Log message:
py-asyncssh: updated to 2.12.0

Release 2.12.0 (10 Aug 2022)
----------------------------

* Added top-level functions run_client() and run_server() which allow
  you to begin running an SSH client or server on an already-connected
  socket. This capability is also available via a new "sock" argument
  in the existing connect(), connect_reverse(), get_server_host_key(),
  and get_server_auth_methods() functions.

* Added "sock" argument to listen() and listen_reverse() functions
  which takes an already-bound listening socket instead of a host
  and port to bind a new socket to.

* Added support for forwarding break, signal, and terminal size updates
  when redirection of stdin is set up between two SSHProcess instances.

* Added support for sntrup761x25519-sha512@openssh.com post-quantum
  key exchange algorithm. For this to be available, the Open Quantum
  Safe (liboqs) dynamic library must be installed.

* Added "sig_alg" argument to set a signature algorithm when creating
  OpenSSH certificates, allowing a choice between ssh-rsa, rsa-sha2-256,
  and rsa-sha2-512 for certificates signed by RSA keys.

* Added new read_parallel() method in SFTPClientFile which allows
  parallel reads to be performed from a remote file, delivering
  incremental results as these reads complete. Previously, large
  reads would automatically be parallelized, but a result was only
  returned after all reads completed.

* Added definition of __all__ for public symbols in AsyncSSH to make
  pyright autocompletion work better. Thanks go to Nicolas Riebesel
  for providing this change.

* Updated SFTP and SCP glob and copy functions to use scandir() instead
  of listdir() to improve efficiency.

* Updated default for "ignore_encrypted" client connection option to
  ignore encrypted keys specified in an OpenSSH config file when no
  passphrase is provided, similar to what was previosuly done for
  keys with default names.

* Fixed an issue when using an SSH agent with RSA keys and an X.509
  certificate while requesting SHA-2 signatures.

* Fixed an issue with use of expanduser() in unit tests on newer versions
  of Python. Thanks go to Georg Sauthoff for providing an initial version
  of this fix.

* Fixed an issue with fallback to a Pageant agent not working properly
  on Windows when no agent_path or SSH_AUTH_SOCK was set.

* Fixed improper escaping in readuntil(), causing certain punctuation in
  separator to not match properly. Thanks go to Github user MazokuMaxy
  for reporting this issue.

* Fixed the connection close handler to properly mark channels as fully
  closed when the peer unexpected closes the connection, allowing
  exceptions to fire if an application continues to try and use
  the channel. Thanks go to Taha Jahangir for reporting this issue and
  suggesting a possible fix.

* Eliminated unit testing against OpenSSH for tests involving DSA and
  RSA keys using SHA-1 signatures, since this support is being dropped
  in some distributions of OpenSSH. These tests are still performed, but
  using only AsyncSSH code. Thanks go to Ken Dreyer and Georg Sauthoff
  for reporting this issue and helping me to reproduce it.

Log message:
py-asyncssh: updated to 2.11.0

Release 2.11.0 (4 Jun 2022)
---------------------------

* Made a number of improvements in SFTP glob support, with thanks to
  Github user LuckyDams for all the help working out these changes!

  * Added a new glob_sftpname() method which returns glob matches
    together with attribute information, avoiding the need for a
    caller to make separate calls to stat() on the returned results.
  * Switched from listdir() to scandir() to reduce the number of
    stat() operations required while finding matches.
  * Added code to remove duplicates when glob() is called with
    multiple patterns that match the same path.
  * Added a cache of directory listing and stat results to improve
    performance when matching patterns with overlapping paths.
  * Fixed an "index out of range" bug in recursive glob matching
    and aligned it better with results reeturned by UNIX shells.
  * Changed matching to ignore inaccessible or non-existent paths
    in a glob pattern, to allow accessible paths to be fully
    explored before returning an error. The error handler will now
    be called only if a pattern results in no matches, or if a more
    serious error occurs while scanning.

* Changed SFTP makedirs() method to work better cases where parts of
  requested path already exist but don't allow read access. As long as
  the entire path can be created, makedirs() will succeed, even if some
  directories on the path don't allow their contents to be read. Thanks
  go to Peter Rowlands for providing this fix.

* Replaced custom Diffie Hellman implementation in AsyncSSH with the
  one in the cryptography package, resulting in an over 10x speedup.
  Thanks go to Github user iwanb for suggesting this change.

