summaryrefslogtreecommitdiffhomepage
path: root/sites
diff options
context:
space:
mode:
Diffstat (limited to 'sites')
-rw-r--r--sites/docs/api/agent.rst2
-rw-r--r--sites/docs/api/kex_gss.rst5
-rw-r--r--sites/docs/api/ssh_gss.rst14
-rw-r--r--sites/docs/index.rst2
-rw-r--r--sites/www/changelog.rst111
-rw-r--r--sites/www/conf.py3
-rw-r--r--sites/www/contact.rst1
-rw-r--r--sites/www/contributing.rst16
-rw-r--r--sites/www/faq.rst17
-rw-r--r--sites/www/index.rst8
-rw-r--r--sites/www/installing.rst37
11 files changed, 197 insertions, 19 deletions
diff --git a/sites/docs/api/agent.rst b/sites/docs/api/agent.rst
index 3b614a82..f01ad972 100644
--- a/sites/docs/api/agent.rst
+++ b/sites/docs/api/agent.rst
@@ -1,4 +1,4 @@
-SSH Agents
+SSH agents
==========
.. automodule:: paramiko.agent
diff --git a/sites/docs/api/kex_gss.rst b/sites/docs/api/kex_gss.rst
new file mode 100644
index 00000000..9fd09221
--- /dev/null
+++ b/sites/docs/api/kex_gss.rst
@@ -0,0 +1,5 @@
+GSS-API key exchange
+====================
+
+.. automodule:: paramiko.kex_gss
+ :member-order: bysource
diff --git a/sites/docs/api/ssh_gss.rst b/sites/docs/api/ssh_gss.rst
new file mode 100644
index 00000000..7a687e11
--- /dev/null
+++ b/sites/docs/api/ssh_gss.rst
@@ -0,0 +1,14 @@
+GSS-API authentication
+======================
+
+.. automodule:: paramiko.ssh_gss
+ :member-order: bysource
+
+.. autoclass:: _SSH_GSSAuth
+ :member-order: bysource
+
+.. autoclass:: _SSH_GSSAPI
+ :member-order: bysource
+
+.. autoclass:: _SSH_SSPI
+ :member-order: bysource
diff --git a/sites/docs/index.rst b/sites/docs/index.rst
index f336b393..87265d95 100644
--- a/sites/docs/index.rst
+++ b/sites/docs/index.rst
@@ -50,6 +50,8 @@ Authentication & keys
api/agent
api/hostkeys
api/keys
+ api/ssh_gss
+ api/kex_gss
Other primary functions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst
index be493f02..6c772355 100644
--- a/sites/www/changelog.rst
+++ b/sites/www/changelog.rst
@@ -8,6 +8,9 @@ Changelog
* :bug:`499` Strip trailing/leading whitespace from lines when parsing SSH
config files - this brings things in line with OpenSSH behavior. Thanks to
Alfredo Esteban for the original report and Nick Pillitteri for the patch.
+* :bug:`652` Fix behavior of ``gssapi-with-mic`` auth requests so they fail
+ gracefully (allowing followup via other auth methods) instead of raising an
+ exception. Patch courtesy of ``@jamercee``.
* :support:`636` Clean up and enhance the README (and rename it to
``README.rst`` from just ``README``). Thanks to ``@LucasRMehl``.
* :bug:`401` Fix line number reporting in log output regarding invalid
@@ -16,6 +19,7 @@ Changelog
* :support:`525 backported` Update the vendored Windows API addon to a more
recent edition. Also fixes :issue:`193`, :issue:`488`, :issue:`498`. Thanks
to Jason Coombs.
+* :release:`1.15.4 <2015-11-02>`
* :release:`1.14.3 <2015-11-02>`
* :release:`1.13.4 <2015-11-02>`
* :bug:`366` Fix `~paramiko.sftp_attributes.SFTPAttributes` so its string
@@ -29,6 +33,39 @@ Changelog
* :bug:`565` Don't explode with ``IndexError`` when reading private key files
lacking an ``-----END <type> PRIVATE KEY-----`` footer. Patch courtesy of
Prasanna Santhanam.
