` key line was problematic, when encountering `binascii` issues decoding known host keys. Thanks to `@thomasvs` for catch & patch. * 'ssh' 33: Bring `ssh_config` parsing more in line with OpenSSH spec, re: order of setting overrides by `Host` specifiers. Specifically, the overrides now go by file order instead of automatically sorting by `Host` value length. In addition, the first value found per config key (e.g. `Port`, `User` etc) wins, instead of the last. Thanks to Jan Brauer for the contribution. * 'ssh' 36: Support new server two-factor authentication option (`RequiredAuthentications2`), at least re: combining key-based & password auth. Thanks to Github user `bninja`. * 'ssh' 11: When raising an exception for hosts not listed in `known_hosts` (when `RejectPolicy` is in effect) the exception message was confusing/vague. This has been improved somewhat. Thanks to Cal Leeming for highlighting the issue. * 'ssh' 40: Fixed up & expanded EINTR signal handling. Thanks to Douglas Turk. * 'ssh' 15: Implemented parameter substitution in SSHConfig, matching the implementation of `ssh_config(5)`. Thanks to Olle Lundberg for the patch. * 'ssh' 24: Switch some internal type checking to use `isinstance` to help prevent problems with client libraries using subclasses of builtin types. Thanks to Alex Morega for the patch. * Fabric #562: Agent forwarding would error out (with `Authentication response too long`) or freeze, when more than one remote connection to the local agent was active at the same time. This has been fixed. Thanks to Steven McDonald for assisting in troubleshooting/patching, and to GitHub user `@lynxis` for providing the final version of the patch. * 'ssh' 5: Moved a `fcntl` import closer to where it's used to help avoid `ImportError` problems on Windows platforms. Thanks to Jason Coombs for the catch + suggested fix. * 'ssh' 4: Updated implementation of WinPageant integration to work on 64-bit Windows. Thanks again to Jason Coombs for the patch. * Added an IO loop sleep() call to avoid needless CPU usage when agent forwarding is in use. * Handful of internal tweaks to version number storage. * Updated `setup.py` with `==dev` install URL for `pip` users. * Updated `setup.py` to account for packaging problems in PyCrypto 2.4.0 * Added an extra `atfork()` call to help prevent spurious RNG errors when running under high parallel (multiprocess) load. * Merge PR #28: https://github.com/paramiko/paramiko/pull/28 which adds a ssh-keygen like demo module. (Sofian Brabez) v184.108.40.206 16may12 ---------------- * Merge pull request #63: https://github.com/paramiko/paramiko/pull/63 which fixes exceptions that occur when re-keying over fast connections. (Dwayne Litzenberger)
Revision 1.12 / (download) - annotate - [select for diffs], Tue Oct 23 18:16:54 2012 UTC (11 years, 1 month ago) by asau
Changes since 1.11: +1 -3 lines
Diff to previous 1.11 (colored)
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
Revision 1.11 / (download) - annotate - [select for diffs], Fri Jul 22 14:03:30 2011 UTC (12 years, 4 months ago) by obache
CVS Tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3
Changes since 1.10: +4 -7 lines
Diff to previous 1.10 (colored)
Update py-paramiko to 220.127.116.11. various bug fixes; requires pycrypto 2.1. or newer
Revision 1.10 / (download) - annotate - [select for diffs], Tue Apr 5 08:36:41 2011 UTC (12 years, 8 months ago) by wiz
CVS Tags: pkgsrc-2011Q2-base, pkgsrc-2011Q2
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)
Fix PKGREVISION variable name. From Robert Elz.
Revision 1.9 / (download) - annotate - [select for diffs], Mon Dec 6 22:22:08 2010 UTC (13 years ago) by gls
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4
Changes since 1.8: +6 -4 lines
Diff to previous 1.8 (colored)
Direct MASTER_SITES to pypi.org, as the original MASTER_SITE doesn't host the distfile anymore. Add DIST_SUBDIR to force re-download of the tarball, which content has been modified. While here, switch DEPENDS to py-crypto instead of py-amkCrypto. Bump PKG_REVISION.
Revision 1.8 / (download) - annotate - [select for diffs], Wed Jun 2 18:31:41 2010 UTC (13 years, 6 months ago) by gls
CVS Tags: pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2
Changes since 1.7: +7 -6 lines
Diff to previous 1.7 (colored)
This is a Python egg. Don't hardwire paths in PLIST. As noted by Ryo HAYASAKA in PR/43405.
Revision 1.7 / (download) - annotate - [select for diffs], Mon May 31 20:30:31 2010 UTC (13 years, 6 months ago) by gls
Changes since 1.6: +5 -2 lines
Diff to previous 1.6 (colored)
Update security/py-paramiko to 1.7.6. pkgsrc changes: - patches/patch-aa no longer required - Added LICENSE Changelog: ARC4 & CTR support, IP6 support, and various bug fixes (incl. an important Windows random number generation fix)
Revision 1.6 / (download) - annotate - [select for diffs], Thu Jun 12 02:14:45 2008 UTC (15 years, 5 months ago) by joerg
CVS Tags: pkgsrc-2010Q1-base, pkgsrc-2010Q1, pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, cwrapper, cube-native-xorg-base, cube-native-xorg
Changes since 1.5: +3 -1 lines
Diff to previous 1.5 (colored)
Add DESTDIR support.
