- update to 2.21.0:
* Added sparse file support for SFTP, allowing file copying
which automatically skips over any "holes" in a source file,
transferring only the data ranges which are actually present.
* Added support for applications to request that session,
connection, or TUN/TAP requests arriving on an
SSHServerConnection be forwarded out some other established
SSHClientConnection. Callback methods on SSHServer which
decide how to handle these requests can now return an
SSHClientConnection to set up this tunneling, instead of
having to accept the request and implement their own
forwarding logic.
* Further hardened the SSH key exchange process to make
AsyncSSH more strict when accepting messages during key
exchange. Thanks go to Fabian Bäumer and Marcus Brinkmann for
identifying potential issues here.
* Added support for the auth_completed callback in SSHServer to
be either a callable or a coroutine, allowing async
operations to be performed when user authentication completes
successfully, prior to accepting session requests.
* Added support for the sftp_factory config argument be either
a callable or a coroutine, allowing async operations to be
performed when starting up a new SFTP server session.
* Fixed a bug where the exit() method of SFTPServer didn't
handle being declared as a coroutine. Thanks go to C. R.
Oldham for reporting this issue.
* Improved handling of exceptions in connection_lost()
callbacks. Exceptions in connection_lost() will now be
reported in the debug log, but other cleanup code in AsyncSSH
will continue, ignoring those exceptions. Thanks go to Danil
OBS-URL: https://build.opensuse.org/request/show/1292445
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=31
* Added sparse file support for SFTP, allowing file copying
which automatically skips over any "holes" in a source file,
transferring only the data ranges which are actually present.
* Added support for applications to request that session,
connection, or TUN/TAP requests arriving on an
SSHServerConnection be forwarded out some other established
SSHClientConnection. Callback methods on SSHServer which
decide how to handle these requests can now return an
SSHClientConnection to set up this tunneling, instead of
having to accept the request and implement their own
forwarding logic.
* Further hardened the SSH key exchange process to make
AsyncSSH more strict when accepting messages during key
exchange. Thanks go to Fabian Bäumer and Marcus Brinkmann for
identifying potential issues here.
* Added support for the auth_completed callback in SSHServer to
be either a callable or a coroutine, allowing async
operations to be performed when user authentication completes
successfully, prior to accepting session requests.
* Added support for the sftp_factory config argument be either
a callable or a coroutine, allowing async operations to be
performed when starting up a new SFTP server session.
* Fixed a bug where the exit() method of SFTPServer didn't
handle being declared as a coroutine. Thanks go to C. R.
Oldham for reporting this issue.
* Improved handling of exceptions in connection_lost()
callbacks. Exceptions in connection_lost() will now be
reported in the debug log, but other cleanup code in AsyncSSH
will continue, ignoring those exceptions. Thanks go to Danil
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=64
* Added support for post-quantum ML-KEM key exchange algorithms,
interoperable with OpenSSH 9.9.
* Added support for the OpenSSH "limits" extension, allowing the
client to query server limits such as the maximum supported read
and write sizes. The client will automatically default to the reported
maximum size on servers that support this extension.
* Added more ways to specify environment variables via the `env` option.
Sequences of either 'key=value' strings or (key, value) tuples are now
supported, in addition to a dict.
* Added support for getting/setting environment variables as byte strings
on platforms which support it. Previously, only Unicode strings were
accepted and they were always encoded on the wire using UTF-8.
* Added support for non-TCP sockets (such as a socketpair) as the `sock`
parameter in connect calls. Thanks go to Christian Wendt for reporting
this problem and proposing a fix.
* Changed compression to be disabled by default to avoid it becoming a
performance bottleneck on high-bandwidth connections. This now also
matches the OpenSSH default.
* Improved speed of parallelized SFTP reads when read-ahead goes beyond
the end of the file. Thanks go to Maximilian Knespel for reporting
this issue and providing performance measurements on the code before
and after the change.
* Improved cancellation handling during SCP transfers.
* Improved support for selecting the currently available security key
when the application lists multiple keys to try. Thanks go to GitHub
user zanda8893 for reporting the issue and helping to work out the
details of the problem.
* Improved handling of reverse DNS failures in host-based authentication.
Thanks go to GitHub user xBiggs for suggesting this change.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=60
* Add support for specifying a per-connection credential store
for GSSAPI authentication.
* Fixed a regression introduced in AsyncSSH 2.15.0 which could
cause connections to be closed with an uncaught exception when
a session on the connection was closed.
* Added a workaround where getaddrinfo() on some systems may
return duplicate entries, causing bind() to fail when opening
a listener.
* Relaxed padding length check on OpenSSH private keys to
provide better compatibility with keys generated by PuTTYgen.
* Improved documentation on SSHClient and SSHServer classes to
explain when they are created and their relationship to the
SSHClientConnection and SSHServerConnection classes.