+* :release:`1.15.3 <2015-10-02>`
+* :support:`554 backported` Fix inaccuracies in the docstring for the ECDSA key
+ class. Thanks to Jared Hance for the patch.
+* :support:`516 backported` Document `~paramiko.agent.AgentRequestHandler`.
+ Thanks to ``@toejough`` for report & suggestions.
+* :bug:`496` Fix a handful of small but critical bugs in Paramiko's GSSAPI
+ support (note: this includes switching from PyCrypo's Random to
+ `os.urandom`). Thanks to Anselm Kruis for catch & patch.
+* :bug:`491` (combines :issue:`62` and :issue:`439`) Implement timeout
+ functionality to address hangs from dropped network connections and/or failed
+ handshakes. Credit to ``@vazir`` and ``@dacut`` for the original patches and
+ to Olle Lundberg for reimplementation.
+* :bug:`490` Skip invalid/unparseable lines in ``known_hosts`` files, instead
+ of raising `~paramiko.ssh_exception.SSHException`. This brings Paramiko's
+ behavior more in line with OpenSSH, which silently ignores such input. Catch
+ & patch courtesy of Martin Topholm.
+* :bug:`404` Print details when displaying
+ `~paramiko.ssh_exception.BadHostKeyException` objects (expected vs received
+ data) instead of just "hey shit broke". Patch credit: Loic Dachary.
+* :bug:`469` (also :issue:`488`, :issue:`461` and like a dozen others) Fix a
+ typo introduced in the 1.15 release which broke WinPageant support. Thanks to
+ everyone who submitted patches, and to Steve Cohen who was the lucky winner
+ of the cherry-pick lottery.
+* :bug:`353` (via :issue:`482`) Fix a bug introduced in the Python 3 port
+ which caused ``OverFlowError`` (and other symptoms) in SFTP functionality.
+ Thanks to ``@dboreham`` for leading the troubleshooting charge, and to
+ Scott Maxwell for the final patch.
+* :bug:`402` Check to see if an SSH agent is actually present before trying to
+ forward it to the remote end. This replaces what was usually a useless
+ ``TypeError`` with a human-readable
+ `~paramiko.ssh_exception.AuthenticationException`. Credit to Ken Jordan for
+ the fix and Yvan Marques for original report.
+* :release:`1.15.2 <2014-12-19>`
* :release:`1.14.2 <2014-12-19>`
* :release:`1.13.3 <2014-12-19>`
* :bug:`413` (also :issue:`414`, :issue:`420`, :issue:`454`) Be significantly
@@ -36,12 +73,26 @@ Changelog
unnecessary (often 100%!) CPU usage. Major thanks to Jason Dunsmore for
report & initial patchset and to Chris Adams & John Morrissey for followup
improvements.
+* :bug:`455` Tweak packet size handling to conform better to the OpenSSH RFCs;
+ this helps address issues with interactive program cursors. Courtesy of Jeff
+ Quast.
* :bug:`428` Fix an issue in `~paramiko.file.BufferedFile` (primarily used in
the SFTP modules) concerning incorrect behavior by
`~paramiko.file.BufferedFile.readlines` on files whose size exceeds the
buffer size. Thanks to ``@achapp`` for catch & patch.
+* :bug:`415` Fix ``ssh_config`` parsing to correctly interpret ``ProxyCommand
+ none`` as the lack of a proxy command, instead of as a literal command string
+ of ``"none"``. Thanks to Richard Spiers for the catch & Sean Johnson for the
+ fix.
+* :support:`431 backported` Replace handrolled ``ssh_config`` parsing code with
+ use of the ``shlex`` module. Thanks to Yan Kalchevskiy.
* :support:`422 backported` Clean up some unused imports. Courtesy of Olle
Lundberg.
+* :support:`421 backported` Modernize threading calls to user newer API. Thanks
+ to Olle Lundberg.
+* :support:`419 backported` Modernize a bunch of the codebase internals to
+ leverage decorators. Props to ``@beckjake`` for realizing we're no longer on
+ Python 2.2 :D
* :bug:`266` Change numbering of `~paramiko.transport.Transport` channels to
start at 0 instead of 1 for better compatibility with OpenSSH & certain
server implementations which break on 1-indexed channels. Thanks to
@@ -55,6 +106,64 @@ Changelog
for the catch.
