Log message:
py-asyncssh: updated to 2.13.1

Release 2.13.1 (18 Feb 2023)
----------------------------

* Updated type definitions for mypy 1.0.0, removing a dependency on
  implicit Optional types, and working around an issue that could
  trigger a mypy internal error.

* Updated unit tests to avoid calculation of SHA-1 signatures, which
  are no longer allowed in cryptography 39.0.0.

Log message:
py-asyncssh: updated to 2.13.0

Release 2.13.0 (27 Dec 2022)
----------------------------

* Updated testing and coverage to drop Python 3.6 and add Python 3.11.
  Thanks go to GitHub user hexchain for maintaining the GitHub workflows
  supporting this!

* Added new "recv_eof" option to not pass an EOF from a channel to a
  redirected target, allowing output from multiple SSH sessions to be
  sent and mixed with other direct output to that target. This is meant
  to be similar to the existing "send_eof" option which controls whether
  EOF on a redirect source is passed through to the SSH channel. Thanks
  go to Stuart Reynolds for inspiring this idea.

* Added new methods to make it easy to perform forwarding between TCP
  ports and UNIX domain sockets. Thanks go to Alex Rogozhnikov for
  suggesting this use case.

* Added a workaround for a problem seen on a Huawei SFTP server where
  it sends an invalid combination of file attribute flags. In cases where
  the flags are otherwise valid and the right amount of attribute data is
  available, AsyncSSH will ignore the invalid flags and proceed.

* Fixed an issue with copying files to SFTP servers that don't support
  random access I/O. The potential to trigger this failyre goes back
  several releases, but a change in AsyncSSH 2.12 made out-of-order writes
  much more likely. This fix returns AsyncSSH to its previous behavior
  where out-of-order writes are unlikely even when taking advantage of
  parallel reads. Thanks go to Patrik Lindgren and Stefan Walkner for
  reporting this issue and helping to identify the source of the problem.

* Fixed an issue when requesting remote port forwarding on a dynamically
  allocated port. Thanks go to Daniel Shimon for reporting this and
  proposing a fix.

* Fixed an issue where readexactly could block indefinitely when a signal
  is delivered in the stream before the requested number of bytes are
  available. Thanks go to Artem Bezborodko for reporting this and
  providing a fix.

* Fixed an interoperability issue with OpenSSH when using SSH certificates
  with RSA keys with a SHA-2 signature. Thanks go to Łukasz Siudut for
  reporting this.

* Fixed an issue with handling "None" in ProxyCommand, \ 
GlobalKnownHostsFile,
  and UserKnownHostsFile config file options. Thanks go to GitHub user
  dtrifiro for reporting this issue and suggesting a fix.

Log message:
Use versioned_dependencies for py-OpenSSL.

Log message:
fighting a losing battle against py-cryptography rustification, part 2

Switch users to versioned_dependencies.mk.

Log message:
py-asyncssh: updated to 2.12.0

Release 2.12.0 (10 Aug 2022)
----------------------------

* Added top-level functions run_client() and run_server() which allow
  you to begin running an SSH client or server on an already-connected
  socket. This capability is also available via a new "sock" argument
  in the existing connect(), connect_reverse(), get_server_host_key(),
  and get_server_auth_methods() functions.

* Added "sock" argument to listen() and listen_reverse() functions
  which takes an already-bound listening socket instead of a host
  and port to bind a new socket to.

* Added support for forwarding break, signal, and terminal size updates
  when redirection of stdin is set up between two SSHProcess instances.

* Added support for sntrup761x25519-sha512@openssh.com post-quantum
  key exchange algorithm. For this to be available, the Open Quantum
  Safe (liboqs) dynamic library must be installed.

* Added "sig_alg" argument to set a signature algorithm when creating
  OpenSSH certificates, allowing a choice between ssh-rsa, rsa-sha2-256,
  and rsa-sha2-512 for certificates signed by RSA keys.

* Added new read_parallel() method in SFTPClientFile which allows
  parallel reads to be performed from a remote file, delivering
  incremental results as these reads complete. Previously, large
  reads would automatically be parallelized, but a result was only
  returned after all reads completed.

* Added definition of __all__ for public symbols in AsyncSSH to make
  pyright autocompletion work better. Thanks go to Nicolas Riebesel
  for providing this change.

