Sync from SUSE:ALP:Source:Standard:1.0 python-paramiko revision 2aa14895b8d0c7144c8cd2c5d2e38f9d
This commit is contained in:
commit
8a3308430e
23
.gitattributes
vendored
Normal file
23
.gitattributes
vendored
Normal file
@ -0,0 +1,23 @@
|
||||
## Default LFS
|
||||
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||
*.png filter=lfs diff=lfs merge=lfs -text
|
||||
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||
*.zst filter=lfs diff=lfs merge=lfs -text
|
BIN
paramiko-3.4.0.tar.gz
(Stored with Git LFS)
Normal file
BIN
paramiko-3.4.0.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
13
paramiko-test_extend_timeout.patch
Normal file
13
paramiko-test_extend_timeout.patch
Normal file
@ -0,0 +1,13 @@
|
||||
Index: paramiko-2.5.0/tests/test_buffered_pipe.py
|
||||
===================================================================
|
||||
--- paramiko-2.5.0.orig/tests/test_buffered_pipe.py
|
||||
+++ paramiko-2.5.0/tests/test_buffered_pipe.py
|
||||
@@ -68,7 +68,7 @@ class BufferedPipeTest(unittest.TestCase
|
||||
self.assertTrue(False)
|
||||
except PipeTimeout:
|
||||
pass
|
||||
- self.assertEqual(b"b", p.read(1, 1.0))
|
||||
+ self.assertEqual(b"b", p.read(1, 3.0))
|
||||
self.assertEqual(b"", p.read(1))
|
||||
|
||||
def test_close_while_reading(self):
|
972
python-paramiko.changes
Normal file
972
python-paramiko.changes
Normal file
@ -0,0 +1,972 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Dec 20 06:57:15 UTC 2023 - Steve Kowalik <steven.kowalik@suse.com>
|
||||
|
||||
- Update to 3.4.0: (CVE-2023-48795, bsc#1218168)
|
||||
* Transport grew a new packetizer_class kwarg for overriding the
|
||||
packet-handler class used internally.
|
||||
* Address CVE 2023-48795 (aka the "Terrapin Attack", a vulnerability found
|
||||
in the SSH protocol re: treatment of packet sequence numbers) as follows:
|
||||
+ The vulnerability only impacts encrypt-then-MAC digest algorithms in
|
||||
tandem with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko
|
||||
currently only implements hmac-sha2-(256|512)-etm in tandem with
|
||||
AES-CBC.
|
||||
+ As the fix for the vulnerability requires both ends of the connection
|
||||
to cooperate, the below changes will only take effect when the remote
|
||||
end is OpenSSH >= 9.6 (or equivalent, such as Paramiko in server mode,
|
||||
as of this patch version) and configured to use the new
|
||||
"strict kex" mode.
|
||||
+ Paramiko will now raise an SSHException subclass (MessageOrderError)
|
||||
when protocol messages are received in unexpected order. This includes
|
||||
situations like receiving MSG_DEBUG or MSG_IGNORE during initial key
|
||||
exchange, which are no longer allowed during strict mode.
|
||||
+ Key (re)negotiation -- i.e. MSG_NEWKEYS, whenever it is encountered --
|
||||
now resets packet sequence numbers. (This should be invisible to users
|
||||
during normal operation, only causing exceptions if the exploit is
|
||||
encountered, which will usually result in, again, MessageOrderError.)
|
||||
+ Sequence number rollover will now raise SSHException if it occurs
|
||||
during initial key exchange (regardless of strict mode status).
|
||||
* Tweak ext-info-(c|s) detection during KEXINIT protocol phase; the
|
||||
original implementation made assumptions based on an OpenSSH
|
||||
implementation detail.
|
||||
- Add patch use-64-bit-maxsize-everywhere.patch:
|
||||
* Use the 64-bit value of sys.maxsize.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Sep 29 22:29:46 UTC 2023 - Ondřej Súkup <mimi.vx@gmail.com>
|
||||
|
||||
- refresh remove-icecream-dep.patch
|
||||
- update to 3.3.1
|
||||
detailed changelog: https://www.paramiko.org/changelog.html#
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri May 12 09:27:30 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
|
||||
|
||||
- Delete paramiko-pr1665-remove-pytest-relaxed.patch
|
||||
- Add remove-icecream-dep.patch
|
||||
- Update to 3.1.0:
|
||||
* [Feature] #2173: Accept single tabs as field separators (in
|
||||
addition to single spaces) in
|
||||
<paramiko.hostkeys.HostKeyEntry.from_line> for parity with
|
||||
OpenSSH’s KnownHosts parser. Patched by Alex Chavkin.
|
||||
* [Feature] #2013: (solving #2009, plus others) Add an explicit
|
||||
channel_timeout keyword argument to
|
||||
paramiko.client.SSHClient.connect, allowing users to configure the
|
||||
previously-hardcoded default value of 3600 seconds. Thanks to
|
||||
@VakarisZ and @ilija-lazoroski for the report and patch, with
|
||||
credit to Mike Salvatore for patch review.
|
||||
* [Support] #2178: Apply codespell to the codebase, which found a
|
||||
lot of very old minor spelling mistakes in docstrings. Also
|
||||
modernize many instances of *largs vs *args and **kwarg vs
|
||||
**kwargs. Patch courtesy of Yaroslav Halchenko, with review from
|
||||
Brian Skinn.
|
||||
- 3.0.0:
|
||||
* [Bug]: A handful of lower-level classes (notably
|
||||
paramiko.message.Message and paramiko.pkey.PKey) previously
|
||||
returned bytes objects from their implementation of __str__, even
|
||||
under Python 3; and there was never any __bytes__ method.
|
||||
* These issues have been fixed by renaming __str__ to __bytes__ and
|
||||
relying on Python’s default “stringification returns the output of
|
||||
__repr__” behavior re: any real attempts to str() such objects.
|
||||
* [Bug] #2165: Streamline some redundant (and costly) byte
|
||||
conversion calls in the packetizer and the core SFTP module. This
|
||||
should lead to some SFTP speedups at the very least. Thanks to
|
||||
Alex Gaynor for the patch.
|
||||
* [Bug] #2110: Remove some unnecessary __repr__ calls when handling
|
||||
bytes-vs-str conversions. This was apparently doing a lot of
|
||||
unintentional data processing, which adds up in some use cases –
|
||||
such as SFTP transfers, which may now be significantly faster.
|
||||
Kudos to Shuhua Zhong for catch & patch.
|
||||
* [Support]: Drop support for Python versions less than 3.6,
|
||||
including Python 2. So long and thanks for all the fish!
|
||||
* [Support]: Remove the now irrelevant paramiko.py3compat module.
|
||||
* [Support]: paramiko.common.asbytes has been moved to
|
||||
paramiko.util.asbytes.
|
||||
* [Support]: PKey.__cmp__ has been removed. Ordering-oriented
|
||||
comparison of key files is unlikely to have ever made sense (the
|
||||
old implementation attempted to order by the hashes of the key
|
||||
material) and so we have not bothered setting up __lt__ and
|
||||
friends at this time. The class continues to have its original
|
||||
__eq__ untouched.
|
||||
* [Support]: The behavior of private key classes’ (ie anything
|
||||
inheriting from PKey) private key writing methods used to perform
|
||||
a manual, extra chmod call after writing. This hasn’t been
|
||||
strictly necessary since the mid 2.x release line (when key
|
||||
writing started giving the mode argument to os.open), and has now
|
||||
been removed entirely.
|
||||
* This should only be observable if you were mocking Paramiko’s
|
||||
system calls during your own testing, or similar.