* :bug:`320` Update our win_pageant module to be Python 3 compatible. Thanks to
``@sherbang`` and ``@adamkerz`` for the patches.
+* :release:`1.15.1 <2014-09-22>`
+* :bug:`399` SSH agent forwarding (potentially other functionality as
+ well) would hang due to incorrect values passed into the new window size
+ arguments for `.Transport` (thanks to a botched merge). This has been
+ corrected. Thanks to Dylan Thacker-Smith for the report & patch.
+* :feature:`167` Add `.SSHConfig.get_hostnames` for easier introspection of a
+ loaded SSH config file or object. Courtesy of Søren Løvborg.
+* :release:`1.15.0 <2014-09-18>`
+* :support:`393` Replace internal use of PyCrypto's ``SHA.new`` with the
+ stdlib's ``hashlib.sha1``. Thanks to Alex Gaynor.
+* :feature:`267` (also :issue:`250`, :issue:`241`, :issue:`228`) Add GSS-API /
+ SSPI (e.g. Kerberos) key exchange and authentication support
+ (:ref:`installation docs here <gssapi>`). Mega thanks to Sebastian Deiß, with
+ assist by Torsten Landschoff.
+
+ .. note::
+ Unix users should be aware that the ``python-gssapi`` library (a
+ requirement for using this functionality) only appears to support
+ Python 2.7 and up at this time.
+
+* :bug:`346 major` Fix an issue in private key files' encryption salts that
+ could cause tracebacks and file corruption if keys were re-encrypted. Credit
+ to Xavier Nunn.
+* :feature:`362` Allow users to control the SSH banner timeout. Thanks to Cory
+ Benfield.
+* :feature:`372` Update default window & packet sizes to more closely adhere to
+ the pertinent RFC; also expose these settings in the public API so they may
+ be overridden by client code. This should address some general speed issues
+ such as :issue:`175`. Big thanks to Olle Lundberg for the update.
+* :bug:`373 major` Attempt to fix a handful of issues (such as :issue:`354`)
+ related to infinite loops and threading deadlocks. Thanks to Olle Lundberg as
+ well as a handful of community members who provided advice & feedback via
+ IRC.
+* :support:`374` (also :issue:`375`) Old code cleanup courtesy of Olle
+ Lundberg.
+* :support:`377` Factor `~paramiko.channel.Channel` openness sanity check into
+ a decorator. Thanks to Olle Lundberg for original patch.
+* :bug:`298 major` Don't perform point validation on ECDSA keys in
+ ``known_hosts`` files, since a) this can cause significant slowdown when such
+ keys exist, and b) ``known_hosts`` files are implicitly trustworthy. Thanks
+ to Kieran Spear for catch & patch.
+
+ .. note::
+ This change bumps up the version requirement for the ``ecdsa`` library to
+ ``0.11``.
+
+* :bug:`234 major` Lower logging levels for a few overly-noisy log messages
+ about secure channels. Thanks to David Pursehouse for noticing & contributing
+ the fix.
+* :feature:`218` Add support for ECDSA private keys on the client side. Thanks
+ to ``@aszlig`` for the patch.
+* :bug:`335 major` Fix ECDSA key generation (generation of brand new ECDSA keys
+ was broken previously). Thanks to ``@solarw`` for catch & patch.
+* :feature:`184` Support quoted values in SSH config file parsing. Credit to
+ Yan Kalchevskiy.
+* :feature:`131` Add a `~paramiko.sftp_client.SFTPClient.listdir_iter` method
+ to `~paramiko.sftp_client.SFTPClient` allowing for more efficient,
+ async/generator based file listings. Thanks to John Begeman.
* :support:`378 backported` Minor code cleanup in the SSH config module
courtesy of Olle Lundberg.
* :support:`249 backported` Consolidate version information into one spot.