* Fixed AsyncSSH to re-acquire GSS credentials when performing key
  renegotiation to avoid expired credentials on long-lived connections.
  Thanks go to Github user PromyLOPh for pointing out this issue and
  suggesting a fix.

* Fixed GSS MIC to work properly with GSS key exchange when AsyncSSH
  is running as a server. This was previously fixed on the client side,
  but a similar fix for the server was missed.

* Changed connection timeout unit tests to work better in environments
  where a firewall is present. Thanks go to Stefano Rivera for
  reporting this issue.

* Improved unit tests of Windows SSPI GSSAPI module.

* Improved speed of unit tests by reducing the number of key generation
  calls. RSA key generation in particular has gotten much more expensive
  in OpenSSL 3.

Log message:
py-asyncssh: updated to 2.10.1

Release 2.10.1 (16 Apr 2022)
----------------------------

* Added support for "Match Exec" in config files and updated AsyncSSH
  API calls to do config parsing in an executor to avoid blocking the
  event loop if a "Match Exec" command doesn't return immediately.

* Fixed an issue where settings associated with server channels set
  when creating a listener rather than at the time a new channel is
  opened were not always being applied correctly.

* Fixed config file handling to be more consistent with OpenSSH, making
  all relative paths be evaluated relative to ~/.ssh and allowing
  references to config file patterns which don't match anything to only
  trigger a debug message rather than an error. Thanks go to Caleb Ho
  for reporting this issue!

* Update minimum required version of cryprography package to 3.1, to
  allow calls to it to be made without passing in a "backend" argument.
  This was missed back in the 2.9 release. Thanks go to Github users
  sebby97 and JavaScriptDude for reporting this issue!

Release 2.10.0 (26 Mar 2022)
----------------------------

* Added new get_server_auth_methods() function which returns the set
  of auth methods available for a given user and SSH server.

* Added support for new line_echo argument when creating a server
  channel which controls whether input in the line editor is echoed
  to the output immediately or under the control of the application,
  allowing more control over the ordering of input and output.

* Added explicit support for RSA SHA-2 certificate algorithms.
  Previously, SHA-2 signatures were supported using the original
  ssh-rsa-cert-v01@openssh.com algorithm name, but recent versions
  of SSH now disable this algorithm by default, so the new SHA-2
  algorithm names need to be advertised for SHA-2 signatures to
  work when using OpenSSH certificates.

* Improved handling of config file loading when options argument is
  used, allowing config loading to be overridden at connect() time
  even if the options passed in referenced a config file.

* Improved speed of unit tests by avoiding some network timeouts
  when connecting to invalid addresses.

* Merged GitHub workflows contributed by GitHub user hexchain to
  run unit tests and collect code coverage information on multiple
  platforms and Python versions. Thanks so much for this work!

* Fixed issue with GSS auth unit tests hanging on Windows.

* Fixed issue with known_hosts matching when ProxyJump is being used.
  Thanks go to GitHub user velavokr for reporting this and helping
  to debug it.

* Fixed type annotations for SFTP client and server open methods.
  Thanks go to Marat Sharafutdinov for reporting this!

Log message:
py-asyncssh: updated to 2.9.0

Release 2.9.0 (23 Jan 2022)
---------------------------

* Added mypy-compatible type annotations to all AsyncSSH modules, and a
  "py.typed" file to signal that annotations are now available for this
  package.

* Added experimental support for SFTP versions 4-6. While AsyncSSH still
  defaults to only advertising version 3 when acting as both a client and
  a server, applications can explicitly enable support for later versions,
  which will be used if both ends of the connection agree. Not all features
  are fully supported, but a number of useful enhancements are now
  available, including as users and groups specified by name, higher
  resolution timestamps, and more granular error reporting.

* Updated documentation to make it clear that keys from a PKCS11 provider
  or ssh-agent will be used even when client_keys is specified, unless
  those sources are explicitly disabled.

* Improved handling of task cancellation in AsyncSSH to avoid triggering
  an error of "Future exception was never retrieved". Thanks go to \ 
Krzysztof
  Kotlenga for reporting this issue and providing test code to reliably
  reproduce it.

* Changed implementation of OpenSSH keepalive handler to improve
  interoperability with servers which don't expect a "success" response
  when this message is sent.

Release 2.8.1 (8 Nov 2021)
--------------------------

* Fixed a regression in handling of the passphrase argument used to
  decrypt private keys.