|
||||
* [Support] #732: (also re: #630) SSHConfig used to straight-up
|
||||
delete the proxycommand key from config lookup results when the
|
||||
source config said ProxyCommand none. This has been altered to
|
||||
preserve the key and give it the Python value None, thus making
|
||||
the Python representation more in line with the source config
|
||||
file.
|
||||
* [Support]: paramiko.util.retry_on_signal (and any internal uses of
|
||||
same, and also any internal retries of EINTR on eg socket
|
||||
operations) has been removed. As of Python 3.5, per PEP 475, this
|
||||
functionality (and retrying EINTR generally) is now part of the
|
||||
standard library.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Apr 23 23:16:46 UTC 2023 - Matej Cepl <mcepl@suse.com>
|
||||
|
||||
- Move documentation into main package for SLE15
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 21 12:28:59 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- add sle15_python_module_pythons (jsc#PED-68)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Nov 20 18:38:07 UTC 2022 - Ben Greiner <code@bnavigator.de>
|
||||
|
||||
- Update to 2.12.0
|
||||
* [Feature] #2125: (also re: #2054) Add a transport_factory kwarg
|
||||
to SSHClient.connect for advanced users to gain more control
|
||||
over early Transport setup and manipulation. Thanks to Noah
|
||||
Pederson for the patch.
|
||||
- Release 2.11.1
|
||||
* [Bug]: bug:1637 (via #1599) Raise SSHException explicitly when
|
||||
blank private key data is loaded, instead of the natural result
|
||||
of IndexError. This should help more bits of Paramiko or
|
||||
Paramiko-adjacent codebases to correctly handle this class of
|
||||
error. Credit: Nicholas Dietz.
|
||||
* [Bug] #1822: (via, and relating to, far too many other issues
|
||||
to mention here) Update SSHClient so it explicitly closes its
|
||||
wrapped socket object upon encountering socket errors at
|
||||
connection time. This should help somewhat with certain classes
|
||||
of memory leaks, resource warnings, and/or errors (though we
|
||||
hasten to remind everyone that Client and Transport have their
|
||||
own .close() methods for use in non-error situations!). Patch
|
||||
courtesy of @YoavCohen.
|
||||
- Rename and refresh:
|
||||
- paramiko-pr1655-remove-pytest-relaxed.patch
|
||||
+ paramiko-pr1665-remove-pytest-relaxed.patch
|
||||
* gh#paramiko/paramiko#1665
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu May 26 20:43:45 UTC 2022 - Michael Ströder <michael@stroeder.com>
|
||||
|
||||
- update to 2.11.0
|
||||
* [Feature] #1951: Add SSH config token expansion (eg %h, %p) when
|
||||
parsing ProxyJump directives.
|
||||
* [Support] #2004: (via #2011) Apply unittest skipIf to tests currently
|
||||
using SHA1 in their critical path, to avoid failures on systems starting
|
||||
to disable SHA1 outright in their crypto backends (eg RHEL 9).
|
||||
* [Support] #1838: (via #1870/#2028) Update camelCase method calls
|
||||
against the threading module to be snake_case; this and related tweaks
|
||||
should fix some deprecation warnings under Python 3.10.
|
||||
* [Support] #2038: (via #2039) Recent versions of Cryptography have
|
||||
deprecated Blowfish algorithm support; in lieu of an easy method for
|
||||
users to remove it from the list of algorithms Paramiko tries to import
|
||||
and use, we’ve decided to remove it from our “preferred algorithms” list.
|
||||
This will both discourage use of a weak algorithm, and avoid warnings.
|
||||
- update to 2.10.5
|
||||
* [Bug] #2008: (via #2010) Windows-native SSH agent support as merged in
|
||||
2.10 could encounter Errno 22 OSError exceptions in some scenarios
|
||||
(eg server not cleanly closing a relevant named pipe).
|
||||
This has been worked around and should be less problematic.
|
||||
* [Bug] #2017: OpenSSH 7.7 and older has a bug preventing it from
|
||||
understanding how to perform SHA2 signature verification for RSA
|
||||
certificates (specifically certs - not keys), so when we added SHA2
|
||||
support it broke all clients using RSA certificates with these servers.
|
||||
This has been fixed in a manner similar to what OpenSSH’s own client
|
||||
does: a version check is performed and the algorithm used is downgraded
|
||||
if needed.
|
||||
* [Bug] #1933: Align signature verification algorithm with OpenSSH re:
|
||||
zero-padding signatures which don’t match their nominal size/length. This
|
||||
shouldn’t affect most users, but will help Paramiko-implemented SSH
|
||||
servers handle poorly behaved clients such as PuTTY.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Apr 28 21:26:08 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 2.10.4:
|
||||
* Servers offering certificate variants of hostkey algorithms (eg
|
||||
ssh-rsa-cert-v01@openssh.com) could not have their host keys verified by
|
||||
Paramiko clients, as it only ever considered non-cert key types for that
|
||||
part of connection handshaking. This has been fixed.
|
||||
* gq PKey instances’ __eq__ did not have the usual safety guard in place to
|
||||
ensure they were being compared to another PKey object, causing occasional
|
||||
spurious BadHostKeyException (among other things). This has been fixed.
|
||||
* Update camelCase method calls against the threading module to be snake_case;
|
||||
this and related tweaks should fix some deprecation warnings under Python 3.10.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 8 07:44:16 UTC 2022 - pgajdos@suse.com
|
||||
|
||||
- do not require python-mock for build
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Mar 18 22:52:45 UTC 2022 - Michael Ströder <michael@stroeder.com>
|
||||
|
||||
- Update to 2.10.3 (bsc#1197279, CVE-2022-24302)
|
||||
Too many changes to be listed here:
|
||||
https://www.paramiko.org/changelog.html
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 12 11:03:02 UTC 2021 - ecsos <ecsos@opensuse.org>
|
||||
|
||||
- Update to 2.8.0
|
||||
- [Feature] #1846: Add a prefetch keyword argument to
|
||||
SFTPClient.get/SFTPClient.getfo so users who need to skip SFTP
|
||||
prefetching are able to conditionally turn it off.
|
||||
- [Bug] #1462: (via #1882) Newer server-side key exchange
|
||||
algorithms not intended to use SHA1 (diffie-hellman-group14-sha256,
|
||||
diffie-hellman-group16-sha512) were incorrectly using SHA1 after all,
|
||||
due to a bug causing them to ignore the hash_algo class attribute.
|
||||
This has been corrected.
|
||||
- [Support] #1722: Remove leading whitespace from OpenSSH RSA test
|
||||
suite static key fixture, to conform better to spec.
|
||||
- [Support] #1727: Add missing test suite fixtures directory to
|
||||
MANIFEST.in, reinstating the ability to run Paramiko’s tests from
|
||||
an sdist tarball.
|
||||
- [Support]: Update our CI to catch issues with sdist generation,
|
||||
installation and testing.
|
||||
- [Support]: Administrivia overhaul, including but not limited to:
|
||||
- Migrate CI to CircleCI
|
||||
- Primary dev branch is now main (renamed)
|
||||
- Many README edits for clarity, modernization etc; including
|
||||
a bunch more (and consistent) status badges & unification with
|
||||
main project site index
|
||||
- PyPI page much more fleshed out (long_description is now filled
|
||||
in with the README; sidebar links expanded; etc)
|
||||
- flake8, pytest configs split out of setup.cfg into their own files
|
||||
- Invoke/invocations (used by maintainers/contributors) upgraded
|
||||
to modern versions
|
||||
- Skip python2 to fix build errors for Leap.
