Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Cut 1.18.41.18.4 | Jeff Forcier | 2017-09-18 | 2 | -1/+2 |
| | |||||
* | Tweak changelog entry re #945. | Jeff Forcier | 2017-09-13 | 1 | -4/+5 |
| | | | | | Since the backported fix came out a lot earlier it seems best to make this one more explicit so it doesn't look as confusing? | ||||
* | tests for host key negotiation when there are multiple | Pierce Lopez | 2017-09-13 | 2 | -1/+56 |
| | |||||
* | changelog: update for bug `865` | Pierce Lopez | 2017-09-13 | 1 | -0/+4 |
| | |||||
* | SSHClient: adjust Transport preferred host key types if known host | Pierce Lopez | 2017-09-13 | 1 | -17/+21 |
| | | | | | | | | | | | | | | If we have a host keys that will be checked, we need to negotiate for the type we have. Commonly, openssh could have saved an ecdsa key in known_hosts, but SSHClient will let the Transport negotiate for an rsa key. Then it would consider a key of a non-corresponding type to be "missing". That situation is also now a BadHostKeyException. Before this change, a man-in-the-middle attack on the paramiko ssh client was possible by having only a host key type which differs from what the client has in known_hosts (and then giving any key of that type). | ||||
* | Transport: log agreed host key type | Pierce Lopez | 2017-09-13 | 1 | -0/+3 |
| | |||||
* | Merge branch '1.17' into 1.18 | Jeff Forcier | 2017-09-12 | 1 | -0/+3 |
|\ | |||||
| * | Master changelog entry re: #1056 #1057 #1058 #1059 | Jeff Forcier | 2017-09-12 | 1 | -0/+3 |
| | | |||||
* | | Merge branch '1.17-gsskex-hostkeycheck-fix' into 1.18-gsskex-hostkeycheck-fix | Anselm Kruis | 2017-08-04 | 2 | -1/+62 |
|\ \ | |/ | |||||
| * | SSHClient: fix the host key test | Anselm Kruis | 2017-08-01 | 2 | -1/+62 |
| | | | | | | | | | | | | | | | | | | Skip the host key check only, if the transport actually used gssapi-keyex. Add tests for the missing-host-key RejectPolicy. Before this change, a man-in-the-middle attack on the paramiko ssh client with gss_kex=True was possible by having a server that does not support gssapi-keyex and gives any or no host key. | ||||
* | | Cut 1.18.31.18.3 | Jeff Forcier | 2017-06-09 | 2 | -1/+2 |
| | | |||||
* | | Merge branch '1.17' into 1.18 | Jeff Forcier | 2017-06-09 | 1 | -0/+1 |
|\ \ | |/ | |||||
| * | Cut 1.17.51.17.5 | Jeff Forcier | 2017-06-09 | 2 | -1/+2 |
| | | |||||
* | | Changelog re #906 | Jeff Forcier | 2017-06-09 | 1 | -0/+2 |
| | | |||||
* | | Merge branch '1.18' into 906-int | Jeff Forcier | 2017-06-09 | 16 | -122/+229 |
|\ \ | |||||
| * \ | Merge branch '1.17' into 1.18 | Jeff Forcier | 2017-06-09 | 10 | -26/+209 |
| |\ \ | | |/ | |||||
| | * | Changelog re #971 (based on f0124d9) | Jeff Forcier | 2017-06-09 | 1 | -0/+5 |
| | | | |||||
| | * | Merge branch '1.17' into 971-int | Jeff Forcier | 2017-06-09 | 8 | -96/+20 |
| | |\ | |||||
| | * | | Tweak comments as suggested in review | Martin Packman | 2017-06-01 | 3 | -4/+6 |
| | | | | | | | | | | | | | | | | Thanks to bitprophet and ploxiln. | ||||
| | * | | Allow any buffer type to be written to SFTPFile | Martin Packman | 2017-05-26 | 2 | -4/+32 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #967 #968 Rollup of earlier branches proposed as #969 and #970 with additional fix inside sftp_client. Includes new tests for SFTPFile usage. Change against the 1.17 branch. | ||||
| | * | | Merge prerequistes changes to b and asbytes | Martin Packman | 2017-05-26 | 3 | -10/+81 |
| | |\ \ | |||||
| | | * | | Allow any buffer type to be sent to Channel | Martin Packman | 2017-05-25 | 2 | -9/+80 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #968 Changes the behaviour of the underlying asbytes helper to pass along unknown types. Most callers already handle this by passing the bytes along to a file or socket-like object which will raise TypeError anyway. Adds test coverage through the Transport implementation. Change against the 1.17 branch. | ||||
| | | * | | Import from py3compat directly in test_client | Martin Packman | 2017-05-25 | 1 | -1/+1 |