Release 2.8.0 (3 Nov 2021)
--------------------------

* Added new connect_timeout option to set a timeout which includes the
  time taken to open an outbound TCP connection, allowing connections
  to be aborted without waiting for the default socket connect timeout.
  The existing login_timeout option only applies after the TCP connection
  was established, so it could not be used for this. The support for the
  ConnectTimeout config file option has also been updated to use this new
  capability, making it more consistent with OpenSSH's behavior.

* Added the ability to use the passphrase argument specified in a connect
  call to be used to decrypt keys used to connect to bastion hosts.
  Previously, this argument was only applied when making a connection
  to the main host and encrypted keys could only be used when they
  were loaded separately.

* Updated AsyncSSH's "Record" class to make it more IDE-friendly when
  it comes to things like auto-completion. This class is used as a base
  class for SSHCompletedProcess and various SFTP attribute classes.
  Thanks go to Github user zentarim for suggesting this improvement.

* Fixed a potential uncaught exception when handling forwarded connections
  which are immediately closed by a peer.

Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS

Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2

Log message:
security: Remove SHA1 hashes for distfiles

Log message:
py-asyncssh: updated to 2.7.2

Release 2.7.2
* Fixed a regression related to server host key selection when attempting
  to use a leading '+' to add algorithms to the front of the default list.
* Fixed logging to properly handle SFTPName objects with string filenames.
* Fixed SSH_EXT_INFO to only be sent after the first key exchange.

Log message:
py-asyncssh: updated to 2.7.1

Release 2.7.1 (6 Sep 2021)
--------------------------

* Added an option to allow encrypted keys to be ignored when no passphrase
  is set. This behavior previously happened by default when loading keys
  from default locations, but now this option to load_keypairs() can be
  specified when loading any set of keys.

* Changed loading of default keys to automatically skip key types which
  aren't supported due to missing dependencies.

* Added the ability to specify "default" for server_host_key_algs, as
  a way for a client to request that its full set of default algorithms
  be advertised to the server, rather than just the algorithms matching
  keys in the client's known hosts list. Thanks go to Manfred Kaiser
  for suggesting this improvement.

* Added support for tilde-expansion in the config file "include"
  directive. Thanks go to Zack Cerza for reporting this and suggesting
  a fix.

* Improved interoperatbility of AsyncSSH SOCKS listener by sending a zero
  address rather than an empty hostname in the SOCKS CONNECT response.
  Thanks go to Github user juouy for reporting this and suggesting a fix.

* Fixed a couple of issues related to sending SSH_EXT_INFO messages.

* Fixed an issue with using SSHAcceptor as an async context manager.
  Thanks go to Paulo Costa for reporing this.

* Fixed an issue where a tunnel wasn't always cleaned up properly when
  creating a remote listener.

* Improved handling of connection drops, avoiding exceptions from being
  raised in some cases when the transport is abruptly closed.

* Made AsyncSSH SFTP support more tolerant of file permission values with
  undefined bits set. Thanks go to GitHub user ccwufu for reporting this.

* Added some missing key exchange algorithms in the AsyncSSH documentation.
  Thanks go to Jeremy Norris for noticing and reporting this.

* Added support for running AsyncSSH unit tests on systems with OpenSSL
  3.0 installed. Thanks go to Ken Dreyer for raising this issue and
  pointing out the new OpenSSL "provider" support for legacy algorithms.

Log message:
py-asyncssh: updated to 2.7.0

Release 2.7.0 (19 Jun 2021)

Added support for the ProxyCommand config file option and a corresponding \ 
proxy_command argument in the SSH connection options, allowing a subprocess to \ 
be used to make the connection to the SSH server. When the config option is \ 
used, it should be fully compatible with OpenSSH percent expansion in the \ 
command to run.
Added support for accessing terminal information as properties in the \ 
SSHServerProcess class. As part of this change, both the environment and \ 
terminal modes are now available as read-only mappings. Thanks again to velavokr \ 
for suggesitng this and submitting a PR with a proposed version of the change.
Fixed terminal information passed to pty_requested() callback to properly \ 
reflect requested terminal type, size, and modes. Thanks go to velavokr for \ 
reporting this issue and proposing a fix.
Fixed an edge case where a connection object might not be cleaned up properly if \ 
the connection request was cancelled before it was fully established.
Fixed an issue where some unit tests weren’t properly closing connection \ 
objects before exiting.