python/python-paramiko
SHA256
15
0
Fork 0
forked from pool/python-paramiko
Code Pull Requests Activity

Accepting request 531621 from home:mimi_vx:branches:devel:languages:python

Browse Source 
- update to 2.3.1
  + cert_support.tar.gz - missing test certificates for testsuite
  * Certificate support broke the no-certificate case for Ed25519 keys 
      (symptom is an AttributeError about public_blob.) This went uncaught
      due to cert autoload behavior (i.e. our test suite never actually ran 
      the no-cert case, because the cert existed!) Both issues have been fixed. 
  * Implement basic client-side certificate authentication
      (as per the OpenSSH vendor extension.)
  * Added pre-authentication banner support for the server interface
      (ServerInterface.get_banner plus related support in Transport/AuthHandler.) 
  * Update Ed25519Key so its constructor offers the same file_obj parameter
      as its sibling key classes.
  * Add a gss_trust_dns option to Client and Transport to allow explicitly
      setting whether or not DNS canonicalization should occur when using GSSAPI. 
  * Paramiko originally defaulted to zlib compression level 9
      (when one connects with compression=True; it defaults to off.) This has been
      found to be quite wasteful and tends to cause much longer transfers in most
      cases, than is necessar
  * Enhance documentation around the new SFTP.posix_rename method
      so it’s referenced in the ‘standard’ rename method for increased visibility.
  * Modify logic around explicit disconnect messages, and unknown-channel situations,
      so that they rely on centralized shutdown code instead of running their own.
      This is at worst removing some unnecessary code, and may help with some
      situations where Paramiko hangs at the end of a session.
  * Display exception type and message when logging auth-rejection messages
      (ones reading Auth rejected: unsupported or mangled public key); previously
      this error case had a bare except and did not display exactly why the key
      failed.
  * Ed25519 keys never got proper API documentation support; this has been fixed.
  * Update how we use Cryptography‘s signature/verification methods

OBS-URL: https://build.opensuse.org/request/show/531621
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-paramiko?expand=0&rev=66
This commit is contained in:
Tomas Cech
2017-10-05 14:59:22 +00:00
committed by Git OBS Bridge
parent 4383f0ecfc
commit 65f2c8f7f8
5 changed files with 63 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
python-paramiko.changes
View File

@@ -1,3 +1,55 @@
-------------------------------------------------------------------
Thu Oct 5 11:12:50 UTC 2017 - mimi.vx@gmail.com
- update to 2.3.1
+ cert_support.tar.gz - missing test certificates for testsuite
* Certificate support broke the no-certificate case for Ed25519 keys
(symptom is an AttributeError about public_blob.) This went uncaught
due to cert autoload behavior (i.e. our test suite never actually ran
the no-cert case, because the cert existed!) Both issues have been fixed.
* Implement basic client-side certificate authentication
(as per the OpenSSH vendor extension.)
* Added pre-authentication banner support for the server interface
(ServerInterface.get_banner plus related support in Transport/AuthHandler.)
* Update Ed25519Key so its constructor offers the same file_obj parameter
as its sibling key classes.
* Add a gss_trust_dns option to Client and Transport to allow explicitly
setting whether or not DNS canonicalization should occur when using GSSAPI.
* Paramiko originally defaulted to zlib compression level 9
(when one connects with compression=True; it defaults to off.) This has been
found to be quite wasteful and tends to cause much longer transfers in most
cases, than is necessar
* Enhance documentation around the new SFTP.posix_rename method
so its referenced in the standard rename method for increased visibility.
* Modify logic around explicit disconnect messages, and unknown-channel situations,
so that they rely on centralized shutdown code instead of running their own.
This is at worst removing some unnecessary code, and may help with some
situations where Paramiko hangs at the end of a session.
* Display exception type and message when logging auth-rejection messages
(ones reading Auth rejected: unsupported or mangled public key); previously
this error case had a bare except and did not display exactly why the key
failed.
* Ed25519 keys never got proper API documentation support; this has been fixed.
* Update how we use Cryptographys signature/verification methods
so we arent relying on a deprecated API.
-------------------------------------------------------------------
Thu Oct 5 10:33:48 UTC 2017 - mimi.vx@gmail.com
- update to 2.2.2:
* SSHClient now requests the type of host key it has (e.g. from known_hosts)
and does not consider a different type to be a “Missing” host key.
This fixes a common case where an ECDSA key is in known_hosts and the server
also has an RSA host key.
* Fix up host-key checking in our GSSAPI support, which was previously
using an incorrect API call
* Fix key exchange (kex) algorithm list for GSSAPI authentication;
reviously, the list used solely out-of-date algorithms, and now contains
newer ones listed preferentially before the old
* Clean up GSSAPI authentication procedures so they do not prevent normal
fallback to other authentication methods on failure.
* Add rekeying support to GSSAPI connections, which was erroneously missing.
-------------------------------------------------------------------
Thu Aug 10 08:11:25 UTC 2017 - tbechtold@suse.com