|
||||
- Rebase paramiko-pr1655-remove-pytest-relaxed.patch.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Dec 7 07:22:31 UTC 2020 - Steve Kowalik <steven.kowalik@suse.com>
|
||||
|
||||
- Set environment to utf-8 to allow tests to pass on Python 2. (bsc#1178341)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 13 10:51:07 UTC 2020 - Benjamin Greiner <code@bnavigator.de>
|
||||
|
||||
- remove dependency on pytest-relaxed
|
||||
* paramiko-pr1655-remove-pytest-relaxed.patch
|
||||
* gh#paramiko/paramiko#1655
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Sep 4 06:29:23 UTC 2020 - Ondřej Súkup <mimi.vx@gmail.com>
|
||||
|
||||
- update to 2.7.2 (bsc#1166758, bsc#1166758, bsc#1205132)
|
||||
- drop configs.tar.gz
|
||||
* Add missing test suite fixtures directory to MANIFEST.in
|
||||
* Remove leading whitespace from OpenSSH RSA test suite static key fixture,
|
||||
* Fix incorrect string formatting causing unhelpful error message annotation
|
||||
when using Kerberos/GSSAPI.
|
||||
* Fix incorrectly swapped order of p and q numbers when loading
|
||||
OpenSSH-format RSA private keys.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Dec 21 17:11:48 UTC 2019 - Ondřej Súkup <mimi.vx@gmail.com>
|
||||
|
||||
- update to 2.7.1
|
||||
- add configs.tar.gz with missing test data
|
||||
* full changelog at http://www.paramiko.org/changelog.html
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 25 10:47:26 UTC 2019 - Ondřej Súkup <mimi.vx@gmail.com>
|
||||
|
||||
- update to 2.6.0 (bsc#1200603)
|
||||
- drop relaxed.patch and 1311.patch
|
||||
* add a new keyword argument to SSHClient.connect <paramiko.client.SSHClient.connect>
|
||||
and paramiko.transport.Transport -> disabled_algorithms
|
||||
* Fix Ed25519 key handling so certain key comment lengths don't cause
|
||||
SSHException("Invalid key")
|
||||
* Add backwards-compatible support for the gssapi
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 11 11:22:32 UTC 2019 - Ondřej Súkup <mimi.vx@gmail.com>
|
||||
|
||||
- update to 2.5.0
|
||||
- dropped 1379.patch
|
||||
- refreshed patches:
|
||||
paramiko-test_extend_timeout.patch
|
||||
relaxed.patch
|
||||
1311.patch
|
||||
* Add support for encrypt-then-MAC (ETM) schemes (hmac-sha2-256-etm@openssh.com,
|
||||
hmac-sha2-512-etm@openssh.com) and two newer Diffie-Hellman group key exchange
|
||||
algorithms (group14, using SHA256; and group16, using SHA512).
|
||||
* Add support for Curve25519 key exchange.
|
||||
* Raise Cryptography dependency requirement to version 2.5
|
||||
* Add support for the modern (as of Python 3.3) import location of MutableMapping
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 13 14:01:04 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||||
|
||||
- Run tests verbosely
|
||||
- Drop cert_support.tar.gz as it is currently properly in the release
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 14 20:49:56 UTC 2019 - Hans-Peter Jansen <hpj@urpla.net>
|
||||
|
||||
- add empty line after %autopatch: build fails up to 42.3 otherwise
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 14 17:00:13 UTC 2019 - Ondřej Súkup <mimi.vx@gmail.com>
|
||||
|
||||
- drop python-pytest_relaxed dependency
|
||||
- add patches:
|
||||
1311.patch - fix warnings
|
||||
1379.patch - fix support for gssapi
|
||||
relaxed.patch - remove unnecessary pytest_relaxed dep
|
||||
- remove patch:
|
||||
disable-gssapi.patch - supersseded
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 4 12:51:08 UTC 2018 - Matej Cepl <mcepl@suse.com>
|
||||
|
||||
- Remove superfluous devel dependency for noarch package
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 13 11:47:43 UTC 2018 - Ondřej Súkup <mimi.vx@gmail.com>
|
||||
|
||||
- add disable-gssapi.patch - workaround for boo#1115769
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Oct 5 08:26:46 UTC 2018 - Ondřej Súkup <mimi.vx@gmail.com>
|
||||
|
||||
- update to 2.4.2 (bsc#1111151, CVE-2018-1000805)
|
||||
- refresh paramiko-test_extend_timeout.patch
|
||||
* Fix exploit (CVE pending) in Paramiko's server mode (not client mode)
|
||||
where hostile clients could trick the server into thinking they were
|
||||
authenticated without actually submitting valid authentication.
|
||||
* Modify protocol message handling such that Transport does not respond
|
||||
to MSG_UNIMPLEMENTED with its own MSG_UNIMPLEMENTED
|
||||
* Updated SSHConfig.lookup <paramiko.config.SSHConfig.lookup> so it returns
|
||||
a new, type-casting-friendly dict subclass (~paramiko.config.SSHConfigDict)
|
||||
in lieu of dict literals.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 15 18:38:22 CET 2018 - ro@suse.de
|
||||
|
||||
- add paramiko-test_extend_timeout.patch (bsc#1085529)
|
||||
extend timeout in testsuite to pass on ppc64le
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 15 07:10:09 UTC 2018 - tbechtold@suse.com
|
||||
|
||||
update to version 2.4.1 (bsc#1085276, CVE-2018-7750):
|
||||
* changelog: update for #1039 / #1051
|
||||
* Screen off dev version of Python from test matrix
|
||||
* ensure ed25519 password is bytes
|
||||
* Cut 2.0.8
|
||||
* Cut 2.3.2
|
||||
* Initial tests proving CVE-2018-7750 / #1175
|
||||
* Guess something else added this prior to the merge
|
||||
* Fixes CVE-2018-7750 / #1175
|
||||
* Uncaught typo in test suite
|
||||
* Initial tests proving CVE-2018-7750 / #XXX
|
||||
* Test proving #1039 / efficacy of #1051
|
||||
* Changelog closes #1175
|
||||
* Cut 2.1.5
|
||||
* Allow overriding test client connect kwargs in Transport test suite
|
||||
* Cut 2.4.1
|
||||
* Fixes CVE-2018-7750 / #XXX
|
||||
* Cut 2.2.3
|
||||
* flake8
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Nov 16 09:36:24 UTC 2017 - mimi.vx@gmail.com
|
||||
|
||||
- update to 2.4.0
|
||||
+ new pytest based testsuite
|
||||
* dd a new passphrase kwarg to SSHClient.connect so users may disambiguate
|
||||
key-decryption passphrases from password-auth passwords.
|
||||
* Drop Python 2.6 and Python 3.3 support
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 5 11:12:50 UTC 2017 - mimi.vx@gmail.com
|
||||
|
||||
- update to 2.3.1
|
||||
+ cert_support.tar.gz - missing test certificates for testsuite
|
||||
* Certificate support broke the no-certificate case for Ed25519 keys
|
||||
(symptom is an AttributeError about public_blob.) This went uncaught
|
||||
due to cert autoload behavior (i.e. our test suite never actually ran
|
||||
the no-cert case, because the cert existed!) Both issues have been fixed.
|
||||
* Implement basic client-side certificate authentication
|
||||
(as per the OpenSSH vendor extension.)
|
||||
* Added pre-authentication banner support for the server interface
|
||||
(ServerInterface.get_banner plus related support in Transport/AuthHandler.)
|
||||
* Update Ed25519Key so its constructor offers the same file_obj parameter
|
||||
as its sibling key classes.
|
||||
* Add a gss_trust_dns option to Client and Transport to allow explicitly
|
||||
setting whether or not DNS canonicalization should occur when using GSSAPI.