* Updated SFTP and SCP glob and copy functions to use scandir() instead
  of listdir() to improve efficiency.

* Updated default for "ignore_encrypted" client connection option to
  ignore encrypted keys specified in an OpenSSH config file when no
  passphrase is provided, similar to what was previosuly done for
  keys with default names.

* Fixed an issue when using an SSH agent with RSA keys and an X.509
  certificate while requesting SHA-2 signatures.

* Fixed an issue with use of expanduser() in unit tests on newer versions
  of Python. Thanks go to Georg Sauthoff for providing an initial version
  of this fix.

* Fixed an issue with fallback to a Pageant agent not working properly
  on Windows when no agent_path or SSH_AUTH_SOCK was set.

* Fixed improper escaping in readuntil(), causing certain punctuation in
  separator to not match properly. Thanks go to Github user MazokuMaxy
  for reporting this issue.

* Fixed the connection close handler to properly mark channels as fully
  closed when the peer unexpected closes the connection, allowing
  exceptions to fire if an application continues to try and use
  the channel. Thanks go to Taha Jahangir for reporting this issue and
  suggesting a possible fix.

* Eliminated unit testing against OpenSSH for tests involving DSA and
  RSA keys using SHA-1 signatures, since this support is being dropped
  in some distributions of OpenSSH. These tests are still performed, but
  using only AsyncSSH code. Thanks go to Ken Dreyer and Georg Sauthoff
  for reporting this issue and helping me to reproduce it.

Log message:
py-asyncssh: updated to 2.11.0

Release 2.11.0 (4 Jun 2022)
---------------------------

* Made a number of improvements in SFTP glob support, with thanks to
  Github user LuckyDams for all the help working out these changes!

  * Added a new glob_sftpname() method which returns glob matches
    together with attribute information, avoiding the need for a
    caller to make separate calls to stat() on the returned results.
  * Switched from listdir() to scandir() to reduce the number of
    stat() operations required while finding matches.
  * Added code to remove duplicates when glob() is called with
    multiple patterns that match the same path.
  * Added a cache of directory listing and stat results to improve
    performance when matching patterns with overlapping paths.
  * Fixed an "index out of range" bug in recursive glob matching
    and aligned it better with results reeturned by UNIX shells.
  * Changed matching to ignore inaccessible or non-existent paths
    in a glob pattern, to allow accessible paths to be fully
    explored before returning an error. The error handler will now
    be called only if a pattern results in no matches, or if a more
    serious error occurs while scanning.

* Changed SFTP makedirs() method to work better cases where parts of
  requested path already exist but don't allow read access. As long as
  the entire path can be created, makedirs() will succeed, even if some
  directories on the path don't allow their contents to be read. Thanks
  go to Peter Rowlands for providing this fix.

* Replaced custom Diffie Hellman implementation in AsyncSSH with the
  one in the cryptography package, resulting in an over 10x speedup.
  Thanks go to Github user iwanb for suggesting this change.

* Fixed AsyncSSH to re-acquire GSS credentials when performing key
  renegotiation to avoid expired credentials on long-lived connections.
  Thanks go to Github user PromyLOPh for pointing out this issue and
  suggesting a fix.

* Fixed GSS MIC to work properly with GSS key exchange when AsyncSSH
  is running as a server. This was previously fixed on the client side,
  but a similar fix for the server was missed.

* Changed connection timeout unit tests to work better in environments
  where a firewall is present. Thanks go to Stefano Rivera for
  reporting this issue.

* Improved unit tests of Windows SSPI GSSAPI module.

* Improved speed of unit tests by reducing the number of key generation
  calls. RSA key generation in particular has gotten much more expensive
  in OpenSSL 3.

Log message:
py-asyncssh: updated to 2.10.1

Release 2.10.1 (16 Apr 2022)
----------------------------

* Added support for "Match Exec" in config files and updated AsyncSSH
  API calls to do config parsing in an executor to avoid blocking the
  event loop if a "Match Exec" command doesn't return immediately.

* Fixed an issue where settings associated with server channels set
  when creating a listener rather than at the time a new channel is
  opened were not always being applied correctly.

