./security/py-paramiko, SSH2 protocol library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.18.2, Package name: py27-paramiko-1.18.2, Maintainer: pkgsrc-users

paramiko is a module for python 2.2 (or higher) that implements the SSH2
protocol for secure (encrypted and authenticated) connections to remote
machines. unlike SSL (aka TLS), SSH2 protocol does not require hierarchical
certificates signed by a powerful central authority. you may know SSH2 as
the protocol that replaced telnet and rsh for secure access to remote shells,
but the protocol also includes the ability to open arbitrary channels to
remote services across the encrypted tunnel (this is how sftp works,
for example).


Required to run:
[devel/py-setuptools] [security/py-crypto] [lang/python27] [security/py-ecdsa]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: d81ee64df6c621942824aed62b720d254ea65b21
RMD160: be704c705db1f370ba001622f806c5ab562def41
Filesize: 1169.723 KB

Version history: (Expand)


CVS history: (Expand)


   2017-05-19 16:47:10 by Havard Eidnes | Files touched by this commit (3) | Package updated
Log message:
Upgrade py-paramiko from 1.15.3 to 1.18.2.

Pkgsrc changes:
Adapt PLIST.

Upstream changes:

1.18.2 2017-02-20
  [Bug] #895: Fix a bug in server-mode concerning multiple interactive
     auth steps (which were incorrectly responded to). Thanks to Dennis
     Kaarsemaker for catch & patch.
  [Bug] #713: (via #714 and #889) Don't pass initialization vectors
     to PyCrypto when dealing with counter-mode ciphers; newer PyCrypto
     versions throw an exception otherwise (older ones simply ignored
     this parameter altogether). Thanks to @jmh045000 for report &
     patches.
  [Bug] #44: (via #891) SSHClient now gives its internal Transport
     a handle on itself, preventing garbage collection of the client
     until the session is closed. Without this, some code which returns
     stream or transport objects without the client that generated
     them, would result in premature session closure when the client
     was GCd. Credit: @w31rd0 for original report, Omer Anson for the
     patch.
  [Bug] #862: (via #863) Avoid test suite exceptions on platforms
    lacking errno.ETIME (which seems to be some FreeBSD and some
    Windows environments.) Thanks to Sofian Brabez.
  [Bug] #853: Tweak how RSAKey.__str__ behaves so it doesn't
    cause TypeError under Python 3. Thanks to Francisco Couzo for
    the report.
  [Support] #866: (also #838) Remove an old test-related file we
    don't support, and add PyPy to Travis-CI config. Thanks to
    Pierce Lopez for the final patch and Pedro Rodrigues for an
    earlier edition.

1.18.1 2016-12-12
  [Bug] #859: (via #860) A tweak to the original patch implementing
    #398 was not fully applied, causing calls to invoke_shell to
    fail with AttributeError. This has been fixed. Patch credit:
    Kirk Byers.

1.18.0 2016-12-09
  [Feature] #398: Add an environment dict argument to
    Client.exec_command (plus the lower level Channel.update_environment
    and Channel.set_environment_variable methods) which implements
    the env SSH message type. This means the remote shell environment
    can be set without the use of VARNAME=value shell tricks,
    provided the server's AcceptEnv lists the variables you need
    to set. Thanks to Philip Lorenz for the pull request.
  [Feature] #780: (also #779, and may help users affected by
    #520) Add an optional timeout parameter to Transport.start_client
    (and feed it the value of the configured connection timeout
    when used within SSHClient.) This helps prevent situations
    where network connectivity isn't timing out, but the remote
    server is otherwise unable to service the connection in a timely
    manner. Credit to @sanseihappa.
  [Support] #819: Document how lacking gmp headers at install
    time can cause a significant performance hit if you build
    PyCrypto from source. (Most system-distributed packages already
    have this enabled.)
  [Support] #854: Fix incorrect docstring/param-list for
    Transport.auth_gssapi_keyex so it matches the real signature.
    Caught by @Score_Under.
  [Support] #792: Minor updates to the README and demos; thanks to Alan Yee.
  [Support] #801: Skip a Unix-only test when on Windows; thanks to Gabi Davar.