|
||||
* Paramiko originally defaulted to zlib compression level 9
|
||||
(when one connects with compression=True; it defaults to off.) This has been
|
||||
found to be quite wasteful and tends to cause much longer transfers in most
|
||||
cases, than is necessar
|
||||
* Enhance documentation around the new SFTP.posix_rename method
|
||||
so it’s referenced in the ‘standard’ rename method for increased visibility.
|
||||
* Modify logic around explicit disconnect messages, and unknown-channel situations,
|
||||
so that they rely on centralized shutdown code instead of running their own.
|
||||
This is at worst removing some unnecessary code, and may help with some
|
||||
situations where Paramiko hangs at the end of a session.
|
||||
* Display exception type and message when logging auth-rejection messages
|
||||
(ones reading Auth rejected: unsupported or mangled public key); previously
|
||||
this error case had a bare except and did not display exactly why the key
|
||||
failed.
|
||||
* Ed25519 keys never got proper API documentation support; this has been fixed.
|
||||
* Update how we use Cryptography‘s signature/verification methods
|
||||
so we aren’t relying on a deprecated API.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 5 10:33:48 UTC 2017 - mimi.vx@gmail.com
|
||||
|
||||
- update to 2.2.2:
|
||||
* SSHClient now requests the type of host key it has (e.g. from known_hosts)
|
||||
and does not consider a different type to be a “Missing” host key.
|
||||
This fixes a common case where an ECDSA key is in known_hosts and the server
|
||||
also has an RSA host key.
|
||||
* Fix up host-key checking in our GSSAPI support, which was previously
|
||||
using an incorrect API call
|
||||
* Fix key exchange (kex) algorithm list for GSSAPI authentication;
|
||||
reviously, the list used solely out-of-date algorithms, and now contains
|
||||
newer ones listed preferentially before the old
|
||||
* Clean up GSSAPI authentication procedures so they do not prevent normal
|
||||
fallback to other authentication methods on failure.
|
||||
* Add rekeying support to GSSAPI connections, which was erroneously missing.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 10 08:11:25 UTC 2017 - tbechtold@suse.com
|
||||
|
||||
- update to 2.2.1:
|
||||
* Missed a spot
|
||||
* Update .travis.yml
|
||||
* Whitespace
|
||||
* Having this in a mini-toctree made the nav look funny and is also just unintuitive
|
||||
* Changelog re #471, re #65
|
||||
* these are bytes
|
||||
* changelog: update for #990 and #993
|
||||
* ecdh kex support
|
||||
* flake8/whitespace
|
||||
* Trailing comma
|
||||
* Add test for posix-rename@openssh.com extension for SFTP client
|
||||
* Changelog re #921
|
||||
* Add a note about new Python-level deps to changelog re: Ed25519 support
|
||||
* Add method for "posix-rename@openssh.com" extension for SFTP client.
|
||||
* Add IOError in posix-rename@openssh.com test for python 2 support.
|
||||
* this isnt bytes
|
||||
* Added a auth_timeout to handle situations where SSH server stops responding during auth.
|
||||
* small cleanups
|
||||
* More changelog flimflammery
|
||||
* Added changelog entry
|
||||
* python 3 compatibility
|
||||
* Incorrect comparison, should be <=
|
||||
* DDD re #857
|
||||
* Improve __hash__ functions
|
||||
* Hrm that should always have been an h1
|
||||
* No idea how this got past all the earlier flake8 work...
|
||||
* comments
|
||||
* Fixed test to support python 2.6
|
||||
* Note ecdh-sha2 preferred-kex placement in changelog entry for #951, re #983
|
||||
* Changelog language tweaks
|
||||
* Reorder cipher and key preferences to make more sense
|
||||
* Added a test to check that the auth_timeout argument is passed through and applied.
|
||||
* Changelog tweak
|
||||
* Cut 2.2.1
|
||||
* transport: change order of preferred kex and hmac algorithms
|
||||
* need bcrypt >= 3.1.3 for kdf() ignore_few_rounds kwarg
|
||||
* Changelog re #972, re #325, closes #325
|
||||
* cleanup/simplify auth_timeout tests
|
||||
* Missed a merge conflict lolol
|
||||
* flake8
|
||||
* Changelog re #951
|
||||
* Perplexed at why flake8 did not report this earlier
|
||||
* Add Python 3.6 to classifiers
|
||||
* Add support for posix-rename@openssh.com for the SFTP server side and fix tests accordingly.
|
||||
* sphinx nitpick fixes
|
||||
* Fixed encoding/decoding of the public key on the wire
|
||||
* Added test for authentication timeout from a non-responsive server
|
||||
* refactor files
|
||||
* fixed comment + consistency
|
||||
* Changelog re #857
|
||||
* Cut 2.2.0
|
||||
* integration test, with ourselves
|
||||
* TODO
|
||||
* That was easy. Closes #857
|
||||
* Add sanity note to changelog re #869
|
||||
* Unit tests
|
||||
* Fixes #325 -- add support for Ed25519 keys
|
||||
* Happy New Year
|
||||
* implement __hash__() method for Ed25519Key
|
||||
* pep8
|
||||
* Increased auth_timeout to 30 seconds
|
||||
* py3k
|
||||
* fixed long line
|
||||
* Link to the spec
|
||||
* set a minimum version
|
||||
* Support decrypting keys
|
||||
* Failing test proving need for #857
|
||||
- move demos/ to extra -doc package
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jun 11 16:32:09 UTC 2017 - mimi.vx@gmail.com
|
||||
|
||||
- update to 2.1.3
|
||||
* Make util.log_to_file append instead of replace.
|
||||
* SSHClient and Transport could cause a memory leak if there’s a connection
|
||||
problem or protocol error, even if Transport.close() is called.
|
||||
* Prior support for ecdsa-sha2-nistp(384|521) algorithms didn’t fully extend
|
||||
to covering host keys, preventing connection to hosts which only offer
|
||||
these key types and no others. This is now fixed.
|
||||
* Prefer newer ecdsa-sha2-nistp keys over RSA and DSA keys during host key
|
||||
selection. This improves compatibility with OpenSSH, both in terms of general
|
||||
behavior, and also re: ability to properly leverage OpenSSH-modified
|
||||
known_hosts files.
|
||||
* The RC4/arcfour family of ciphers has been broken since version 2.0; but since
|
||||
the algorithm is now known to be completely insecure, we are opting
|
||||
to remove support outright instead of fixing it.
|
||||
* Move sha1 above the now-arguably-broken md5 in the list of preferred MAC
|
||||
algorithms, as an incremental security improvement for users whose target
|
||||
systems offer both.
|
||||
* Writing encrypted/password-protected private key files was silently broken
|
||||
since 2.0 due to an incorrect API call
|
||||
Includes a directly related fix, namely adding the ability to read AES-256-CBC
|
||||
ciphered private keys (which is now what we tend to write out as it is
|
||||
Cryptography’s default private key cipher.)
|
||||
* Allow any type implementing the buffer API to be used with BufferedFile,
|
||||
Channel, and SFTPFile. This resolves a regression introduced in 1.13
|
||||
with the Python 3 porting changes, when using types such as memoryview.
|
||||
* Enhance default cipher preference order such that aes(192|256)-cbc are preferred
|
||||
over blowfish-cbc.
|
||||
* SSHClient now requests the type of host key it has (e.g. from known_hosts)
|
||||
and does not consider a different type to be a “Missing” host key. This fixes
|
||||
a common case where an ECDSA key is in known_hosts and the server also has
|
||||
an RSA host key.