@@ -86,6 +195,8 @@ Changelog
Thanks to ``@basictheprogram`` for the initial report, Jelmer Vernooij for
the fix and Andrew Starr-Bochicchio & Jeremy T. Bouse (among others) for
discussion & feedback.
+* :support:`371` Add Travis support & docs update for Python 3.4. Thanks to
+ Olle Lundberg.
* :release:`1.14.0 <2014-05-07>`
* :release:`1.13.1 <2014-05-07>`
* :release:`1.12.4 <2014-05-07>`
diff --git a/sites/www/conf.py b/sites/www/conf.py
index bdb5929a..0b0fb85c 100644
--- a/sites/www/conf.py
+++ b/sites/www/conf.py
@@ -12,13 +12,10 @@ extensions.append('releases')
releases_release_uri = "https://github.com/paramiko/paramiko/tree/v%s"
releases_issue_uri = "https://github.com/paramiko/paramiko/issues/%s"
-# Intersphinx for referencing API/usage docs
-extensions.append('sphinx.ext.intersphinx')
# Default is 'local' building, but reference the public docs site when building
# under RTD.
target = join(dirname(__file__), '..', 'docs', '_build')
if os.environ.get('READTHEDOCS') == 'True':
- # TODO: switch to docs.paramiko.org post go-live of sphinx API docs
target = 'http://docs.paramiko.org/en/latest/'
intersphinx_mapping['docs'] = (target, None)
diff --git a/sites/www/contact.rst b/sites/www/contact.rst
index 2b6583f5..7e6c947e 100644
--- a/sites/www/contact.rst
+++ b/sites/www/contact.rst
@@ -9,3 +9,4 @@ following ways:
* Mailing list: ``paramiko@librelist.com`` (see `the LibreList homepage
<http://librelist.com>`_ for usage details).
* This website - a blog section is forthcoming.
+* Submit contributions on Github - see the :doc:`contributing` page.
diff --git a/sites/www/contributing.rst b/sites/www/contributing.rst
index 634c2b26..a44414e8 100644
--- a/sites/www/contributing.rst
+++ b/sites/www/contributing.rst
@@ -5,18 +5,22 @@ Contributing
How to get the code
===================
-Our primary Git repository is on Github at `paramiko/paramiko
-<https://github.com/paramiko/paramiko>`_; please follow their instructions for
-cloning to your local system. (If you intend to submit patches/pull requests,
-we recommend forking first, then cloning your fork. Github has excellent
-documentation for all this.)
+Our primary Git repository is on Github at `paramiko/paramiko`_;
+please follow their instructions for cloning to your local system. (If you
+intend to submit patches/pull requests, we recommend forking first, then
+cloning your fork. Github has excellent documentation for all this.)
How to submit bug reports or new code
=====================================
Please see `this project-agnostic contribution guide
-<http://contribution-guide.org>`_ - we follow it explicitly.
+<http://contribution-guide.org>`_ - we follow it explicitly. Again, our code
+repository and bug tracker is `on Github`_.
Our current changelog is located in ``sites/www/changelog.rst`` - the top
level files like ``ChangeLog.*`` and ``NEWS`` are historical only.
+
+
+.. _paramiko/paramiko:
+.. _on Github: https://github.com/paramiko/paramiko
diff --git a/sites/www/faq.rst b/sites/www/faq.rst
index a7e80014..a5d9b383 100644
--- a/sites/www/faq.rst
+++ b/sites/www/faq.rst
@@ -7,3 +7,20 @@ Which version should I use? I see multiple active releases.
Please see :ref:`the installation docs <release-lines>` which have an explicit
section about this topic.
+
+Paramiko doesn't work with my Cisco, Windows or other non-Unix system!
+======================================================================
+
+In an ideal world, the developers would love to support every possible target
+system. Unfortunately, volunteer development time and access to non-mainstream
+platforms are limited, meaning that we can only fully support standard OpenSSH
+implementations such as those found on the average Linux distribution (as well
+as on Mac OS X and \*BSD.)
+
+Because of this, **we typically close bug reports for nonstandard SSH
+implementations or host systems**.