* Updated examples to use Python 3.7 and made some minor
improvements.
- update to 2.16.0:
* Added client and server support for the OpenSSH "hostkeys"
extension. When using known_hosts, clients can provide a
handler which will be called with the changes between the
keys currently trusted in the client's known hosts and those
available on the server. On the server side, an application
can choose whether or not to enable the sending of this host
key information.
* Related to the above, AsyncSSH now allows the configuration of
multiple server host keys of the same type when the
send_server_host_keys option is enabled. Only the first key of
each type will be used in the SSH handshake, but the others can
appear in the list of supported host keys for clients to begin
trusting, allowing for smoother key rotation.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=58
- update to 2.15.0:
* Added experimental support for tunneling of TUN/TAP network
interfaces on Linux and macOS, allowing for either automatic
packet forwarding or explicit reading and writing of packets
sent through the tunnel by the application. Both callback and
stream APIs are available.
* Added support for forwarding terminal size and terminal size
changes when stdin on an SSHServerProcess is redirected to a
local TTY.
* Added support for multiple tunnel/ProxyJump hosts. Thanks go
to Adam Martin for suggesting this enhancement and proposing
a solution.
* Added support for OpenSSH lsetstat SFTP extension to set
attributes on symbolic links on platforms which support that
and use it to improve symlink handling in the SFTP get, put,
and copy methods. In addition, a follow_symlinks option has
been added on various SFTPClient methods which get and set
these attributes. Thanks go to GitHub user eyalgolan1337 for
reporting this issue.
* Added support for password and passphrase arguments to be a
callable or awaitable, called when performing authentication
or loading encrypted private keys. Thanks go to GitHub user
goblin for suggesting this enhancement.
* Added support for proper flow control when using
AsyncFileWriter or StreamWriter classes to do SSH process
redirection. Thanks go to Benjy Wiener for reporting this
issue and providing feedback on the fix.
* Added is_closed() method
SSHClientConnection/SSHServerConnection to return whether the
associated network connection is closed or not.
OBS-URL: https://build.opensuse.org/request/show/1192788
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=27
* Added experimental support for tunneling of TUN/TAP network
interfaces on Linux and macOS, allowing for either automatic
packet forwarding or explicit reading and writing of packets
sent through the tunnel by the application. Both callback and
stream APIs are available.
* Added support for forwarding terminal size and terminal size
changes when stdin on an SSHServerProcess is redirected to a
local TTY.
* Added support for multiple tunnel/ProxyJump hosts. Thanks go
to Adam Martin for suggesting this enhancement and proposing
a solution.
* Added support for OpenSSH lsetstat SFTP extension to set
attributes on symbolic links on platforms which support that
and use it to improve symlink handling in the SFTP get, put,
and copy methods. In addition, a follow_symlinks option has
been added on various SFTPClient methods which get and set
these attributes. Thanks go to GitHub user eyalgolan1337 for
reporting this issue.
* Added support for password and passphrase arguments to be a
callable or awaitable, called when performing authentication
or loading encrypted private keys. Thanks go to GitHub user
goblin for suggesting this enhancement.
* Added support for proper flow control when using
AsyncFileWriter or StreamWriter classes to do SSH process
redirection. Thanks go to Benjy Wiener for reporting this
issue and providing feedback on the fix.
* Added is_closed() method
SSHClientConnection/SSHServerConnection to return whether the
associated network connection is closed or not.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=56
- update to 2.14.2 (bsc#1218165, CVE-2023-48795):
* Implemented "strict kex" support and other countermeasures to
* protect against the Terrapin Attack described in
CVE-2023-48795
* Fixed config parser to properly an optional equals delimiter
in all config arguments.
* Fixed TCP send error handling to avoid race condition when
receiving incoming disconnect message.
* Improved type signature in SSHConnection async context
manager.
OBS-URL: https://build.opensuse.org/request/show/1133889
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=26
* Implemented "strict kex" support and other countermeasures to
* protect against the Terrapin Attack described in
CVE-2023-48795
* Fixed config parser to properly an optional equals delimiter
in all config arguments.
* Fixed TCP send error handling to avoid race condition when
receiving incoming disconnect message.
* Improved type signature in SSHConnection async context
manager.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=54
- update to 2.14.1 (bsc#1217028, CVE-2023-46445):
* Hardened AsyncSSH state machine against potential message
injection attacks, described in more detail in
`CVE-2023-46445 and CVE-2023-46446
* Added support for passing in a regex in readuntil in
SSHReader,
* Added support for get_addresses() and get_port() methods on
* SSHAcceptor.
* Fixed an issue with AsyncFileWriter potentially writing data
* out of order.
* Updated testing to include Python 3.12.
* Updated readthedocs integration to use YAML config file.