|
||||
* Overhaul the codebase to be PEP-8
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Apr 19 17:24:58 UTC 2017 - toddrme2178@gmail.com
|
||||
|
||||
- Implement single-spec version.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Mar 17 20:25:35 UTC 2017 - rjschwei@suse.com
|
||||
|
||||
- Fix version setting for cryptography for build
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 16 22:23:45 UTC 2017 - rjschwei@suse.com
|
||||
|
||||
- Add python-pyasn1 as Buildrequires for testing
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 24 16:27:00 UTC 2017 - mimi.vx@gmail.com
|
||||
|
||||
- update to 2.1.2
|
||||
* Fix a bug in server-mode concerning multiple interactive auth steps
|
||||
* SSHClient now gives its internal Transport a handle on itself, preventing
|
||||
garbage collection of the client until the session is closed. Without this,
|
||||
some code which returns stream or transport objects without the client that
|
||||
generated them, would result in premature session closure
|
||||
when the client was GCd
|
||||
* Avoid test suite exceptions on platforms lacking errno.ETIME
|
||||
* weak how RSAKey.__str__ behaves so it doesn’t cause TypeError under Python 3.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 13 11:50:39 UTC 2016 - mimi.vx@gmail.com
|
||||
|
||||
- update to 2.1.1
|
||||
* A tweak to the original patch implementing gh#398 was not fully applied,
|
||||
causing calls to ~paramiko.client.SSHClient.invoke_shell to fail with
|
||||
AttributeError. This has been fixed.
|
||||
* Fix the implementation of PKey.write_private_key_file (this method is only
|
||||
publicly defined on subclasses; the fix was in the private real
|
||||
implementation) so it passes the correct params to open()
|
||||
* Add an optional timeout parameter to Transport.start_clienti
|
||||
<paramiko.transport.Transport.start_client> (and feed it the value of the
|
||||
configured connection timeout when used within SSHClient
|
||||
<paramiko.client.SSHClient>.)
|
||||
* Catch AssertionError thrown by Cryptography when attempting to load bad
|
||||
ECDSA keys, turning it into an SSHException.
|
||||
* Add a missing .closed attribute (plus ._closed because reasons) to
|
||||
ProxyCommand <paramiko.proxy.ProxyCommand>
|
||||
* Make the subprocess import in proxy.py lazy so users on platforms without
|
||||
it (such as Google App Engine) can import Paramiko successfully
|
||||
* Fix incorrect docstring/param-list for Transport.auth_gssapi_keyex
|
||||
<paramiko.transport.Transport.auth_gssapi_keyex> so it matches
|
||||
the real signature.
|
||||
* Add an environment dict argument to Client.exec_command
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Oct 7 09:13:06 UTC 2016 - tbechtold@suse.com
|
||||
|
||||
- Fix Requires for python-cryptography
|
||||
- Add missing Requires for python-pyasn1
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jul 31 12:15:25 UTC 2016 - michael@stroeder.com
|
||||
|
||||
- update to 2.0.2
|
||||
* [Bug] #758: Apply type definitions to _winapi module from
|
||||
jaraco.windows 3.6.1. This should address issues on Windows platforms
|
||||
that often result in errors like ArgumentError: [...] int too long to
|
||||
convert. Thanks to @swohlerLL for the report and Jason R. Coombs for the
|
||||
patch.
|
||||
* [Bug] #774: Add a _closed private attribute to Channel objects so that
|
||||
they continue functioning when used as proxy sockets under Python 3 (e.g.
|
||||
as direct-tcpip gateways for other Paramiko connections.)
|
||||
* [Bug] #673: (via #681) Fix protocol banner read errors (SSHException)
|
||||
which would occasionally pop up when using ProxyCommand gatewaying.
|
||||
Thanks to @Depado for the initial report and Paul Kapp for the fix.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jul 23 14:20:34 UTC 2016 - michael@stroeder.com
|
||||
|
||||
- updated homepage URL
|
||||
- update to 2.0.1:
|
||||
* [Bug] #537: Fix a bug in BufferedPipe.set_event which could cause
|
||||
deadlocks/hangs when one uses select.select against Channel objects (or
|
||||
otherwise calls Channel.fileno after the channel has closed).
|
||||
* [Bug] #520: (Partial fix) Fix at least one instance of race condition
|
||||
driven threading hangs at end of the Python interpreter session.
|
||||
(Includes a docs update as well - always make sure to .close() your
|
||||
clients!)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 8 08:50:08 UTC 2016 - dmueller@suse.com
|
||||
|
||||
- fix build
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 6 11:32:04 UTC 2016 - dmueller@suse.com
|
||||
|
||||
- fix source url
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun May 8 21:11:31 UTC 2016 - hpj@urpla.net
|
||||
|
||||
- update to 2.0.0:
|
||||
* Add support for 384- and 512-bit elliptic curve groups in ECDSA
|
||||
key types (aka ecdsa-sha2-nistp384 / ecdsa-sha2-nistp521).
|
||||
* Due to an earlier bugfix, less-specific Host blocks' ProxyCommand
|
||||
values were overriding ProxyCommand none in more-specific Host
|
||||
blocks. This has been fixed in a backwards compatible manner (i.e.
|
||||
ProxyCommand none continues to appear as a total lack of any
|
||||
proxycommand key in parsed config structures).
|
||||
* Fix a backwards incompatibility issue that cropped up in
|
||||
SFTPFile.prefetch <~paramiko.sftp_file.prefetch> re: the
|
||||
erroneously non-optional file_size parameter. Should only affect
|
||||
users who manually call prefetch.
|
||||
* Replace PyCrypto with the Python Cryptographic Authority (PyCA)
|
||||
'Cryptography' library suite. This improves security,
|
||||
installability, and performance; adds PyPy support; and much more.
|
||||
* Fix stalled/hung SFTP downloads by cleaning up some threading lock
|
||||
issues.
|
||||
* Fix a Python 3 compatibility issue when handling two-factor
|
||||
authentication.
|
||||
* Clean up setup.py to always use setuptools, not doing so was a
|
||||
historical artifact from bygone days.
|
||||
* Update the module in charge of handling SSH moduli so it's
|
||||
consistent with OpenSSH behavior re: prime number selection.
|
||||
* Fix up ~paramiko.ssh_exception.NoValidConnectionsError so it
|
||||
pickles correctly, and fix a related Python 3 compatibility issue.
|
||||
* Update to jaraco.windows 3.4.1 to fix some errors related to
|
||||
ctypes on Windows platforms.
|
||||
* Annotate some public attributes on ~paramiko.channel.Channel such
|
||||
as .closed.
|
||||
* Fix logic bug in the SFTP client's callback-calling functionality;
|
||||
previously there was a chance the given callback would fire twice
|
||||
at the end of a transfer.
|
||||
* Identify & work around a race condition in the test for handshake
|
||||
timeouts, which was causing frequent test failures for a subset of
|
||||
contributors as well as Travis-CI (usually, but not always,
|
||||
limited to Python 3.5).
|
||||
* Remove whitespace in our setup.py's install_requires as it
|
||||
triggers occasional bugs in some versions of setuptools.
|
||||
* Strip trailing/leading whitespace from lines when parsing SSH
|
||||
config files - this brings things in line with OpenSSH behavior.
|
||||
* Fix behavior of gssapi-with-mic auth requests so they fail
|
||||
gracefully (allowing followup via other auth methods) instead of
|
||||
raising an exception.
|
||||
* Add missing file-like object methods for ~paramiko.file.BufferedFile
|
||||
and ~paramiko.sftp_file.SFTPFile.
|
||||
* Clean up and enhance the README (and rename it to README.rst from
|
||||
just README).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Feb 1 11:26:44 UTC 2016 - toddrme2178@gmail.com
|
||||
|
||||
- Add --no-transport to fix a known issue with the tests
|
||||
https://github.com/paramiko/paramiko/issues/574
|
||||
Check if still failing on next release.
