diff options
| author | Jeff Forcier <jeff@bitprophet.org> | 2023-05-18 14:08:42 -0400 |
|---|---|---|
| committer | Jeff Forcier <jeff@bitprophet.org> | 2023-05-18 14:09:20 -0400 |
| commit | 3ee4fb700176f2cd5759b55141ebd1f8dbca164b (patch) | |
| tree | 417406c7ed451940096efbb577a7f15e282ff12b | |
| parent | 6e5aea5fb1cb56b32541e3cb24b27dc8fdfb0598 (diff) | |
Changelog entry for signature algorithm fallback change re #2012, re #1961
| -rw-r--r-- | sites/www/changelog.rst | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 5f085131..bdd2d426 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,18 @@ Changelog ========= +- :bug:`2012 major` (also :issue:`1961` and countless others) The + ``server-sig-algs`` and ``RSA-SHA2`` features added around Paramiko 2.9 or + so, had the annoying side effect of not working with servers that dont' + support *either* of those feature sets, requiring use of + ``disabled_algorithms`` to forcibly disable the SHA2 algorithms on Paramiko's + end. + + The **experimental** `~paramiko.transport.ServiceRequestingTransport` (noted + in its own entry in this changelog) includes a fix for this issue, + specifically by falling back to the same algorithm as the in-use pubkey if + it's in the algorithm list (leaving the "first algorithm in said list" as an + absolute final fallback). - :feature:`-` Implement ``_fields()`` on `~paramiko.agent.AgentKey` so that it may be compared (via ``==``) with other `~paramiko.pkey.PKey` instances. - :bug:`23 major` Since its inception, Paramiko has (for reasons lost to time) |