OBS-URL: https://build.opensuse.org/request/show/1124972
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=25
* Hardened AsyncSSH state machine against potential message
injection attacks, described in more detail in
`CVE-2023-46445 and CVE-2023-46446
* Added support for passing in a regex in readuntil in
SSHReader,
* Added support for get_addresses() and get_port() methods on
* SSHAcceptor.
* Fixed an issue with AsyncFileWriter potentially writing data
* out of order.
* Updated testing to include Python 3.12.
* Updated readthedocs integration to use YAML config file.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=51
- update to 2.14.0:
* Added support for a new accept_handler argument when setting
up local port forwarding, allowing the client host and port to
be validated and/or logged for each new forwarded connection.
* Added an option to disable expensive RSA private key checks
when using OpenSSL 3.x. Functions that read private keys have
been modified to include a new unsafe_skip_rsa_key_validation
argument which can be used to avoid these additional checks,
if you are loading keys from a trusted source.
* Added host information into AsyncSSH exceptions when host key
validation fails, and a few other improvements related to
X.509 certificate validation errors.
* Fixed a regression which prevented keys loaded into an SSH
agent with a certificate from working correctly beginning in
AsyncSSH after version 2.5.0.
* Fixed an issue which was triggering an internal exception
when shutting down server sessions with the line editor enabled
which could cause some output to be lost on exit, especially when
running on Windows.
* Fixed a documentation error in SSHClientConnectionOptions and
SSHServerConnectionOptions.
proxy_command, allowing it to be used if the caller
- Update to 2.12.0
- Skip more tests that are unstable.
OBS-URL: https://build.opensuse.org/request/show/1115789
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=24
* Added support for a new accept_handler argument when setting
up local port forwarding, allowing the client host and port to
be validated and/or logged for each new forwarded connection.
* Added an option to disable expensive RSA private key checks
when using OpenSSL 3.x. Functions that read private keys have
been modified to include a new unsafe_skip_rsa_key_validation
argument which can be used to avoid these additional checks,
if you are loading keys from a trusted source.
* Added host information into AsyncSSH exceptions when host key
validation fails, and a few other improvements related to
X.509 certificate validation errors.
* Fixed a regression which prevented keys loaded into an SSH
agent with a certificate from working correctly beginning in
AsyncSSH after version 2.5.0.
* Fixed an issue which was triggering an internal exception
when shutting down server sessions with the line editor enabled
which could cause some output to be lost on exit, especially when
running on Windows.
* Fixed a documentation error in SSHClientConnectionOptions and
SSHServerConnectionOptions.
proxy_command, allowing it to be used if the caller
- Update to 2.12.0
- Skip more tests that are unstable.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=49
- update to 2.13.2:
* Fixed an issue with host-based authentication when using
proxy_command, allowing it to be used if the caller
explicitly specifies client_host.
* Improved handling of signature algorithms for OpenSSH
certificates so that RSA SHA-2 signatures will work with
both older and newer versions of OpenSSH.
* Worked around an issue with some Cisco SSH implementations
generating invalid "ignore" packets.
* Fixed unit tests to avoid errors when cryptography's version
of * OpenSSL disables support for SHA-1 signatures.
* Fixed unit tests to avoid errors when the filesystem enforces
that filenames be valid UTF-8 strings.
* Added documentation about which config options apply when
passing a string as a tunnel argument.
OBS-URL: https://build.opensuse.org/request/show/1096323
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=23
* Fixed an issue with host-based authentication when using
proxy_command, allowing it to be used if the caller
explicitly specifies client_host.
* Improved handling of signature algorithms for OpenSSH
certificates so that RSA SHA-2 signatures will work with
both older and newer versions of OpenSSH.
* Worked around an issue with some Cisco SSH implementations
generating invalid "ignore" packets.
* Fixed unit tests to avoid errors when cryptography's version
of * OpenSSL disables support for SHA-1 signatures.
* Fixed unit tests to avoid errors when the filesystem enforces
that filenames be valid UTF-8 strings.
* Added documentation about which config options apply when
passing a string as a tunnel argument.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=47
* Updated type definitions for mypy 1.0.0, removing a
dependency on implicit Optional types, and working around an
issue that could trigger a mypy internal error.
* Updated unit tests to avoid calculation of SHA-1 signatures,
which are no longer allowed in cryptography 39.0.0.
- drop remove-sha1.patch (upstream)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=45
- update to 2.13.0:
* Updated testing and coverage to drop Python 3.6 and add Python 3.11.
* Added new "recv_eof" option to not pass an EOF from a channel to a
redirected target, allowing output from multiple SSH sessions to be
sent and mixed with other direct output to that target.
* Added new methods to make it easy to perform forwarding between TCP
ports and UNIX domain sockets.