|
||||
The tests is currently failing on Python 3.5, but it is not
|
||||
actually Python 3.5 specific, it is just more likely to be
|
||||
encountered on Python 3.5
|
||||
- update to version 1.16.0:
|
||||
* Streamline use of stat when downloading SFTP files via
|
||||
SFTPClient.get <paramiko.sftp_client.SFTPClient.get>; this avoids
|
||||
triggering bugs in some off-spec SFTP servers such as IBM
|
||||
Sterling. Thanks to @muraleee for the initial report and to Torkil
|
||||
Gustavsen for the patch.
|
||||
* Fully enable two-factor authentication (e.g. when a server
|
||||
requires AuthenticationMethods
|
||||
pubkey,keyboard-interactive). Thanks to @perryjrandall for the
|
||||
patch and to @nevins-b and Matt Robenolt for additional support.
|
||||
* Fix 'exec' requests in server mode to use get_string instead of
|
||||
get_text to avoid UnicodeDecodeError on non-UTF-8 input. Thanks to
|
||||
Anselm Kruis for the patch & discussion.
|
||||
* Fix line number reporting in log output regarding invalid
|
||||
known_hosts line entries. Thanks to Dylan Thacker-Smith for catch
|
||||
& patch.
|
||||
* Update the vendored Windows API addon to a more recent
|
||||
edition. Also fixes :issue:`193`, :issue:`488`,
|
||||
:issue:`498`. Thanks to Jason Coombs.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 26 11:00:52 UTC 2015 - tbechtold@suse.com
|
||||
|
||||
- update to version 1.15.2 (bsc#962291)
|
||||
* [Bug] #320: Update our win_pageant module to be Python 3 compatible
|
||||
* [Bug] #429: Server-level debug message logging was overlooked during the
|
||||
Python 3 compatibility update; Python 3 clients attempting to log SSH
|
||||
debug packets encountered type errors. This is now fixed
|
||||
* [Bug] #459: Tighten up agent connection closure behavior to avoid
|
||||
spurious ResourceWarning display in some situations
|
||||
* [Bug] #266: Change numbering of Transport channels to start at 0
|
||||
instead of 1 for better compatibility with OpenSSH & certain server
|
||||
implementations which break on 1-indexed channels
|
||||
* [Support] #419: Modernize a bunch of the codebase internals to
|
||||
leverage decorators. Props to @beckjake for realizing we’re no longer
|
||||
on Python 2.2 :D
|
||||
* [Support] #421: Modernize threading calls to user newer API
|
||||
* [Support] #422: Clean up some unused imports
|
||||
* [Support] #431: Replace handrolled ssh_config parsing code with
|
||||
use of the shlex module
|
||||
* [Bug] #415: Fix ssh_config parsing to correctly interpret ProxyCommand
|
||||
none as the lack of a proxy command, instead of as a literal command
|
||||
string of "none"
|
||||
* [Bug] #428: Fix an issue in BufferedFile (primarily used in the SFTP
|
||||
modules) concerning incorrect behavior by readlines on files whose
|
||||
size exceeds the buffer size
|
||||
* [Bug] #455: Tweak packet size handling to conform better to the
|
||||
OpenSSH RFCs; this helps address issues with interactive program cursors
|
||||
* [Bug] #413: (also #414, #420, #454) Be significantly smarter about polling
|
||||
& timing behavior when running proxy commands, to avoid unnecessary
|
||||
(often 100%!) CPU usage
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 2 16:33:24 UTC 2014 - andrea@opensuse.org
|
||||
|
||||
- new upsteam version 1.15.1
|
||||
* fixed from previous version: Bug] #399: SSH agent forwarding
|
||||
would hang due to incorrect values passed into the new window
|
||||
size arguments for Transport
|
||||
* detailed changelog available on pramiko website:
|
||||
http://paramiko-www.readthedocs.org/en/latest/changelog.html
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat May 31 11:35:11 UTC 2014 - dmueller@suse.com
|
||||
|
||||
- update to 1.13.1:
|
||||
* :support:`256 backported` Convert API documentation to Sphinx, yielding a new
|
||||
API docs website to replace the old Epydoc one.
|
||||
* :bug:`-` Use constant-time hash comparison operations where possible, to
|
||||
protect against `timing-based attacks
|
||||
<http://codahale.com/a-lesson-in-timing-attacks/>`_. Thanks to Alex Gaynor
|
||||
for the patch.
|
||||
* :feature:`58` Allow client code to access the stored SSH server banner via
|
||||
`Transport.get_banner <paramiko.transport.Transport.get_banner>`. Thanks to
|
||||
``@Jhoanor`` for the patch.
|
||||
* :bug:`252` (`Fabric #1020 <https://github.com/fabric/fabric/issues/1020>`_)
|
||||
Enhanced the implementation of ``ProxyCommand`` to avoid a deadlock/hang
|
||||
condition that frequently occurs at ``Transport`` shutdown time. Thanks to
|
||||
Mateusz Kobos, Matthijs van der Vleuten and Guillaume Zitta for the original
|
||||
reports and to Marius Gedminas for helping test nontrivial use cases.
|
||||
* :bug:`268` Fix some missed renames of ``ProxyCommand`` related error classes.
|
||||
Thanks to Marius Gedminas for catch & patch.
|
||||
* :bug:`34` (PR :issue:`35`) Fix SFTP prefetching incompatibility with some
|
||||
SFTP servers regarding request/response ordering. Thanks to Richard
|
||||
Kettlewell.
|
||||
* :bug:`193` (and its attentant PRs :issue:`230` & :issue:`253`) Fix SSH agent
|
||||
problems present on Windows. Thanks to David Hobbs for initial report and to
|
||||
Aarni Koskela & Olle Lundberg for the patches.
|
||||
* :bug:`225 (1.12+)` Note ecdsa requirement in README. Thanks to Amaury
|
||||
Rodriguez for the catch.
|
||||
* :bug:`176` Fix AttributeError bugs in known_hosts file (re)loading. Thanks
|
||||
to Nathan Scowcroft for the patch & Martin Blumenstingl for the initial test
|
||||
case.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 18 15:10:24 UTC 2014 - rschweikert@suse.com
|
||||
|
||||
- include in SLE 12 (FATE #315990)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Nov 25 23:01:56 UTC 2013 - p.drouand@gmail.com
|
||||
|
||||
- Update to version 1.12
|
||||
* #152: Add tentative support for ECDSA keys. *This adds the ecdsa
|
||||
module as a new dependency of Paramiko.* The module is available at
|
||||
[warner/python-ecdsa on Github](https://github.com/warner/python-ecdsa) and
|
||||
[ecdsa on PyPI](https://pypi.python.org/pypi/ecdsa).
|
||||
* Note that you might still run into problems with key negotiation --
|
||||
Paramiko picks the first key that the server offers, which might not be
|
||||
what you have in your known_hosts file.
|
||||
* Mega thanks to Ethan Glasser-Camp for the patch.
|
||||
* #136: Add server-side support for the SSH protocol's 'env' command
|
||||
- Use local source instead of service
|
||||
- Add python-ecdsa requirement; new dependency
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Oct 27 17:50:34 UTC 2013 - lukas@wunner.de
|
||||
|
||||
- update to 1.11.2:
|
||||
* #156: Fix potential deadlock condition when using Channel objects as
|
||||
sockets (e.g. when using SSH gatewaying). Thanks to Steven Noonan and
|
||||
Frank Arnold for catch & patch.
|
||||
* #179: Fix a missing variable causing errors when an ssh_config file
|
||||
has a non-default AddressFamily set. Thanks to Ed Marshall & Tomaz
|
||||
Muraus for catch & patch.
