| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-08-28 | Implement ECDSA certs. | Jeff Forcier | |
| So mad at that frickin typo'd specification... | |||
| 2017-08-28 | Tweak exceptions to at least have better strings, if not new classes yet | Jeff Forcier | |
| 2017-08-28 | Implement DSS certs | Jeff Forcier | |
| 2017-08-28 | Update recent tests to try all main key families. | Jeff Forcier | |
| Includes some dummy certificates. Not sure exactly how @radssh generated the RSA one but I'm using ssh-keygen + a randomly made CA key. | |||
| 2017-08-28 | Factor out type checking & cert loading into PKey | Jeff Forcier | |
| 2017-08-28 | God damn it, really? Whatever. | Jeff Forcier | |
| 2017-08-28 | Update first few stub tests + required test-server and PublicBlob impl bits | Jeff Forcier | |
| 2017-08-28 | Update changelog re: recent changes re: #1042 | Jeff Forcier | |
| 2017-08-28 | Overhaul PublicBlob and use it better within RSAKey. | Jeff Forcier | |
| This allows server-side Paramiko code to correctly create cert-bearing RSAKey objects and thus verify client signatures, and now the test suite passes again, barring the stub tests. Re #1042 | |||
| 2017-08-28 | Stub tests and partly-working implementation of 'load certs found alongside ↵ | Jeff Forcier | |
| key_filenames' behavior re #1042 This actually breaks existing tests due to test server not supporting certs...bah | |||
| 2017-08-28 | 2nd amendment doesn't grant the right to bare excepts | Jeff Forcier | |
| 2017-08-28 | Docstring/TODO tweaks | Jeff Forcier | |
| 2017-08-28 | Refactor and clean up recently tweaked key loading bits in SSHClient | Jeff Forcier | |
| 2017-08-28 | Changelog and docs re #1042 | Jeff Forcier | |
| 2017-08-28 | flake8 | Jeff Forcier | |
| 2017-08-23 | Merge branch 'master' into 1042-int | Jeff Forcier | |
| 2017-08-23 | Changelog re #1041 | Jeff Forcier | |
| 2017-08-23 | Pull in count-errors from invocations | Jeff Forcier | |
| 2017-08-22 | string slice instead of rstrip, thanks ploxiln | Paul Kapp | |
| 2017-08-22 | Add certificate filenames to look_for_keys | Paul Kapp | |
| 2017-08-22 | amendment | Paul Kapp | |
| Forgot about AgentKey, and put ECDSA line in wrong __init__. That’s what I get for only screening with test_pkey… | |||
| 2017-08-22 | Generic certificate support | Paul Kapp | |
| Roll agnostic certificate support into PKey, and tweak publickey authentication to use it only if set. Requires explicit call to PKey.load_certificate() in order to alter the authentication behavior. | |||
| 2017-08-18 | Common up break out of Transport.run() loop | Paul Kapp | |
| Can’t seem to reason out any advantage of clearing self.active and calling self.packetizer.close() in these situations instead of simply breaking out of loop and allowing the additional conditional cleanups to be done. Currently looking into tackling some needed cleanup in auth_handler, and not having the auth_handler.abort() called on server disconnect feels like a bug - who knows? | |||
| 2017-08-08 | Adding changelog for slow compression improvement | DrNeutron | |
| 2017-08-08 | Update compress.py | DrNeutron | |
| The previous setting of the compression level to 9 is a poor trade off in CPU and time used for compression vs the size gain over the default level of compression in zlib which is 6. | |||
| 2017-08-04 | Transport gssapi-keyex: set the gss_kex_used flag late | Anselm Kruis | |
| Set the flag gss_kex_used only after a gssapi-keyex has been successfully completed. This change prevents a wrong value in case of exceptions during the gssapi-keyex handshake. | |||