For pre-1.18.0 changes, see
  http://www.paramiko.org/changelog.html
   2016-06-08 19:43:49 by Thomas Klausner | Files touched by this commit (356)
Log message:
Switch to MASTER_SITES_PYPI.
   2016-05-18 14:43:00 by Havard Eidnes | Files touched by this commit (1)
Log message:
Undo previous, contaminated testing environment, py-cryptography isn't
needed after all.
   2016-05-18 14:01:53 by Havard Eidnes | Files touched by this commit (1)
Log message:
Add missing dependency on py-cryptography.  Without this, usage fails
with "ImportError: No module named cryptography.hazmat.backends" from
paramiko/transport.py.
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-10-04 00:54:17 by Blue Rats | Files touched by this commit (2) | Package updated
Log message:
Update to 1.15.3. Mostly, the point of this update is to clarify that paramiko
is not, from what I can tell by building and using (also from the repo),
broken under py3x. Therefore, dependencies marked as broken under py3x due to
paramiko will be unmarked (unless they are broken for lack of py3x support).

From sites/www/changelog.rst:

:support:`554 backported` Fix inaccuracies in the docstring for the ECDSA key \ 
class. Thanks to Jared Hance for the patch.

:support:`516 backported` Document ~paramiko.agent.AgentRequestHandler. Thanks \ 
to @toejough for report & suggestions.

:bug:`496` Fix a handful of small but critical bugs in Paramiko's GSSAPI support \ 
(note: this includes switching from PyCrypo's Random to os.urandom). Thanks to \ 
Anselm Kruis for catch & patch.

:bug:`491` (combines :issue:`62` and :issue:`439`) Implement timeout \ 
functionality to address hangs from dropped network connections and/or failed \ 
handshakes. Credit to @vazir and @dacut for the original patches and to Olle \ 
Lundberg for reimplementation.

:bug:`490` Skip invalid/unparseable lines in known_hosts files, instead of \ 
raising ~paramiko.ssh_exception.SSHException. This brings Paramiko's behavior \ 
more in line with OpenSSH, which silently ignores such input. Catch & patch \ 
courtesy of Martin Topholm.

:bug:`404` Print details when displaying \ 
~paramiko.ssh_exception.BadHostKeyException objects (expected vs received data) \ 
instead of just "hey shit broke". Patch credit: Loic Dachary.

:bug:`469` (also :issue:`488`, :issue:`461` and like a dozen others) Fix a typo \ 
introduced in the 1.15 release which broke WinPageant support. Thanks to \ 
everyone who submitted patches, and to Steve Cohen who was the lucky winner of \ 
the cherry-pick lottery.

:bug:`353` (via :issue:`482`) Fix a bug introduced in the Python 3 port which \ 
caused OverFlowError (and other symptoms) in SFTP functionality. Thanks to \ 
@dboreham for leading the troubleshooting charge, and to Scott Maxwell for the \ 
final patch.

:support:`582` Fix some old setup.py related helper code which was breaking \ 
bdist_dumb on Mac OS X. Thanks to Peter Odding for the patch.

:bug:`22 major` Try harder to connect to multiple network families (e.g. IPv4 vs \ 
IPv6) in case of connection issues; this helps with problems such as hosts which \ 
resolve both IPv4 and IPv6 addresses but are only listening on IPv4. Thanks to \ 
Dries Desmet for original report and Torsten Landschoff for the foundational \ 
patchset.

:bug:`402` Check to see if an SSH agent is actually present before trying to \ 
forward it to the remote end. This replaces what was usually a useless TypeError \ 
with a human-readable ~paramiko.ssh_exception.AuthenticationException. Credit to \ 
Ken Jordan for the fix and Yvan Marques for original report.
   2015-01-05 14:18:28 by Matthias Drochner | Files touched by this commit (3) | Package updated
Log message:
update to 0.15.2
There is no useful changelog, but it makes the client work again a recent
OpenSSH server (6.7p1-hpn14v5) again. Tested with "duplicity".
   2014-06-12 02:43:28 by Guillaume Lasmayous | Files touched by this commit (3) | Package updated
Log message:
Update security/py-paramiko to 1.14.0

Upstream changes:
-----------------

:release:`1.14.0 <2014-05-07>`
------------------------------

:bug:`-` paramiko.file.BufferedFile.read incorrectly returned text
 strings after the Python 3 migration, despite bytes being more
 appropriate for file contents
(which may be binary or of an unknown encoding.) This has been addressed.