|
||||
* #200: Fix an exception-causing typo in `demo_simple.py`. Thanks to
|
||||
Alex Buchanan for catch & Dave Foster for patch.
|
||||
* #199: Typo fix in the license header cross-project. Thanks to Armin
|
||||
Ronacher for catch & patch.
|
||||
* #162: Clean up HMAC module import to avoid deadlocks in certain uses
|
||||
of SSHClient. Thanks to Gernot Hillier for the catch & suggested fix.
|
||||
* #36: Fix the port-forwarding demo to avoid file descriptor errors.
|
||||
Thanks to Jonathan Halcrow for catch & patch.
|
||||
* #168: Update config handling to properly handle multiple 'localforward'
|
||||
and 'remoteforward' keys. Thanks to Emre Yilmaz for the patch.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Sep 3 08:06:53 UTC 2013 - dmueller@suse.com
|
||||
|
||||
- update to 1.11.0:
|
||||
* #98: On Windows, when interacting with the PuTTY PAgeant, Paramiko now
|
||||
creates the shared memory map with explicit Security Attributes of the user,
|
||||
which is the same technique employed by the canonical PuTTY library to avoid
|
||||
permissions issues when Paramiko is running under a different UAC context
|
||||
than the PuTTY Ageant process. Thanks to Jason R. Coombs for the patch.
|
||||
* #100: Remove use of PyWin32 in `win_pageant` module. Module was already
|
||||
dependent on ctypes for constructing appropriate structures and had ctypes
|
||||
implementations of all functionality. Thanks to Jason R. Coombs for the
|
||||
patch.
|
||||
* #87: Ensure updates to `known_hosts` files account for any updates to said
|
||||
files after Paramiko initially read them. (Includes related fix to guard
|
||||
against duplicate entries during subsequent `known_hosts` loads.) Thanks to
|
||||
`@sunweaver` for the contribution.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 29 12:52:27 UTC 2013 - dmueller@suse.com
|
||||
|
||||
- update to 1.10.1:
|
||||
* SFTP put of empty file will still return the attributes
|
||||
of the put file. Thanks to Jason R. Coombs for the patch.
|
||||
* Forwarded SSH agent connections left stale local pipes
|
||||
lying around, which could cause local (and sometimes remote or network
|
||||
resource starvation when running many agent-using remote commands. Thanks to
|
||||
* Batch SFTP writes to help speed up file transfers
|
||||
* Fix handling of window-change events to be on-spec
|
||||
* Overhaul SSH config parsing to be in line with `man ssh_config`
|
||||
* Forego random padding for packets when running under `*-ctr` ciphers
|
||||
* Add `SFTPClient.putfo` and `.getfo` methods to allow direct
|
||||
uploading/downloading of file-like objects
|
||||
* Add `timeout` parameter to `SSHClient.exec_command` for easier setting
|
||||
of the command's internal channel object's timeout
|
||||
* Expose the internal "is closed" property of the file transfer class
|
||||
BufferedFile` as `.closed`, better conforming to Python's file interface
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Dec 1 15:12:44 UTC 2012 - saschpe@suse.de
|
||||
|
||||
- Update to version 1.9.0:
|
||||
+ #97 (with a little #93): Improve config parsing of ProxyCommand directives
|
||||
and provide a wrapper class to allow subprocess-driven proxy commands to be
|
||||
used as sock= arguments for SSHClient.connect.
|
||||
+ #77: Allow SSHClient.connect() to take an explicit sock parameter
|
||||
overriding creation of an internal, implicit socket object.
|
||||
- Changes from version 1.8.1:
|
||||
+ #90: Ensure that callbacks handed to SFTPClient.get() always fire at least
|
||||
once, even for zero-length files downloaded. Thanks to Github user @enB for
|
||||
the catch.
|
||||
+ #85: Paramiko's test suite overrides
|
||||
unittest.TestCase.assertTrue/assertFalse to provide these modern assertions
|
||||
to Python 2.2/2.3, which lacked them. However on newer Pythons such as 2.7,
|
||||
this now causes deprecation warnings. The overrides have been patched to only
|
||||
execute when necessary. Thanks to @Arfrever for catch & patch.
|
||||
- Changes from version 1.8.0:
|
||||
+ #17 ('ssh' 28): Fix spurious NoneType has no attribute 'error' and similar
|
||||
exceptions that crop up on interpreter exit.
|
||||
+ 'ssh' 32: Raise a more useful error explaining which known_hosts key line was
|
||||
problematic, when encountering binascii issues decoding known host keys.
|
||||
Thanks to @thomasvs for catch & patch.
|
||||
+ 'ssh' 33: Bring ssh_config parsing more in line with OpenSSH spec, re: order of
|
||||
setting overrides by Host specifiers. Specifically, the overrides now go by
|
||||
file order instead of automatically sorting by Host value length. In
|
||||
addition, the first value found per config key (e.g. Port, User etc)
|
||||
wins, instead of the last. Thanks to Jan Brauer for the contribution.
|
||||
+ 'ssh' 36: Support new server two-factor authentication option
|
||||
(RequiredAuthentications2), at least re: combining key-based & password
|
||||
auth. Thanks to Github user bninja.
|
||||
+ 'ssh' 11: When raising an exception for hosts not listed in
|
||||
known_hosts (when RejectPolicy is in effect) the exception message was
|
||||
confusing/vague. This has been improved somewhat. Thanks to Cal Leeming for
|
||||
highlighting the issue.
|
||||
+ 'ssh' 40: Fixed up & expanded EINTR signal handling. Thanks to Douglas Turk.
|
||||
+ 'ssh' 15: Implemented parameter substitution in SSHConfig, matching the
|
||||
implementation of ssh_config(5). Thanks to Olle Lundberg for the patch.
|
||||
+ 'ssh' 24: Switch some internal type checking to use isinstance to help prevent
|
||||
problems with client libraries using subclasses of builtin types. Thanks to
|
||||
Alex Morega for the patch.
|
||||
+ Fabric #562: Agent forwarding would error out (with Authentication response
|
||||
too long) or freeze, when more than one remote connection to the local agent
|
||||
was active at the same time. This has been fixed. Thanks to Steven McDonald
|
||||
for assisting in troubleshooting/patching, and to GitHub user @lynxis for
|
||||
providing the final version of the patch.
|
||||
+ 'ssh' 5: Moved a fcntl import closer to where it's used to help avoid
|
||||
ImportError problems on Windows platforms. Thanks to Jason Coombs for the
|
||||
catch + suggested fix.
|
||||
+ 'ssh' 4: Updated implementation of WinPageant integration to work on 64-bit
|
||||
Windows. Thanks again to Jason Coombs for the patch.
|
||||
+ Added an IO loop sleep() call to avoid needless CPU usage when agent
|
||||
forwarding is in use.
|
||||
+ Handful of internal tweaks to version number storage.
|
||||
+ Updated setup.py with ==dev install URL for pip users.
|
||||
+ Updated setup.py to account for packaging problems in PyCrypto 2.4.0
|
||||
+ Added an extra atfork() call to help prevent spurious RNG errors when
|
||||
running under high parallel (multiprocess) load.
|
||||
+ Merge PR #28: https://github.com/paramiko/paramiko/pull/28 which adds a
|
||||
ssh-keygen like demo module. (Sofian Brabez)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jun 24 20:04:03 UTC 2012 - os-dev@jacraig.com
|
||||
|
||||
- Update to 1.7.7.2:
|
||||
* Merge pull request #63: https://github.com/paramiko/paramiko/pull/63 which
|
||||
fixes exceptions that occur when re-keying over fast connections.
