summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Cut 1.18.41.18.4Jeff Forcier2017-09-182-1/+2
|
* Tweak changelog entry re #945.Jeff Forcier2017-09-131-4/+5
| | | | | Since the backported fix came out a lot earlier it seems best to make this one more explicit so it doesn't look as confusing?
* tests for host key negotiation when there are multiplePierce Lopez2017-09-132-1/+56
|
* changelog: update for bug `865`Pierce Lopez2017-09-131-0/+4
|
* SSHClient: adjust Transport preferred host key types if known hostPierce Lopez2017-09-131-17/+21
| | | | | | | | | | | | | | If we have a host keys that will be checked, we need to negotiate for the type we have. Commonly, openssh could have saved an ecdsa key in known_hosts, but SSHClient will let the Transport negotiate for an rsa key. Then it would consider a key of a non-corresponding type to be "missing". That situation is also now a BadHostKeyException. Before this change, a man-in-the-middle attack on the paramiko ssh client was possible by having only a host key type which differs from what the client has in known_hosts (and then giving any key of that type).
* Transport: log agreed host key typePierce Lopez2017-09-131-0/+3
|
* Merge branch '1.17' into 1.18Jeff Forcier2017-09-121-0/+3
|\
| * Master changelog entry re: #1056 #1057 #1058 #1059Jeff Forcier2017-09-121-0/+3
| |
* | Merge branch '1.17-gsskex-hostkeycheck-fix' into 1.18-gsskex-hostkeycheck-fixAnselm Kruis2017-08-042-1/+62
|\ \ | |/
| * SSHClient: fix the host key testAnselm Kruis2017-08-012-1/+62
| | | | | | | | | | | | | | | | | | Skip the host key check only, if the transport actually used gssapi-keyex. Add tests for the missing-host-key RejectPolicy. Before this change, a man-in-the-middle attack on the paramiko ssh client with gss_kex=True was possible by having a server that does not support gssapi-keyex and gives any or no host key.
* | Cut 1.18.31.18.3Jeff Forcier2017-06-092-1/+2
| |
* | Merge branch '1.17' into 1.18Jeff Forcier2017-06-091-0/+1
|\ \ | |/
| * Cut 1.17.51.17.5Jeff Forcier2017-06-092-1/+2
| |
* | Changelog re #906Jeff Forcier2017-06-091-0/+2
| |
* | Merge branch '1.18' into 906-intJeff Forcier2017-06-0916-122/+229
|\ \
| * \ Merge branch '1.17' into 1.18Jeff Forcier2017-06-0910-26/+209
| |\ \ | | |/
| | * Changelog re #971 (based on f0124d9)Jeff Forcier2017-06-091-0/+5
| | |
| | * Merge branch '1.17' into 971-intJeff Forcier2017-06-098-96/+20
| | |\
| | * | Tweak comments as suggested in reviewMartin Packman2017-06-013-4/+6
| | | | | | | | | | | | | | | | Thanks to bitprophet and ploxiln.
| | * | Allow any buffer type to be written to SFTPFileMartin Packman2017-05-262-4/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #967 #968 Rollup of earlier branches proposed as #969 and #970 with additional fix inside sftp_client. Includes new tests for SFTPFile usage. Change against the 1.17 branch.
| | * | Merge prerequistes changes to b and asbytesMartin Packman2017-05-263-10/+81
| | |\ \
| | | * | Allow any buffer type to be sent to ChannelMartin Packman2017-05-252-9/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #968 Changes the behaviour of the underlying asbytes helper to pass along unknown types. Most callers already handle this by passing the bytes along to a file or socket-like object which will raise TypeError anyway. Adds test coverage through the Transport implementation. Change against the 1.17 branch.
| | | * | Import from py3compat directly in test_clientMartin Packman2017-05-251-1/+1
| | | | |
| | * | | Allow any buffer type to written to BufferedFileMartin Packman2017-05-252-12/+52
| | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #967 Also adds test coverage for writing various types to BufferedFile which required some small changes to the test LoopbackFile subclass. Change against the 1.17 branch.
| | * | Add new skipUnlessBuiltin function for testingMartin Packman2017-05-251-0/+36
| | | |
| | * | Add vi temporary files to .gitignoreMartin Packman2017-05-251-0/+1
| | | |
| * | | Merge branch '1.17' into 1.18Jeff Forcier2017-06-094-4/+8
| |\ \ \ | | | |/ | | |/|
| | * | Changelog re #956Jeff Forcier2017-06-091-0/+3
| | | |
| | * | Replace coveralls with codecov, comments disabledNikolai R Kristiansen2017-06-093-4/+5
| | | |
| * | | Merge branch '1.17' into 1.18Jeff Forcier2017-06-095-92/+12
| |\ \ \ | | |/ /
| | * | update changelog with fix for #949Pierce Lopez2017-06-061-0/+4
| | | |
| | * | re-enable client cleanup test for python3Pierce Lopez2017-06-061-13/+8
| | | |
| | * | remove back-reference from Transport to SSHClientPierce Lopez2017-06-062-6/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | It was only recently added, and it's not really needed after the ResourceManager removal. Removing it allows the SSHClient to be garbage-collected if only the Transport (and Channels) are still in use.
| | * | remove ResourceManager to fix leak of Transport/SSHClientKyle Agronick2017-06-062-73/+0
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The back-reference from Transport to SSHClient was added because the SSHClient had a destructor that would close the Transport, and some users did not want the Transport closed when the SSHClient was garbage collected. The SSHClient destructor was not a normal destructor, it was implemented with the ResourceManager singleton. Together with the back-reference, this prevented the GC cycle detector from freeing the SSHClient and Transport.
| | * This doesn't affect 2.x lines, wupsJeff Forcier2017-02-201-1/+1
| | |
* | | SFTPClient: remove unreachable return in getfo()Pierce Lopez2017-02-231-2/+0
| | | | | | | | | | | | was an un-declared variable too
* | | cleanup unused and star importsPierce Lopez2017-02-235-6/+3
| | | | | | | | | | | | found and checked with pyflakes for python2.7 and python3.5
* | | can depend on collections.MutableMapping being availablePierce Lopez2017-02-231-6/+1
| | | | | | | | | | | | since python 2.6
* | | all supported versions of python2 have cStringIOPierce Lopez2017-02-231-9/+2
| | |
* | | transport: remove compat for old python lacking sock.settimeout()Pierce Lopez2017-02-231-8/+3
|/ /
* | update changelog for fixing #683Pierce Lopez2017-02-231-0/+2
| |
* | log_to_file() should append instead of replacePierce Lopez2017-02-231-1/+1
| |
* | This doesn't affect 2.x lines, wupsJeff Forcier2017-02-201-1/+1
| |
* | Merge branch '1.17' into 1.18Jeff Forcier2017-02-201-1/+1
|\ \ | |/
| * Main release module configures the tasks to hide stdout, undo thatJeff Forcier2017-02-201-1/+1
| |
* | Cut 1.18.21.18.2Jeff Forcier2017-02-202-1/+2
| |
* | Merge branch '1.17' into 1.18Jeff Forcier2017-02-201-0/+1
|\ \ | |/
| * Cut 1.17.41.17.4Jeff Forcier2017-02-202-1/+2
| |
* | Merge branch '1.17' into 1.18Jeff Forcier2017-02-203-3/+24
|\ \ | |/
| * Changelog closes #853Jeff Forcier2017-02-201-0/+3
| |
View Lorry Controller Status