* Added a workaround for a problem seen on a Huawei SFTP server where
it sends an invalid combination of file attribute flags.
* Fixed an issue with copying files to SFTP servers that don't support
random access I/O.
* Fixed an issue when requesting remote port forwarding on a dynamically
allocated port.
* Fixed an issue where readexactly could block indefinitely when a signal
is delivered in the stream before the requested number of bytes are
available.
* Fixed an interoperability issue with OpenSSH when using SSH certificates
with RSA keys with a SHA-2 signature.
* Fixed an issue with handling "None" in ProxyCommand, GlobalKnownHostsFile,
and UserKnownHostsFile config file options.
OBS-URL: https://build.opensuse.org/request/show/1056282
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=20
* Updated testing and coverage to drop Python 3.6 and add Python 3.11.
* Added new "recv_eof" option to not pass an EOF from a channel to a
redirected target, allowing output from multiple SSH sessions to be
sent and mixed with other direct output to that target.
* Added new methods to make it easy to perform forwarding between TCP
ports and UNIX domain sockets.
* Added a workaround for a problem seen on a Huawei SFTP server where
it sends an invalid combination of file attribute flags.
* Fixed an issue with copying files to SFTP servers that don't support
random access I/O.
* Fixed an issue when requesting remote port forwarding on a dynamically
allocated port.
* Fixed an issue where readexactly could block indefinitely when a signal
is delivered in the stream before the requested number of bytes are
available.
* Fixed an interoperability issue with OpenSSH when using SSH certificates
with RSA keys with a SHA-2 signature.
* Fixed an issue with handling "None" in ProxyCommand, GlobalKnownHostsFile,
and UserKnownHostsFile config file options.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=41
- Update to 2.11.0:
* Made a number of improvements in SFTP glob support, with thanks to Github
user LuckyDams for all the help working out these changes!
* Added a new glob_sftpname() method which returns glob matches together
with attribute information, avoiding the need for a caller to make
separate calls to stat() on the returned results.
* Switched from listdir() to scandir() to reduce the number of stat()
operations required while finding matches.
* Added code to remove duplicates when glob() is called with multiple
patterns that match the same path.
* Added a cache of directory listing and stat results to improve performance
when matching patterns with overlapping paths.
* Fixed an "index out of range" bug in recursive glob matching and aligned
it better with results reeturned by UNIX shells.
* Changed matching to ignore inaccessible or non-existent paths in a glob
pattern, to allow accessible paths to be fully explored before returning
an error. The error handler will now be called only if a pattern results
in no matches, or if a more serious error occurs while scanning.
* Changed SFTP makedirs() method to work better cases where parts of requested
path already exist but don't allow read access. As long as the entire path
can be created, makedirs() will succeed, even if some directories on the
path don't allow their contents to be read. Thanks go to Peter Rowlands for
providing this fix.
* Replaced custom Diffie Hellman implementation in AsyncSSH with the one in
the cryptography package, resulting in an over 10x speedup. Thanks go to
Github user iwanb for suggesting this change.
* Fixed AsyncSSH to re-acquire GSS credentials when performing key
renegotiation to avoid expired credentials on long-lived connections. Thanks
go to Github user PromyLOPh for pointing out this issue and suggesting a fix.
* Fixed GSS MIC to work properly with GSS key exchange when AsyncSSH is
OBS-URL: https://build.opensuse.org/request/show/992742
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=37
- Skip more tests that are unstable.
- Update to 2.9.0:
- Added mypy-compatible type annotations to all AsyncSSH
modules, and a "py.typed" file to signal that annotations are
now available for this package.
- Added experimental support for SFTP versions 4-6. While
AsyncSSH still defaults to only advertising version 3 when
acting as both a client and a server, applications can
explicitly enable support for later versions, which will be
used if both ends of the connection agree. Not all features
are fully supported, but a number of useful enhancements are
now available, including as users and groups specified by
name, higher resolution timestamps, and more granular error
reporting.
- Updated documentation to make it clear that keys from
a PKCS11 provider or ssh-agent will be used even when
client_keys is specified, unless those sources are explicitly
disabled.
- Improved handling of task cancellation in AsyncSSH to
avoid triggering an error of "Future exception was never
retrieved". Thanks go to Krzysztof Kotlenga for reporting
this issue and providing test code to reliably reproduce it.
- Changed implementation of OpenSSH keepalive handler to
improve interoperability with servers which don't expect a
"success" response when this message is sent.
OBS-URL: https://build.opensuse.org/request/show/950066
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=17
- Added mypy-compatible type annotations to all AsyncSSH
modules, and a "py.typed" file to signal that annotations are
now available for this package.