|
||||
- Add unit tests to build
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Mar 12 21:05:53 UTC 2012 - saschpe@gmx.de
|
||||
|
||||
- Simplified macro usage
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Sep 20 14:30:25 UTC 2011 - saschpe@suse.de
|
||||
|
||||
- Update to version 0.7.7:
|
||||
* Various bug fixes (upstream provides no further changes)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 5 08:20:00 UTC 2010 - nix@opensuse.org
|
||||
|
||||
- Require newer python-crypto
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 16 07:58:41 UTC 2010 - coolo@novell.com
|
||||
|
||||
- updte to 1.7.6 "Fanny"
|
||||
various bug fixes, "Ernest" brought ARC4 & CTR support and IP6 support
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 24 11:44:21 CEST 2008 - kssingvo@suse.de
|
||||
|
||||
- initial version 1.7.4 required from bzr
|
||||
based on python-paramiko from openSUSE BuildService:
|
||||
devel:languages:python/openSUSE_Factory
|
102
python-paramiko.spec
Normal file
102
python-paramiko.spec
Normal file
@ -0,0 +1,102 @@
|
||||
#
|
||||
# spec file for package python-paramiko
|
||||
#
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
# upon. The license for this file, and modifications and additions to the
|
||||
# file, is the same license as for the pristine package itself (unless the
|
||||
# license for the pristine package is not an Open Source License, in which
|
||||
# case the license is the MIT License). An "Open Source License" is a
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
%{?sle15_python_module_pythons}
|
||||
Name: python-paramiko
|
||||
Version: 3.4.0
|
||||
Release: 0
|
||||
Summary: SSH2 protocol library
|
||||
License: LGPL-2.1-or-later
|
||||
URL: https://www.paramiko.org/
|
||||
Source0: https://files.pythonhosted.org/packages/source/p/paramiko/paramiko-%{version}.tar.gz
|
||||
Patch0: paramiko-test_extend_timeout.patch
|
||||
# PATCH-FIX-OPENSUSE remove-icecream-dep.patch to do not depend on python-icecream and unvendor lexicon
|
||||
Patch1: remove-icecream-dep.patch
|
||||
# PATCH-FIX-OPENSUSE use 64-bit value of sys.maxsize to prevent test failure on 32-bit
|
||||
Patch2: use-64-bit-maxsize-everywhere.patch
|
||||
BuildRequires: %{python_module PyNaCl >= 1.0.1}
|
||||
BuildRequires: %{python_module Sphinx}
|
||||
BuildRequires: %{python_module bcrypt >= 3.2}
|
||||
BuildRequires: %{python_module cryptography >= 3.3}
|
||||
BuildRequires: %{python_module gssapi}
|
||||
BuildRequires: %{python_module invocations}
|
||||
BuildRequires: %{python_module invoke >= 2.0}
|
||||
BuildRequires: %{python_module lexicon}
|
||||
BuildRequires: %{python_module pyasn1}
|
||||
BuildRequires: %{python_module pytest-relaxed}
|
||||
BuildRequires: %{python_module pytest-xdist}
|
||||
BuildRequires: %{python_module pytest}
|
||||
BuildRequires: %{python_module setuptools}
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: python-rpm-macros
|
||||
Recommends: python-gssapi
|
||||
Recommends: python-invoke
|
||||
Recommends: python-pyasn1 >= 0.1.7
|
||||
Requires: python-PyNaCl >= 1.5
|
||||
Requires: python-bcrypt >= 3.2
|
||||
Requires: python-cryptography >= 3.3
|
||||
BuildArch: noarch
|
||||
%python_subpackages
|
||||
|
||||
%description
|
||||
This is a library for making SSH2 connections (client or server).
|
||||
Emphasis is on using SSH2 as an alternative to SSL for making secure
|
||||
connections between python scripts. All major ciphers and hash methods
|
||||
are supported. SFTP client and server mode are both supported too.
|
||||
|
||||
%package -n python-paramiko-doc
|
||||
Summary: Documentation for %{name}
|
||||
Provides: %{python_module paramiko-doc = %{version}}
|
||||
|
||||
%description -n python-paramiko-doc
|
||||
This is a library for making SSH2 connections (client or server).
|
||||
Emphasis is on using SSH2 as an alternative to SSL for making secure
|
||||
connections between python scripts. All major ciphers and hash methods
|
||||
are supported. SFTP client and server mode are both supported too.
|
||||
|
||||
This package contains the documentation.
|
||||
|
||||
%prep
|
||||
%autosetup -p1 -n paramiko-%{version}
|
||||
# Fix non-executable script rpmlint issue:
|
||||
find demos -name "*.py" -exec sed -i "/#\!\/usr\/bin\/.*/d" {} \; -exec chmod -x {} \;
|
||||
|
||||
%build
|
||||
%python_build
|
||||
|
||||
%install
|
||||
%python_install
|
||||
%python_expand %fdupes %{buildroot}%{$python_sitelib}
|
||||
|
||||
%check
|
||||
export LANG=en_US.UTF-8
|
||||
# Do not test k5shell to avoid dependency
|
||||
donttest="k5shell"
|
||||
%pytest tests/test_*.py -k "not $donttest"
|
||||
|
||||
%files %{python_files}
|
||||
%license LICENSE
|
||||
%doc README.rst
|
||||
%{python_sitelib}/paramiko
|
||||
%{python_sitelib}/paramiko-%{version}*-info
|
||||
|
||||
%files -n python-paramiko-doc
|
||||
%license LICENSE
|
||||
%doc demos/
|
||||
|
||||
%changelog
|
27
remove-icecream-dep.patch
Normal file
27
remove-icecream-dep.patch
Normal file
@ -0,0 +1,27 @@
|
||||
Index: paramiko-3.3.1/tests/conftest.py
|
||||
===================================================================
|
||||
--- paramiko-3.3.1.orig/tests/conftest.py
|
||||
+++ paramiko-3.3.1/tests/conftest.py
|
||||
@@ -4,7 +4,7 @@ import shutil
|
||||
import threading
|
||||
from pathlib import Path
|
||||
|
||||
-from invoke.vendor.lexicon import Lexicon
|
||||
+from lexicon import Lexicon
|
||||
|
||||
import pytest
|
||||
from paramiko import (
|
||||
@@ -22,13 +22,6 @@ from ._loop import LoopSocket
|
||||
from ._stub_sftp import StubServer, StubSFTPServer
|
||||
from ._util import _support
|
||||
|
||||
-from icecream import ic, install as install_ic
|
||||
-
|
||||
-
|
||||
-# Better print() for debugging - use ic()!
|
||||
-install_ic()
|
||||
-ic.configureOutput(includeContext=True)
|
||||
-
|
||||
|
||||
# Perform logging by default; pytest will capture and thus hide it normally,
|
||||
# presenting it on error/failure. (But also allow turning it off when doing
|
19
use-64-bit-maxsize-everywhere.patch
Normal file
19
use-64-bit-maxsize-everywhere.patch
Normal file
@ -0,0 +1,19 @@
|
||||
Index: paramiko-3.4.0/tests/test_transport.py
|
||||
===================================================================
|
||||
--- paramiko-3.4.0.orig/tests/test_transport.py
|
||||
+++ paramiko-3.4.0/tests/test_transport.py
|
||||
@@ -1423,12 +1423,12 @@ class TestStrictKex:
|
||||
setattr(
|
||||
self.packetizer,
|
||||
"_Packetizer__sequence_number_in",
|
||||
- sys.maxsize,
|
||||
+ 2**63-1,
|
||||
)
|
||||
setattr(
|
||||
self.packetizer,
|
||||
"_Packetizer__sequence_number_out",
|
||||
- sys.maxsize,
|
||||
+ 2**63-1,
|
||||
)
|
||||
|
||||
with raises(
|
Loading…
Reference in New Issue
Block a user