* Fixed config file handling to be more consistent with OpenSSH, making
  all relative paths be evaluated relative to ~/.ssh and allowing
  references to config file patterns which don't match anything to only
  trigger a debug message rather than an error. Thanks go to Caleb Ho
  for reporting this issue!

* Update minimum required version of cryprography package to 3.1, to
  allow calls to it to be made without passing in a "backend" argument.
  This was missed back in the 2.9 release. Thanks go to Github users
  sebby97 and JavaScriptDude for reporting this issue!

Release 2.10.0 (26 Mar 2022)
----------------------------

* Added new get_server_auth_methods() function which returns the set
  of auth methods available for a given user and SSH server.

* Added support for new line_echo argument when creating a server
  channel which controls whether input in the line editor is echoed
  to the output immediately or under the control of the application,
  allowing more control over the ordering of input and output.

* Added explicit support for RSA SHA-2 certificate algorithms.
  Previously, SHA-2 signatures were supported using the original
  ssh-rsa-cert-v01@openssh.com algorithm name, but recent versions
  of SSH now disable this algorithm by default, so the new SHA-2
  algorithm names need to be advertised for SHA-2 signatures to
  work when using OpenSSH certificates.

* Improved handling of config file loading when options argument is
  used, allowing config loading to be overridden at connect() time
  even if the options passed in referenced a config file.

* Improved speed of unit tests by avoiding some network timeouts
  when connecting to invalid addresses.

* Merged GitHub workflows contributed by GitHub user hexchain to
  run unit tests and collect code coverage information on multiple
  platforms and Python versions. Thanks so much for this work!

* Fixed issue with GSS auth unit tests hanging on Windows.

* Fixed issue with known_hosts matching when ProxyJump is being used.
  Thanks go to GitHub user velavokr for reporting this and helping
  to debug it.

* Fixed type annotations for SFTP client and server open methods.
  Thanks go to Marat Sharafutdinov for reporting this!

Log message:
py-asyncssh: updated to 2.9.0

Release 2.9.0 (23 Jan 2022)
---------------------------

* Added mypy-compatible type annotations to all AsyncSSH modules, and a
  "py.typed" file to signal that annotations are now available for this
  package.

* Added experimental support for SFTP versions 4-6. While AsyncSSH still
  defaults to only advertising version 3 when acting as both a client and
  a server, applications can explicitly enable support for later versions,
  which will be used if both ends of the connection agree. Not all features
  are fully supported, but a number of useful enhancements are now
  available, including as users and groups specified by name, higher
  resolution timestamps, and more granular error reporting.

* Updated documentation to make it clear that keys from a PKCS11 provider
  or ssh-agent will be used even when client_keys is specified, unless
  those sources are explicitly disabled.

* Improved handling of task cancellation in AsyncSSH to avoid triggering
  an error of "Future exception was never retrieved". Thanks go to \ 
Krzysztof
  Kotlenga for reporting this issue and providing test code to reliably
  reproduce it.

* Changed implementation of OpenSSH keepalive handler to improve
  interoperability with servers which don't expect a "success" response
  when this message is sent.

Release 2.8.1 (8 Nov 2021)
--------------------------

* Fixed a regression in handling of the passphrase argument used to
  decrypt private keys.

Release 2.8.0 (3 Nov 2021)
--------------------------

* Added new connect_timeout option to set a timeout which includes the
  time taken to open an outbound TCP connection, allowing connections
  to be aborted without waiting for the default socket connect timeout.
  The existing login_timeout option only applies after the TCP connection
  was established, so it could not be used for this. The support for the
  ConnectTimeout config file option has also been updated to use this new
  capability, making it more consistent with OpenSSH's behavior.

* Added the ability to use the passphrase argument specified in a connect
  call to be used to decrypt keys used to connect to bastion hosts.
  Previously, this argument was only applied when making a connection
  to the main host and encrypted keys could only be used when they
  were loaded separately.

* Updated AsyncSSH's "Record" class to make it more IDE-friendly when
  it comes to things like auto-completion. This class is used as a base
  class for SSHCompletedProcess and various SFTP attribute classes.
  Thanks go to Github user zentarim for suggesting this improvement.

* Fixed a potential uncaught exception when handling forwarded connections
  which are immediately closed by a peer.

Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS

Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2