Revision 1.5 / (download) - annotate - [select for diffs], Thu May 15 18:27:43 2008 UTC (15 years, 6 months ago) by drochner
Changes since 1.4: +5 -2 lines
Diff to previous 1.4 (colored)
update to 1.7.3 changes: -direct-tcpip support -bug fixes pkgsrc change: disable use of Python setuptools (gives unpredictable results)
Revision 1.4 / (download) - annotate - [select for diffs], Fri Apr 25 20:39:12 2008 UTC (15 years, 7 months ago) by joerg
Changes since 1.3: +1 -2 lines
Diff to previous 1.3 (colored)
Update PYTHON_VERSIONS_COMPATIBLE - assume that Python 2.4 and 2.5 are compatible and allow checking for fallout. - remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+ default. Modify the others to deal with the removals.
Revision 1.3 / (download) - annotate - [select for diffs], Fri Dec 14 13:35:04 2007 UTC (15 years, 11 months ago) by bjs
CVS Tags: pkgsrc-2008Q1-base, pkgsrc-2008Q1, pkgsrc-2007Q4-base, pkgsrc-2007Q4
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)
Update to version 1.7.1. Changes: Update to version 1.7.1. Changes: v1.7.1 (Amy) 10jun07 -------------------- * windows SSH agent support can use the 'ctypes' module now if 'win32all' is not available [patch from alexander belchenko] * SFTPClient.listdir_attr() now preserves the 'longname' field [patch from wesley augur] * SFTPClient.get_channel() API added * SSHClient constuctor takes an optional 'timeout' parameter [patch from james bardin] v1.7 (zubat) 18feb07 -------------------- * added x11 channel support (patch from david guerizec) * added reverse port forwarding support * (bug 75370) raise an exception when contacting a broken SFTP server * (bug 80295) SSHClient shouldn't expand the user directory twice when reading RSA/DSS keys * (bug 82383) typo in DSS key in SSHClient * (bug 83523) python 2.5 warning when encoding a file's modification time * if connecting to an SSH agent fails, silently fallback instead of raising an exception v1.6.4 (yanma) 19nov06 ---------------------- * fix setup.py on osx (oops!) * (bug 69330) check for the existence of RSA/DSA keys before trying to open them in SFTPClient * (bug 69222) catch EAGAIN in socket code to workaround a bug in recent Linux 2.6 kernels * (bug 70398) improve dict emulation in HostKeys objects * try harder to make sure all worker threads are joined on Transport.close() v1.6.3 (xatu) 14oct06 --------------------- * fixed bug where HostKeys.__setitem__ wouldn't always do the right thing * fixed bug in SFTPClient.chdir and SFTPAttributes.__str__ [patch from mike barber] * try harder not to raise EOFError from within SFTPClient * fixed bug where a thread waiting in accept() could block forever if the transport dies [patch from mike looijmans] v1.6.2 (weedle) 16aug06 ----------------------- * added support for "old" group-exchange server mode, for compatibility with the windows putty client * fixed some more interactions with SFTP file readv() and prefetch() * when saving the known_hosts file, preserve the original order [patch from warren young] * fix a couple of broken lines when exporting classes (bug 55946) v1.6.1 (vulpix) 10jul06 ----------------------- * more unit tests fixed for windows/cygwin (thanks to alexander belchenko) * a couple of fixes related to exceptions leaking out of SFTPClient * added ability to set items in HostKeys via __setitem__ * HostKeys now retains order and has a save() method * added PKey.write_private_key and PKey.from_private_key v1.6 (umbreon) 10may06 ---------------------- * pageant support on Windows thanks to john arbash meinel and todd whiteman * fixed unit tests to work under windows and cygwin (thanks to alexander belchenko for debugging) * various bugfixes/tweaks to SFTP file prefetch * added SSHClient for a higher-level API * SFTP readv() now yields results as it gets them * several APIs changed to throw an exception instead of "False" on failure
Revision 1.2 / (download) - annotate - [select for diffs], Tue Jul 11 00:21:17 2006 UTC (17 years, 5 months ago) by joerg
CVS Tags: pkgsrc-2007Q3-base, pkgsrc-2007Q3, pkgsrc-2007Q2-base, pkgsrc-2007Q2, pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4, pkgsrc-2006Q3-base, pkgsrc-2006Q3
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)
The yield syntax used in one of the modules is not supported by Python 2.2, so mark it as 2.3+ only.
Revision 18.104.22.168 / (download) - annotate - [select for diffs] (vendor branch), Tue Jul 4 15:35:54 2006 UTC (17 years, 5 months ago) by drochner
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
add py-paramiko-1.6, a python extension implementing the ssh2 protocol
Revision 1.1 / (download) - annotate - [select for diffs], Tue Jul 4 15:35:54 2006 UTC (17 years, 5 months ago) by drochner
This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.