| 2017-08-04 | Merge branch '2.1-gsskex-hostkeycheck-fix' into 2.2-gsskex-hostkeycheck-fix | Anselm Kruis | |
| 2017-08-04 | AuthHandler: handle local "gssapi-with-mic" errors in client mode | Anselm Kruis | |
| Paramiko now tries other authentication methods, if "gssapi-with-mic" authentication may fails for a local reason (i.e. no kerberos ticket). Befor this change, any exception from the GSSAPI/SSPI caused the transport to be closed. | |||
| 2017-08-04 | AuthHandler: fix the server-mode "gssapi-with-mic" logic | Anselm Kruis | |
| A paramiko server is now able to handle a restart of the user authentication during the GSS-API token exchange. This may occur, if the client detects a local GSSAPI problem (e.g. a missing kerberos ticket) and continues with another authentication method. The added test case test_2_auth_trickledown still fails, because the paramiko client contains a bug too. | |||
| 2017-08-04 | Added paramiko.GSS_EXCEPTIONS: exception types used by GSSAPI | Anselm Kruis | |
| This new constant is a tuple of the exception types used by the underlying GSSAPI/SSPI implementation. | |||
| 2017-08-04 | Merge branch '2.0-gsskex-hostkeycheck-fix' into 2.1-gsskex-hostkeycheck-fix | Anselm Kruis | |
| 2017-08-04 | SSHClient: fix the host key test | Anselm Kruis | |
| Skip the host key check only, if the transport actually used gssapi-keyex. Add tests for the missing-host-key RejectPolicy. Before this change, a man-in-the-middle attack on the paramiko ssh client with gss_kex=True was possible by having a server that does not support gssapi-keyex and gives any or no host key. | |||
| 2017-08-03 | Transport: fix the preferred KEX algorithms for gssapi-keyex | Anselm Kruis | |
| Add additional KEX algorithms for gssapi-keyex in front of the default preferred KEX algorithms, if gssapi-keyex is enabled. Before this change, Transport used a hard coded (and out-dated) list of algorithms, if gssapi-keyex was enabled. | |||
| 2017-07-28 | Trigger Travis | Michal Kuffa | |
| 2017-07-28 | Move assertions outside of the open context manager | Michal Kuffa | |
| 2017-07-28 | Add file_obj handling to the Ed25519Key constructor | Michal Kuffa | |
| 2017-07-13 | Merge branch '2.2' | Jeff Forcier | |
| 2017-07-13 | Changelog re #1012, re #1016 | Jeff Forcier | |
| 2017-07-13 | Merge branch '2.2' | Jeff Forcier | |
| 2017-07-13 | Enhance SFTP client & server docs re: posix_rename and its relation to rename | Jeff Forcier | |
| Fixes #1016, re #1012 | |||
| 2017-07-06 | server: Support pre-authentication banners | Dennis Kaarsemaker | |
| The ssh protocol allows for the server to send a pre-authentication banner. It may be sent any time between the start of authentication and successful authentication. This commit allow ServerInterface subclasses to define messages which we'll send right right at the start of authentication before we send the supported authentication methods. | |||
| 2017-06-25 | Merge branch 'master' into one-shot-methods | Paul Kehrer | |
| 2017-06-15 | Merge branch '2.0' into 2.1 | Jeff Forcier | |
| 2017-06-15 | Merge branch '2.2' | Jeff Forcier | |
| 2017-06-15 | Merge branch '2.1' into 2.2 | Jeff Forcier | |
| 2017-06-15 | Merge pull request #997 from ploxiln/travis_pypy_update | Jeff Forcier | |
| travis-ci: update pypy test run | |||
| 2017-06-14 | travis-ci: update pypy test run to use pypy-5.6.0 | Pierce Lopez | |
| 2017-06-13 | Merge branch '2.2' | Jeff Forcier | |
| 2017-06-13 | Cut 2.2.1 | Jeff Forcier | |
| 2017-06-13 | Merge branch '2.2' | Jeff Forcier | |
 |
index : paramiko | |
| Pure-Python implementation of the SSHv2 protocol |
| summaryrefslogtreecommitdiffhomepage |