- Added experimental support for SFTP versions 4-6. While
AsyncSSH still defaults to only advertising version 3 when
acting as both a client and a server, applications can
explicitly enable support for later versions, which will be
used if both ends of the connection agree. Not all features
are fully supported, but a number of useful enhancements are
now available, including as users and groups specified by
name, higher resolution timestamps, and more granular error
reporting.
- Updated documentation to make it clear that keys from
a PKCS11 provider or ssh-agent will be used even when
client_keys is specified, unless those sources are explicitly
disabled.
- Improved handling of task cancellation in AsyncSSH to
avoid triggering an error of "Future exception was never
retrieved". Thanks go to Krzysztof Kotlenga for reporting
this issue and providing test code to reliably reproduce it.
- Changed implementation of OpenSSH keepalive handler to
improve interoperability with servers which don't expect a
"success" response when this message is sent.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=34
- update to 2.3.0
* Added initial support for reading configuration from OpenSSH-compatible
config files, when present. Both client and server configuration files are
supported, but not all config options are supported.
* Added support for the concept of only a subset of supported algorithms being
enabled by default, and for the ability to use wildcards when specifying
algorithm names. Also, OpenSSH’s syntax of prefixing the list with
‘^’, ‘+’, or ‘-‘ is supported for incrementally adjusting the list
of algorithms starting from the default set.
* Added support for specifying a preferred list of client authentication
methods, in order of preference.
* Added the ability to use AsyncSSH’s “password” argument on servers which
are using keyboard-interactive authentication to prompt for a “passcode”.
* Added support for providing separate lists of private keys and certificates,
rather than requiring them to be specifying together as a tuple.
When this new option is used, AsyncSSH will automatically associate
the private keys with their corresponding certificates if matching
certificates are present in the list.
* Added support for the “known_hosts” argument to accept a list of known host
files, rather than just a single file. Known hosts can also be specified
using the GlobalKnownHostFile and UserKnownHostFile config file options,
each of which can take multiple filenames.
* Added new “request_tty” option to provide finer grained control over whether
AsyncSSH will request a TTY when opening new sessions. The default is to
still tie this to whether a “term_type” is specified, but now that can be
overridden. Supported options of “yes”, “no”, “force”, and “auto” match
the values supported by OpenSSH.
* Added new “rdns_lookup” option to control whether the server does a reverse
DNS of client addresses to allow matching of clients based on hostname
in authorized keys and config files. When this option is disabled (the default),
OBS-URL: https://build.opensuse.org/request/show/823202
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=13
* Added initial support for reading configuration from OpenSSH-compatible
config files, when present. Both client and server configuration files are
supported, but not all config options are supported.
* Added support for the concept of only a subset of supported algorithms being
enabled by default, and for the ability to use wildcards when specifying
algorithm names. Also, OpenSSH’s syntax of prefixing the list with
‘^’, ‘+’, or ‘-‘ is supported for incrementally adjusting the list
of algorithms starting from the default set.
* Added support for specifying a preferred list of client authentication
methods, in order of preference.
* Added the ability to use AsyncSSH’s “password” argument on servers which
are using keyboard-interactive authentication to prompt for a “passcode”.
* Added support for providing separate lists of private keys and certificates,
rather than requiring them to be specifying together as a tuple.
When this new option is used, AsyncSSH will automatically associate
the private keys with their corresponding certificates if matching
certificates are present in the list.
* Added support for the “known_hosts” argument to accept a list of known host
files, rather than just a single file. Known hosts can also be specified
using the GlobalKnownHostFile and UserKnownHostFile config file options,
each of which can take multiple filenames.
* Added new “request_tty” option to provide finer grained control over whether
AsyncSSH will request a TTY when opening new sessions. The default is to
still tie this to whether a “term_type” is specified, but now that can be
overridden. Supported options of “yes”, “no”, “force”, and “auto” match
the values supported by OpenSSH.
* Added new “rdns_lookup” option to control whether the server does a reverse
DNS of client addresses to allow matching of clients based on hostname
in authorized keys and config files. When this option is disabled (the default),
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=28
- update to 2.2.1
* Added optional timeout parameter to SSHClientProcess.wait()
and SSHClientConnection.run() methods.
* Created subclasses for SFTPError exceptions, allowing applications
to more easily have distinct exception handling for different errors.
* Fixed an issue in SFTP parallel I/O related to handling low-level
connection failures
* Fixed an issue with SFTP file copy where a local file could sometimes
be left open if an attempt to close a remote file failed.
* Fixed an issue in the handling of boolean return values when
SSHServer.server_requested() returns a coroutine
* Fixed an issue with passing tuples to the SFTP copy functions.
OBS-URL: https://build.opensuse.org/request/show/819833
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=12
* Added optional timeout parameter to SSHClientProcess.wait()
and SSHClientConnection.run() methods.
* Created subclasses for SFTPError exceptions, allowing applications
to more easily have distinct exception handling for different errors.
