./security/py-asyncssh, Asynchronous SSHv2 client and server library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.14.0, Package name: py37-asyncssh-1.14.0, Maintainer: pkgsrc-users

AsyncSSH is a Python package which provides an asynchronous client and server
implementation of the SSHv2 protocol on top of the Python 3.4+ asyncio
framework.


Required to run:
[security/py-OpenSSL] [devel/py-setuptools] [security/py-cryptography] [security/py-bcrypt] [security/py-gssapi] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 46fdbc8019d601a4c538a750c9685cccdfce99ab
RMD160: 332c2ca0df6a206bab11dd05419a6566fcf5a947
Filesize: 299.935 KB

Version history: (Expand)


CVS history: (Expand)


   2018-09-21 12:58:59 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-asyncssh: updated to 1.14.0

Release 1.14.0:
Changed license from EPL 1.0 to EPL 2.0 with GPL 2.0 or later as an available \ 
secondary license.
Added support for automatically parallelizing large reads and write made using \ 
the SFTPClientFile class, similar to what was already available in the \ 
get/put/copy methods of SFTPClient.
Added support for get_extra_info() in SSH process classes, returning information \ 
associated with the channel the process is tied to.
Added new set_extra_info() method on SSH connection and channel classes, \ 
allowing applications to store additional information on these objects.
Added handlers for OpenSSH keepalive global & channel requests to avoid \ 
messages about unknown requests in the debug log. These requests are still \ 
logged, but at debug level 2 instead of 1 and they are not labeled as unknown.
Fixed race condition when closing sockets associated with forwarded connections.
Improved error handling during connection close in SFTPClient.
Worked around issues with integer overflow on systems with a 32-bit time_t value \ 
when dates beyond 2038 are used in X.509 certificates.
Added guards around some imports and tests which were causing problems on Fedora 27.
Changed debug level for reporting PTY modes from 1 to 2 to reduce noise in the logs.
Improved SFTP debug log output when sending EOF responses.
   2018-07-24 08:09:33 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-asyncssh: updated to 1.13.3

1.13.3:
Added support for setting the Unicode error handling strategy in conjunction \ 
with setting an encoding when creating new SSH sessions, streams, and processes. \ 
This strategy can also be set when specifying a session encoding in \ 
create_server(), and when providing an encoding in the get_comment() and \ 
set_comment() functions on private/public keys and certificates.
Changed handling of Unicode in channels to use incrmeental codec, similar to \ 
what was previously done in process redirection.
Added Python 3.7 to the list of classifiers in setup.py, now that it has been \ 
released.
Updated Travis CI configuration to add Python 3.7 builds, and moved Linux builds \ 
on never versions of Python up to xenial.
Added missing coroutine decorator in test_channel.
   2018-07-04 05:38:34 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-asyncssh: updated to 1.13.2

Release 1.13.2:
Added support for accessing client host keys via the OpenSSH ssh-keysign program \ 
when doing host-based authentication. If ssh-keysign is present and enabled on \ 
the system, an AsyncSSH based SSH client can use host-based authentication \ 
without access to the host private keys.
Added support for using pathlib path objects when reading and writing private \ 
and public keys and certificates.
Added support for auth_completed() callback in the SSHServer class which runs \ 
when authentication completes successfully on each new connection.
Fixed host-based authentication unit tests to mock out calls to getnameinfo() to \ 
avoid failures on systems with restricted network functionality.
   2018-06-19 13:37:28 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-asyncssh: updated to 1.13.1

Release 1.13.1:
Added client and server support for host-based SSH authentication. If enabled, \ 
this will allow all users from a given host to be authenticated by a shared host \ 
key, rather than each user needing their own key. This should only be used with \ 
hosts which are trusted to keep their host keys secure and provide accurate \ 
client usernames.
Added support for RSA key exchange algorithms (rsa2048-sha256 and rsa1024-sha1) \ 
available in PuTTY and some mobile SSH clients.
Added support for the SECP256K1 elliptic curve for ECDSA keys and ECDH key \ 
exchange. This curve is supported by the Bitvise SSH client and server.
Added debug logging of the algorithms listed in a received kexinit message.
   2018-05-29 09:18:57 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-asyncssh: updated to 1.13.0