| | | | | | |||||
| | * | | | Allow any buffer type to written to BufferedFile | Martin Packman | 2017-05-25 | 2 | -12/+52 |
| | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #967 Also adds test coverage for writing various types to BufferedFile which required some small changes to the test LoopbackFile subclass. Change against the 1.17 branch. | ||||
| | * | | Add new skipUnlessBuiltin function for testing | Martin Packman | 2017-05-25 | 1 | -0/+36 |
| | | | | |||||
| | * | | Add vi temporary files to .gitignore | Martin Packman | 2017-05-25 | 1 | -0/+1 |
| | | | | |||||
| * | | | Merge branch '1.17' into 1.18 | Jeff Forcier | 2017-06-09 | 4 | -4/+8 |
| |\ \ \ | | | |/ | | |/| | |||||
| | * | | Changelog re #956 | Jeff Forcier | 2017-06-09 | 1 | -0/+3 |
| | | | | |||||
| | * | | Replace coveralls with codecov, comments disabled | Nikolai R Kristiansen | 2017-06-09 | 3 | -4/+5 |
| | | | | |||||
| * | | | Merge branch '1.17' into 1.18 | Jeff Forcier | 2017-06-09 | 5 | -92/+12 |
| |\ \ \ | | |/ / | |||||
| | * | | update changelog with fix for #949 | Pierce Lopez | 2017-06-06 | 1 | -0/+4 |
| | | | | |||||
| | * | | re-enable client cleanup test for python3 | Pierce Lopez | 2017-06-06 | 1 | -13/+8 |
| | | | | |||||
| | * | | remove back-reference from Transport to SSHClient | Pierce Lopez | 2017-06-06 | 2 | -6/+0 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was only recently added, and it's not really needed after the ResourceManager removal. Removing it allows the SSHClient to be garbage-collected if only the Transport (and Channels) are still in use. | ||||
| | * | | remove ResourceManager to fix leak of Transport/SSHClient | Kyle Agronick | 2017-06-06 | 2 | -73/+0 |
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The back-reference from Transport to SSHClient was added because the SSHClient had a destructor that would close the Transport, and some users did not want the Transport closed when the SSHClient was garbage collected. The SSHClient destructor was not a normal destructor, it was implemented with the ResourceManager singleton. Together with the back-reference, this prevented the GC cycle detector from freeing the SSHClient and Transport. | ||||
| | * | This doesn't affect 2.x lines, wups | Jeff Forcier | 2017-02-20 | 1 | -1/+1 |
| | | | |||||
* | | | SFTPClient: remove unreachable return in getfo() | Pierce Lopez | 2017-02-23 | 1 | -2/+0 |
| | | | | | | | | | | | | was an un-declared variable too | ||||
* | | | cleanup unused and star imports | Pierce Lopez | 2017-02-23 | 5 | -6/+3 |
| | | | | | | | | | | | | found and checked with pyflakes for python2.7 and python3.5 | ||||
* | | | can depend on collections.MutableMapping being available | Pierce Lopez | 2017-02-23 | 1 | -6/+1 |
| | | | | | | | | | | | | since python 2.6 | ||||
* | | | all supported versions of python2 have cStringIO | Pierce Lopez | 2017-02-23 | 1 | -9/+2 |
| | | | |||||
* | | | transport: remove compat for old python lacking sock.settimeout() | Pierce Lopez | 2017-02-23 | 1 | -8/+3 |
|/ / | |||||
* | | update changelog for fixing #683 | Pierce Lopez | 2017-02-23 | 1 | -0/+2 |
| | | |||||
* | | log_to_file() should append instead of replace | Pierce Lopez | 2017-02-23 | 1 | -1/+1 |
| | | |||||
* | | This doesn't affect 2.x lines, wups | Jeff Forcier | 2017-02-20 | 1 | -1/+1 |
| | | |||||
* | | Merge branch '1.17' into 1.18 | Jeff Forcier | 2017-02-20 | 1 | -1/+1 |
|\ \ | |/ | |||||
| * | Main release module configures the tasks to hide stdout, undo that | Jeff Forcier | 2017-02-20 | 1 | -1/+1 |
| | | |||||
* | | Cut 1.18.21.18.2 | Jeff Forcier | 2017-02-20 | 2 | -1/+2 |
| | | |||||
* | | Merge branch '1.17' into 1.18 | Jeff Forcier | 2017-02-20 | 1 | -0/+1 |
|\ \ | |/ | |||||
| * | Cut 1.17.41.17.4 | Jeff Forcier | 2017-02-20 | 2 | -1/+2 |
| | | |||||
* | | Merge branch '1.17' into 1.18 | Jeff Forcier | 2017-02-20 | 3 | -3/+24 |
|\ \ | |/ | |||||
| * | Changelog closes #853 | Jeff Forcier | 2017-02-20 | 1 | -0/+3 |
| | |