summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2017-09-18Merge branch '2.1' into 2.2Jeff Forcier
2017-09-18Merge branch '2.0' into 2.1Jeff Forcier
2017-09-18Merge branch '2.0' of github.com:paramiko/paramiko into 2.0Jeff Forcier
2017-09-18Migrate changelog release entry from 1.18Jeff Forcier
2017-09-18Changelog re #1065Jeff Forcier
2017-09-18Fix rekeying with GSS-API key exchangeSebastian Deiss
When GSS-API key exchange is used a rekey caused a GSS-API MIC failure and closed the transport. This happened because the MIC of the transport session ID (H of the initial kex) was checked against the MIC of the new H created during rekey.
2017-09-12Merge branch '2.0' into 2.1Jeff Forcier
2017-09-12Merge branch '2.1' into 2.2Jeff Forcier
2017-09-12Changelog re #1061Jeff Forcier
2017-09-12Merge branch '2.0' into 1061-intJeff Forcier
2017-09-12demo_simple: gss_auth and gss_kex are independent of each other.Anselm Kruis
2017-09-12Changelog re #1060Jeff Forcier
2017-09-12Merge branch '2.0' into 1060-intJeff Forcier
2017-09-12Merge branch '2.1' into 2.2Jeff Forcier
2017-09-12Master changelog entry re: #1056 #1057 #1058 #1059Jeff Forcier
2017-09-12Merge branch '2.0' into 2.1Jeff Forcier
2017-09-12Master changelog entry re: #1056 #1057 #1058 #1059Jeff Forcier
2017-09-12Pep8 and Sphinx fixes.Anselm Kruis
2017-08-04Transport gssapi-keyex: set the gss_kex_used flag lateAnselm Kruis
Set the flag gss_kex_used only after a gssapi-keyex has been successfully completed. This change prevents a wrong value in case of exceptions during the gssapi-keyex handshake.
2017-08-04Merge branch '2.1-gsskex-hostkeycheck-fix' into 2.2-gsskex-hostkeycheck-fixAnselm Kruis
2017-08-04AuthHandler: handle local "gssapi-with-mic" errors in client modeAnselm Kruis
Paramiko now tries other authentication methods, if "gssapi-with-mic" authentication may fails for a local reason (i.e. no kerberos ticket). Befor this change, any exception from the GSSAPI/SSPI caused the transport to be closed.
2017-08-04AuthHandler: fix the server-mode "gssapi-with-mic" logicAnselm Kruis
A paramiko server is now able to handle a restart of the user authentication during the GSS-API token exchange. This may occur, if the client detects a local GSSAPI problem (e.g. a missing kerberos ticket) and continues with another authentication method. The added test case test_2_auth_trickledown still fails, because the paramiko client contains a bug too.
2017-08-04Added paramiko.GSS_EXCEPTIONS: exception types used by GSSAPIAnselm Kruis
This new constant is a tuple of the exception types used by the underlying GSSAPI/SSPI implementation.
2017-08-04Merge branch '2.0-gsskex-hostkeycheck-fix' into 2.1-gsskex-hostkeycheck-fixAnselm Kruis
2017-08-04SSHClient: fix the host key testAnselm Kruis
Skip the host key check only, if the transport actually used gssapi-keyex. Add tests for the missing-host-key RejectPolicy. Before this change, a man-in-the-middle attack on the paramiko ssh client with gss_kex=True was possible by having a server that does not support gssapi-keyex and gives any or no host key.
2017-08-03Transport: fix the preferred KEX algorithms for gssapi-keyexAnselm Kruis
Add additional KEX algorithms for gssapi-keyex in front of the default preferred KEX algorithms, if gssapi-keyex is enabled. Before this change, Transport used a hard coded (and out-dated) list of algorithms, if gssapi-keyex was enabled.
2017-07-13Changelog re #1012, re #1016Jeff Forcier
2017-07-13Enhance SFTP client & server docs re: posix_rename and its relation to renameJeff Forcier
Fixes #1016, re #1012
2017-06-15Merge branch '2.0' into 2.1Jeff Forcier
2017-06-15Merge branch '2.1' into 2.2Jeff Forcier
2017-06-15Merge pull request #997 from ploxiln/travis_pypy_updateJeff Forcier
travis-ci: update pypy test run
2017-06-14travis-ci: update pypy test run to use pypy-5.6.0Pierce Lopez
2017-06-13Cut 2.2.1Jeff Forcier
2017-06-13WhitespaceJeff Forcier
2017-06-13Changelog language tweaksJeff Forcier
2017-06-13changelog: update for #990 and #993Pierce Lopez
2017-06-13implement __hash__() method for Ed25519KeyPierce Lopez
makes Ed25519Key objs comparable, needed for host keys
2017-06-13need bcrypt >= 3.1.3 for kdf() ignore_few_rounds kwargPierce Lopez
2017-06-12Merge branch '2.1' into 2.2Jeff Forcier
2017-06-12Merge branch '2.0' into 2.1Jeff Forcier
2017-06-12Add Python 3.6 to classifiersFelix Yan
2017-06-09Cut 2.2.0Jeff Forcier
2017-06-09Merge branch '2.1'Jeff Forcier
2017-06-09Cut 2.1.3Jeff Forcier
2017-06-09Merge branch '2.0' into 2.1Jeff Forcier
2017-06-09Cut 2.0.6Jeff Forcier
2017-06-09Copy 1.x releases to 2.x changelogJeff Forcier
2017-06-09Merge branch '2.1'Jeff Forcier
2017-06-09Clarification language re #865 changelogJeff Forcier
2017-06-09Merge branch '2.1'Jeff Forcier
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-01 08:05:14 +0000