* Fixed an issue in SFTP parallel I/O related to handling low-level
connection failures
* Fixed an issue with SFTP file copy where a local file could sometimes
be left open if an attempt to close a remote file failed.
* Fixed an issue in the handling of boolean return values when
SSHServer.server_requested() returns a coroutine
* Fixed an issue with passing tuples to the SFTP copy functions.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=26
- update to 2.2.0
- add gss_test.patch to avoid segfault in kerberos
* Added support for U2F/FIDO2 security keys
* Added login timeout client option and limits on the length and number
of banner lines AsyncSSH will accept prior to the SSH version header.
* Improved load_keypairs() to read public key files, confirming that they
are consistent with their associated private key when they are present.
* Fixed issues in the SCP server related to handling filenames with spaces.
* Fixed an issue with resuming reading after readuntil() returns an incomplete read.
* Fixed a potential issue related to asyncio not reporting sockname/peername
when a connection is closed immediately after it is opened.
* Made SSHConnection a subclass of asyncio.Protocol to please type checkers.
OBS-URL: https://build.opensuse.org/request/show/780986
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=11
- add gss_test.patch to avoid segfault in kerberos
* Added support for U2F/FIDO2 security keys
* Added login timeout client option and limits on the length and number
of banner lines AsyncSSH will accept prior to the SSH version header.
* Improved load_keypairs() to read public key files, confirming that they
are consistent with their associated private key when they are present.
* Fixed issues in the SCP server related to handling filenames with spaces.
* Fixed an issue with resuming reading after readuntil() returns an incomplete read.
* Fixed a potential issue related to asyncio not reporting sockname/peername
when a connection is closed immediately after it is opened.
* Made SSHConnection a subclass of asyncio.Protocol to please type checkers.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=24
- update to 2.1.0
* Added support in the SSHProcess redirect mechanism to accept asyncio StreamReader and StreamWriter objects, allowing asyncio streams to be plugged in as stdin/stdout/stderr in an SSHProcess.
* Added support for key handlers in the AsyncSSH line editor to trigger signals being delivered when certain “hot keys” are hit while reading input.
* Improved cleanup of unreturned connection objects when an error occurs or the connection request is canceled or times out.
* Improved cleanup of SSH agent client objects to avoid triggering a false positive warning in Python 3.8.
* Added an example to the documentation for how to create reverse-direction SSH client and server connections.
* Made check of session objects against None explicit to avoid confusion on user-defined sessions that implement __len__ or __bool__. Thanks go to Lars-Dominik Braun for contributing this improvement!
* Some API changes which should have been included in the 2.0.0 release were missed. This release corrects that, but means that additional changes may be needed in applications moving to 2.0.1. This should hopefully be the last of such changes, but if any other issues are discovered, additional changes will be limited to 2.0.x patch releases and the API will stabilize again in the AsyncSSH 2.1 release. See the next bullet for details about the additional incompatible change.
* To be consistent with other connect and listen functions, all methods on SSHClientConnection which previously returned None on listen failures have been changed to raise an exception instead. A new ChannelListenError exception will now be raised when an SSH server returns failure on a request to open a remote listener. This change affects the following SSHClientConnection methods: create_server, create_unix_server, start_server, start_unix_server, forward_remote_port, and forward_remote_path.
* Restored the ability for SSHListener objects to be used as async context managers. This previously worked in AsyncSSH 1.x and was unintentionally broken in AsyncSSH 2.0.0.
* Added support for a number of additional functions to be called from within an “async with” statement. These functions already returned objects capable of being async context managers, but were not decorated to allow them to be directly called from within “async with”. This change applies to the top level functions create_server, listen, and listen_reverse and the SSHClientConnection methods create_server, create_unix_server, start_server, start_unix_server, forward_local_port, forward_local_path, forward_remote_port, forward_remote_path, listen_ssh, and listen_reverse_ssh,
* Fixed a couple of issues in loading OpenSSH-format certificates which were missing a trailing newline.
* Changed load_certificates() to allow multiple certificates to be loaded from a single byte string argument, making it more consistent with how load_certificates() works when reading from a file.
* Updated AsyncSSH to use the modern async/await syntax internally, now requiring Python 3.6 or later. Those wishing to use AsyncSSH on Python 3.4 or 3.5 should stick to the AsyncSSH 1.x releases.
* Changed first argument of SFTPServer constructor from an SSHServerConnection (conn) to an SSHServerChannel (chan) to allow custom SFTP server implementations to access environment variables set on the channel that SFTP is run over. Applications which subclass the SFTPServer class and implement an __init__ method will need to be updated to account for this change and pass the new argument through to the SFTPServer parent class. If the subclass has no __init__ and just uses the connection, channel, and env properties of SFTPServer to access this information, no changes should be required.