+
+However, **closed does not imply locked** - affected users can still post
+comments on such tickets - and **we will always consider actual patch
+submissions for these issues**, provided they can get +1s from similarly
+affected users and are proven to not break existing functionality.
diff --git a/sites/www/index.rst b/sites/www/index.rst
index 1b609709..8e7562af 100644
--- a/sites/www/index.rst
+++ b/sites/www/index.rst
@@ -26,11 +26,7 @@ Please see the sidebar to the left to begin.
.. rubric:: Footnotes
.. [#]
- SSH is defined in RFCs
- `4251 <http://www.rfc-editor.org/rfc/rfc4251.txt>`_,
- `4252 <http://www.rfc-editor.org/rfc/rfc4252.txt>`_,
- `4253 <http://www.rfc-editor.org/rfc/rfc4253.txt>`_, and
- `4254 <http://www.rfc-editor.org/rfc/rfc4254.txt>`_;
- the primary working implementation of the protocol is the `OpenSSH project
+ SSH is defined in :rfc:`4251`, :rfc:`4252`, :rfc:`4253` and :rfc:`4254`. The
+ primary working implementation of the protocol is the `OpenSSH project
<http://openssh.org>`_. Paramiko implements a large portion of the SSH
feature set, but there are occasional gaps.
diff --git a/sites/www/installing.rst b/sites/www/installing.rst
index a28ce6cd..a657c3fc 100644
--- a/sites/www/installing.rst
+++ b/sites/www/installing.rst
@@ -16,15 +16,18 @@ via `pip <http://pip-installer.org>`_::
Users who want the bleeding edge can install the development version via
``pip install paramiko==dev``.
-We currently support **Python 2.6, 2.7 and 3.3** (Python **3.2** should also
+We currently support **Python 2.6, 2.7 and 3.3+** (Python **3.2** should also
work but has a less-strong compatibility guarantee from us.) Users on Python
2.5 or older are urged to upgrade.
-Paramiko has two dependencies: the pure-Python ECDSA module ``ecdsa``, and the
+Paramiko has two hard dependencies: the pure-Python ECDSA module ``ecdsa``, and the
PyCrypto C extension. ``ecdsa`` is easily installable from wherever you
obtained Paramiko's package; PyCrypto may require more work. Read on for
details.
+If you need GSS-API / SSPI support, see :ref:`the below subsection on it
+<gssapi>` for details on additional dependencies.
+
.. _release-lines:
Release lines
@@ -32,7 +35,7 @@ Release lines
Users desiring stability may wish to pin themselves to a specific release line
once they first start using Paramiko; to assist in this, we guarantee bugfixes
-for at least the last 2-3 releases including the latest stable one. This currently means Paramiko **1.11** through **1.13**.
+for the last 2-3 releases including the latest stable one.
If you're unsure which version to install, we have suggestions:
@@ -99,3 +102,31 @@ installation of Paramiko via ``pypm``::
Installing paramiko-1.7.8
Installing pycrypto-2.4
C:\>
+
+
+.. _gssapi:
+
+Optional dependencies for GSS-API / SSPI / Kerberos
+===================================================
+
+In order to use GSS-API/Kerberos & related functionality, a couple of
+additional dependencies are required (these are not listed in our ``setup.py``
+due to their infrequent utility & non-platform-agnostic requirements):
+
+* It hopefully goes without saying but **all platforms** need **a working
+ installation of GSS-API itself**, e.g. Heimdal.
+* **All platforms** need `pyasn1 <https://pypi.python.org/pypi/pyasn1>`_
+ ``0.1.7`` or better.
+* **Unix** needs `python-gssapi <https://pypi.python.org/pypi/python-gssapi/>`_
+ ``0.6.1`` or better.
+
+ .. note:: This library appears to only function on Python 2.7 and up.
+
+* **Windows** needs `pywin32 <https://pypi.python.org/pypi/pywin32>`_ ``2.1.8``
+ or better.
+
+.. note::
+ If you use Microsoft SSPI for kerberos authentication and credential
+ delegation, make sure that the target host is trusted for delegation in the
+ active directory configuration. For details see:
+ http://technet.microsoft.com/en-us/library/cc738491%28v=ws.10%29.aspx