Note
paramiko.file.BufferedFile.readline continues to return strings,
 not bytes, as "lines" only make sense for textual data.
 It assumes UTF-8 by default.

This should fix this issue raised on the Obnam mailing list.
 Thanks to Antoine Brenner for the patch.

:bug:`-` Added self.args for exception classes. Used for unpickling.
 Related to (Fabric #986, Fabric #714). Thanks to Alex Plugaru.

:bug:`-` Fix logging error in sftp_client for filenames containing
 the '%' character. Thanks to Antoine Brenner.

:bug:`308` Fix regression in dsskey.py that caused sporadic
 signature verification failures. Thanks to Chris Rose.

:support:`299` Use deterministic signatures for ECDSA keys for
 improved security. Thanks to Alex Gaynor.

:support:`297` Replace PyCrypto's Random with os.urandom for
 improved speed and security. Thanks again to Alex.

:support:`295` Swap out a bunch of PyCrypto hash functions with use of
 hashlib. Thanks to Alex Gaynor.

:support:`290` (also :issue:`292`) Add support for building universal
 (Python 2+3 compatible) wheel files during the release process.
 Courtesy of Alex Gaynor.

:support:`284` Add Python language trove identifiers to setup.py.
 Thanks to Alex Gaynor for catch & patch.

:bug:`235` Improve string type testing in a handful of spots
 (e.g. s/if type(x) is str/if isinstance(x, basestring)/g.)
 Thanks to @ksamuel for the report.

:release:`1.13.0 <2014-03-13>`
------------------------------

:feature:`16` Python 3 support! Our test suite passes under Python 3,
 and it (& Fabric's test suite) continues to pass under Python 2.
 Python 2.5 is no longer supported with this change!

The merged code was built on many contributors' efforts, both code &
 feedback. In no particular order, we thank Daniel Goertzen, Ivan
 Kolodyazhny, Tomi Pieviläinen, Jason R. Coombs, Jan N. Schulze,
 @Lazik, Dorian Pula, Scott Maxwell, Tshepang Lekhonkhobe, Aaron Meurer,
 and Dave Halter.

:support:`256 backported` Convert API documentation to Sphinx, yielding
 a new API docs website to replace the old Epydoc one.
 Thanks to Olle Lundberg for the initial conversion work.

:bug:`-` Use constant-time hash comparison operations where possible,
to protect against timing-based attacks. Thanks to Alex Gaynor for the patch.

:release:`1.12.2 <2014-02-14>`
------------------------------

:feature:`58` Allow client code to access the stored SSH server banner via
 Transport.get_banner <paramiko.transport.Transport.get_banner>.
 Thanks to @Jhoanor for the patch.

:bug:`252` (Fabric #1020) Enhanced the implementation of ProxyCommand to
 avoid a deadlock/hang condition that frequently occurs at Transport
 shutdown time. Thanks to Mateusz Kobos, Matthijs van der Vleuten and
 Guillaume Zitta for the original reports and to Marius Gedminas for
 helping test nontrivial use cases.

:bug:`268` Fix some missed renames of ProxyCommand related error classes.
 Thanks to Marius Gedminas for catch & patch.

:bug:`34` (PR :issue:`35`) Fix SFTP prefetching incompatibility with some
 SFTP servers regarding request/response ordering.
 Thanks to Richard Kettlewell.

:bug:`193` (and its attentant PRs :issue:`230` & :issue:`253`) Fix SSH
 agent problems present on Windows. Thanks to David Hobbs for initial
 report and to Aarni Koskela & Olle Lundberg for the patches.

:release:`1.12.1 <2014-01-08>`
------------------------------

:bug:`225 (1.12+)` Note ecdsa requirement in README. Thanks to Amaury
 Rodriguez for the catch.

:bug:`176` Fix AttributeError bugs in known_hosts file (re)loading.
 Thanks to Nathan Scowcroft for the patch & Martin Blumenstingl for the
 initial test case.