* Removed deprecated “session_encoding” and “session_errors” arguments from create_server() and listen() functions. These arguments were renamed to “encoding” and “errors” back in version 1.16.0 to be consistent with other AsyncSSH APIs.
* Removed get_environment(), get_command(), and get_subsystem() methods on SSHServerProcess class. This information was made available as “env”, “command”, and “subsystem” properties of SSHServerProcess in AsyncSSH 1.11.0.
* Removed optional loop argument from all public AsyncSSH APIs, consistent with the deprecation of this argument in the asyncio package in Python 3.8. Calls will now always use the event loop which is active at the time of the call.
* Removed support for non-async context managers on AsyncSSH connections and processes and SFTP client connections and file objects. Callers should use “async with” to invoke the async the context managers on these objects.
* Added support for SSHAgentClient being an async context manager. To be consistent with other connect calls, connect_agent() will now raise an exception when no agent is found or a connection failure occurs, rather than logging a warning and returning None. Callers should catch OSError or ChannelOpenError exceptions rather than looking for a return value of None when calling this function.
* Added set_input() and clear_input() methods on SSHLineEditorChannel to change the value of the current input line when line editing is enabled.
* Added is_closing() method to the SSHChannel, SSHProcess, SSHWriter, and SSHSubprocessTransport classes. mirroring the asyncio BaseTransport and StreamWriter methods added in Python 3.7.
* Added wait_closed() async method to the SSHWriter class, mirroring the asyncio StreamWriter method added in Python 3.7.
OBS-URL: https://build.opensuse.org/request/show/764958
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=10
* Added support in the SSHProcess redirect mechanism to accept asyncio StreamReader and StreamWriter objects, allowing asyncio streams to be plugged in as stdin/stdout/stderr in an SSHProcess.
* Added support for key handlers in the AsyncSSH line editor to trigger signals being delivered when certain “hot keys” are hit while reading input.
* Improved cleanup of unreturned connection objects when an error occurs or the connection request is canceled or times out.
* Improved cleanup of SSH agent client objects to avoid triggering a false positive warning in Python 3.8.
* Added an example to the documentation for how to create reverse-direction SSH client and server connections.
* Made check of session objects against None explicit to avoid confusion on user-defined sessions that implement __len__ or __bool__. Thanks go to Lars-Dominik Braun for contributing this improvement!
* Some API changes which should have been included in the 2.0.0 release were missed. This release corrects that, but means that additional changes may be needed in applications moving to 2.0.1. This should hopefully be the last of such changes, but if any other issues are discovered, additional changes will be limited to 2.0.x patch releases and the API will stabilize again in the AsyncSSH 2.1 release. See the next bullet for details about the additional incompatible change.
* To be consistent with other connect and listen functions, all methods on SSHClientConnection which previously returned None on listen failures have been changed to raise an exception instead. A new ChannelListenError exception will now be raised when an SSH server returns failure on a request to open a remote listener. This change affects the following SSHClientConnection methods: create_server, create_unix_server, start_server, start_unix_server, forward_remote_port, and forward_remote_path.
* Restored the ability for SSHListener objects to be used as async context managers. This previously worked in AsyncSSH 1.x and was unintentionally broken in AsyncSSH 2.0.0.
* Added support for a number of additional functions to be called from within an “async with” statement. These functions already returned objects capable of being async context managers, but were not decorated to allow them to be directly called from within “async with”. This change applies to the top level functions create_server, listen, and listen_reverse and the SSHClientConnection methods create_server, create_unix_server, start_server, start_unix_server, forward_local_port, forward_local_path, forward_remote_port, forward_remote_path, listen_ssh, and listen_reverse_ssh,
* Fixed a couple of issues in loading OpenSSH-format certificates which were missing a trailing newline.
* Changed load_certificates() to allow multiple certificates to be loaded from a single byte string argument, making it more consistent with how load_certificates() works when reading from a file.
* Updated AsyncSSH to use the modern async/await syntax internally, now requiring Python 3.6 or later. Those wishing to use AsyncSSH on Python 3.4 or 3.5 should stick to the AsyncSSH 1.x releases.
* Changed first argument of SFTPServer constructor from an SSHServerConnection (conn) to an SSHServerChannel (chan) to allow custom SFTP server implementations to access environment variables set on the channel that SFTP is run over. Applications which subclass the SFTPServer class and implement an __init__ method will need to be updated to account for this change and pass the new argument through to the SFTPServer parent class. If the subclass has no __init__ and just uses the connection, channel, and env properties of SFTPServer to access this information, no changes should be required.
* Removed deprecated “session_encoding” and “session_errors” arguments from create_server() and listen() functions. These arguments were renamed to “encoding” and “errors” back in version 1.16.0 to be consistent with other AsyncSSH APIs.