Release 1.13.0:
Added support for dynamic port forwarding via SOCKS, where AsyncSSH will open a \ 
listener which understands SOCKS connect requests and for each request open a \ 
TCP/IP tunnel over SSH to the requested host and port.
Added support in SSHProcess for I/O redirection to file objects that implement \ 
read(), write(), and close() functions as coroutines, such as the “aiofiles” \ 
package. In such cases, AsyncSSH will automaically detect that it needs to make \ 
async calls to these methods when it performs I/O.
Added support for using pathlib objects in SSHProcess I/O redirection.
Added multiple improvements to pattern matching support in the SFTPClient \ 
glob(), mget(), mput(), and mcopy() methods. AsyncSSH now allows you to use \ 
‘**’ in a pattern to do a recursive directory search, allows character \ 
ranges in square brackets in a pattern, and allows a trailing slash in a pattern \ 
to be specified to request that only directories matching the pattern should be \ 
returned.
Fixed an issue with calling readline() and readuntil() with a timeout, where \ 
partial data received before the timeout was sometimes discarded. Any partial \ 
data which was received when a timeout occurs will now be left in the input \ 
buffer, so it is still available to future read() calls.
Fixed a race condition where trying to restart a read() after a timeout could \ 
sometimes raise an exception about multiple simultaneous reads.
Changed readuntil() in SSHReader to raise IncompleteReadError if the receive \ 
window fills up before a delimiter match is found. This also applies to \ 
readline(), which will return a partial line without a newline at the end when \ 
this occurs. To support longer lines, a caller can call readuntil() or \ 
readline() as many times as they’d like, appending the data returned to the \ 
previous partial data until a delimiter is found or some maximum size is \ 
exceeded. Since the default window size is 2 MBytes, though, it’s very \ 
unlikely this will be needed in most applications.
Reworked the crypto support in AsyncSSH to separate packet encryption and \ 
decryption into its own module and simplified the directory structure of the \ 
asyncssh.crypto package, eliminating a pyca subdirectory that was created back \ 
when AsyncSSH used a mix of PyCA and PyCrypto.
   2018-04-18 09:01:23 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-asyncssh: updated to 1.12.2

Release 1.12.2:
Added support for using pathlib objects as paths in calls to SFTP methods, in \ 
addition to Unicode and byte strings. This is mainly intended for use in \ 
constructing local paths, but it can also be used for remote paths as long as \ 
POSIX-style pathlib objects are used and an appropriate path encoding is set to \ 
handle the conversion from Unicode to bytes.
Changed server EXT_INFO message to only be sent after the first SSH key \ 
exchange, to match the specification recently published in RFC 8308.
Fixed edge case in TCP connection forwarding where data received on a forward \ 
TCP connection was not delivered if the connection was closed or half-closed \ 
before the corresponding SSH tunnel was fully established.
Made note about OpenSSH not properly handling send_signal more visible.
   2018-03-13 19:32:23 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-asyncssh: updated to 1.12.1

Release 1.12.1:
Implemented a fix for CVE-2018-7749, where a modified SSH client could request \ 
that an AsyncSSH server perform operations before authentication had completed. \ 
Thanks go to Matthijs Kooijman for discovering and reporting this issue and \ 
helping to review the fix.
Added a non-blocking collect_output() method to SSHClientProcess to allow \ 
applications to retrieve data received on an output stream without blocking. \ 
This call can be called multiple times and freely intermixed with regular read \ 
calls with a guarantee that output will always be returned in order and without \ 
duplication.
Updated debug logging implementation to make it more maintainable, and to fix an \ 
issue where unprocessed packets were not logged in some cases.
Extended the support below for non-ASCII characters in comments to apply to \ 
X.509 certificates, allowing an optional encoding to be passed in to \ 
get_comment() and set_comment() and a get_comment_bytes() function to get the \ 
raw comment bytes without performing Unicode decoding.
Fixed an issue where a UnicodeDecodeError could be reported in some cases \ 
instead of a KeyEncryptionError when a private key was imported using the wrong \ 
passphrase.
Fixed the reporting of the MAC algorithm selected during key exchange to \ 
properly report the cipher name for GCM and Chacha ciphers that don’t use a \ 
separate MAC algorithm. The correct value was being returned in queries after \ 
the key exchange was complete, but the logging was being done before this \ 
adjustment was made.
Fixed the documentation of connection_made() in SSHSession subclasses to \ 
properly reflect the type of SSHChannel objects passed to them.
   2018-02-08 09:26:59 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-asyncssh: updated to 1.12.0

Release 1.12.0:
Enhanced AsyncSSH logging framework to provide detailed logging of events in the \ 
connection, channel, key exchange, authentication, sftp, and scp modules. Both \ 
high-level information logs and more detailed debug logs are available, and \ 
debug logging supports multiple debug levels with different amounts of \ 
verboseness. Logger objects are also available on various AsyncSSH classes to \ 
allow applications to report their own log events in a manner that can be tied \ 
back to a specific SSH connection or channel.
Added support for begin_auth() to be a coroutine, so asynchronous operations can \ 
be performed within it to load state needed to perform SSH authentication.
Adjusted key usage flags set on generated X.509 certificates to be more RFC \ 
compliant and work around an issue with OpenSSL validation of self-signed non-CA \ 
certificates.
Updated key and certificate comment handling to be less sensitive to the \ 
encoding of non-ASCII characters. The get_comment() and set_comment() functions \ 
now take an optional encoding paramter, defaulting to UTF-8 but allowing for \ 
others encodings. There’s also a get_comment_bytes() function to get the \ 
comment data as bytes without performing Unicode decoding.
Updated AsyncSSH to be compatible with beta release of Python 3.7.
Updated code to address warnings reported by the latest version of pylint.
Cleaned up various formatting issues in Sphinx documentation.
Significantly reduced time it takes to run unit tests by decreasing the rounds \ 
of bcrypt encryption used when unit testing encrypted OpenSSH private keys.
Added support for testing against uvloop in Travis CI.