* Removed get_environment(), get_command(), and get_subsystem() methods on SSHServerProcess class. This information was made available as “env”, “command”, and “subsystem” properties of SSHServerProcess in AsyncSSH 1.11.0.
* Removed optional loop argument from all public AsyncSSH APIs, consistent with the deprecation of this argument in the asyncio package in Python 3.8. Calls will now always use the event loop which is active at the time of the call.
* Removed support for non-async context managers on AsyncSSH connections and processes and SFTP client connections and file objects. Callers should use “async with” to invoke the async the context managers on these objects.
* Added support for SSHAgentClient being an async context manager. To be consistent with other connect calls, connect_agent() will now raise an exception when no agent is found or a connection failure occurs, rather than logging a warning and returning None. Callers should catch OSError or ChannelOpenError exceptions rather than looking for a return value of None when calling this function.
* Added set_input() and clear_input() methods on SSHLineEditorChannel to change the value of the current input line when line editing is enabled.
* Added is_closing() method to the SSHChannel, SSHProcess, SSHWriter, and SSHSubprocessTransport classes. mirroring the asyncio BaseTransport and StreamWriter methods added in Python 3.7.
* Added wait_closed() async method to the SSHWriter class, mirroring the asyncio StreamWriter method added in Python 3.7.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=22
- Update to 1.18.0:
* Added support for GSSAPI ECDH and Edwards DH key exchange algorithms.
* Fixed gssapi-with-mic authentication to work with GSS key exchanges, in cases where gssapi-keyex is not supported.
* Made connect_ssh and connect_reverse_ssh methods into async context managers, simplifying the syntax needed to use them to create tunneled SSH connections.
* Fixed a couple of issues with known hosts matching on tunneled SSH connections.
* Improved flexibility of key/certificate parser automatic format detection to properly recognize PEM even when other arbitrary text is present at the beginning of the file. With this change, the parser can also now handle mixing of multiple key formats in a single file.
* Added support for OpenSSL “TRUSTED” PEM certificates. For now, no enforcement is done of the additional trust restrictions, but such certificates can be loaded and used by AsyncSSH without converting them back to regular PEM format.
* Fixed some additional SFTP and SCP issues related to parsing of Windows paths with drive letters and paths with multiple colons.
* Made AsyncSSH tolerant of a client which sends multiple service requests for the “ssh-userauth” service. This is needed by the Paramiko client when it tries more than one form of authentication on a connection.
OBS-URL: https://build.opensuse.org/request/show/730694
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=9
* Added support for GSSAPI ECDH and Edwards DH key exchange algorithms.
* Fixed gssapi-with-mic authentication to work with GSS key exchanges, in cases where gssapi-keyex is not supported.
* Made connect_ssh and connect_reverse_ssh methods into async context managers, simplifying the syntax needed to use them to create tunneled SSH connections.
* Fixed a couple of issues with known hosts matching on tunneled SSH connections.
* Improved flexibility of key/certificate parser automatic format detection to properly recognize PEM even when other arbitrary text is present at the beginning of the file. With this change, the parser can also now handle mixing of multiple key formats in a single file.
* Added support for OpenSSL “TRUSTED” PEM certificates. For now, no enforcement is done of the additional trust restrictions, but such certificates can be loaded and used by AsyncSSH without converting them back to regular PEM format.
* Fixed some additional SFTP and SCP issues related to parsing of Windows paths with drive letters and paths with multiple colons.
* Made AsyncSSH tolerant of a client which sends multiple service requests for the “ssh-userauth” service. This is needed by the Paramiko client when it tries more than one form of authentication on a connection.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-asyncssh?expand=0&rev=20
- update to 1.17.1
* Improved construction of file paths in SFTP to better handle native Windows
source paths containing backslashes or drive letters.
* Improved SFTP parallel I/O for large reads and file copies to better handle
the case where a read returns less data than what was requested when not
at the end of the file, allowing AsyncSSH to get back the right result even
if the requested block size is larger than the SFTP server can handle.
* Fixed an issue where the requested SFTP block_size wasn’t used in the get,
copy, mget, and mcopy functions if it was larger than the default size of 16 KB.
* Fixed a problem where the list of client keys provided in
an SSHClientConnectionOptions object wasn’t always preserved properly across
the opening of multiple SSH connections.
* Made AsyncSSH tolerant of unexpected authentication success/failure messages
sent after authentication completes. AsyncSSH previously treated this as
a protocol error and dropped the connection, while most other SSH implementations
ignored these messages and allowed the connection to continue.
* Made AsyncSSH tolerant of SFTP status responses which are missing error message
and language tag fields, improving interoperability with servers that omit
these fields. When missing, AsyncSSH treats these fields as if they were
set to empty strings.
OBS-URL: https://build.opensuse.org/request/show/721769
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-asyncssh?expand=0&rev=8
