From 8f2d8c044463ef0620f91d4eafa118e4d6960b1c Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 17 Dec 2014 13:47:18 -0800 Subject: Changelog re #459 --- sites/www/changelog.rst | 3 +++ 1 file changed, 3 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 3f05caf7..3738874d 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,9 @@ Changelog ========= +* :bug:`459` Tighten up agent connection closure behavior to avoid spurious + ``ResourceWarning`` display in some situations. Thanks to ``@tkrapp`` for the + catch. * :bug:`429` Server-level debug message logging was overlooked during the Python 3 compatibility update; Python 3 clients attempting to log SSH debug packets encountered type errors. This is now fixed. Thanks to ``@mjmaenpaa`` -- cgit v1.2.3 From 522c480127cf9bbc119c039921cbbb63faf31fc1 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 17 Dec 2014 14:19:23 -0800 Subject: Changelog re #266 --- sites/www/changelog.rst | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 3738874d..299115ac 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,10 @@ Changelog ========= +* :bug:`266` Change numbering of `~paramiko.transport.Transport` channels to + start at 0 instead of 1 for better compatibility with OpenSSH & certain + server implementations which break on 1-indexed channels. Thanks to + ``@egroeper`` for catch & patch. * :bug:`459` Tighten up agent connection closure behavior to avoid spurious ``ResourceWarning`` display in some situations. Thanks to ``@tkrapp`` for the catch. -- cgit v1.2.3 From 14b517d3c131fd508e287fee1e09c632b6faa615 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 17 Dec 2014 14:45:02 -0800 Subject: Changelog re #419, closes #419 --- sites/www/changelog.rst | 3 +++ 1 file changed, 3 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 79cf318b..e8f103a9 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,9 @@ Changelog ========= +* :support:`419` Modernize a bunch of the codebase internals to leverage + decorators. Props to ``@beckjake`` for realizing we're no longer on Python + 2.2 :D * :bug:`266` Change numbering of `~paramiko.transport.Transport` channels to start at 0 instead of 1 for better compatibility with OpenSSH & certain server implementations which break on 1-indexed channels. Thanks to -- cgit v1.2.3 From e07dbc9cd7dcf6ebaa9315ad9d4a44eb5ed20e5b Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 17 Dec 2014 14:59:43 -0800 Subject: Changelog re #421, closes #421 --- sites/www/changelog.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index e8f103a9..de432870 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,8 @@ Changelog ========= +* :support:`421` Modernize threading calls to user newer API. Thanks to Olle + Lundberg. * :support:`419` Modernize a bunch of the codebase internals to leverage decorators. Props to ``@beckjake`` for realizing we're no longer on Python 2.2 :D -- cgit v1.2.3 From 25182389e6c16bf5b89540b3d3bd89ba4fb733f8 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 17 Dec 2014 15:04:58 -0800 Subject: Changelog closes #422 --- sites/www/changelog.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 299115ac..b65ecd42 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,7 @@ Changelog ========= +* :support:`422` Clean up some unused imports. Courtesy of Olle Lundberg. * :bug:`266` Change numbering of `~paramiko.transport.Transport` channels to start at 0 instead of 1 for better compatibility with OpenSSH & certain server implementations which break on 1-indexed channels. Thanks to -- cgit v1.2.3 From c0520adbe5905af2befc85064b25f3ba0a39b019 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 17 Dec 2014 15:10:12 -0800 Subject: Changelog closes #413 --- sites/www/changelog.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 1c312ba2..68f5e910 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,8 @@ Changelog ========= +* :support:`413` Replace handrolled ``ssh_config`` parsing code with use of the + ``shlex`` module. Thanks to Yan Kalchevskiy. * :support:`422` Clean up some unused imports. Courtesy of Olle Lundberg. * :support:`421` Modernize threading calls to user newer API. Thanks to Olle Lundberg. -- cgit v1.2.3 From e5b105ca57b21b3142a80f29ee07e2a5e87ac547 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 17 Dec 2014 15:13:31 -0800 Subject: Dyslexia strikes again. Actually close #431, not #413 --- sites/www/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 68f5e910..d35ad788 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,7 +2,7 @@ Changelog ========= -* :support:`413` Replace handrolled ``ssh_config`` parsing code with use of the +* :support:`431` Replace handrolled ``ssh_config`` parsing code with use of the ``shlex`` module. Thanks to Yan Kalchevskiy. * :support:`422` Clean up some unused imports. Courtesy of Olle Lundberg. * :support:`421` Modernize threading calls to user newer API. Thanks to Olle -- cgit v1.2.3 From 0a73a54c745c2102b74f0e40514692448e942fec Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 17 Dec 2014 15:35:09 -0800 Subject: Changelog re #415 --- sites/www/changelog.rst | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index d35ad788..9c2e2a0f 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,10 @@ Changelog ========= +* :bug:`415` Fix ``ssh_config`` parsing to correctly interpret ``ProxyCommand + none`` as the lack of a proxy command, instead of as a literal command string + of ``"none"``. Thanks to Richard Spiers for the catch & Sean Johnson for the + fix. * :support:`431` Replace handrolled ``ssh_config`` parsing code with use of the ``shlex`` module. Thanks to Yan Kalchevskiy. * :support:`422` Clean up some unused imports. Courtesy of Olle Lundberg. -- cgit v1.2.3 From fc59b7db5d995d03cc502be906f6fab8e948228c Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 17 Dec 2014 16:00:58 -0800 Subject: Changelog closes #428 --- sites/www/changelog.rst | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index b65ecd42..99c28fbd 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,10 @@ Changelog ========= +* :bug:`428` Fix an issue in `~paramiko.file.BufferedFile` (primarily used in + the SFTP modules) concerning incorrect behavior by + `~paramiko.file.BufferedFile.readlines` on files whose size exceeds the + buffer size. Thanks to ``@achapp`` for catch & patch. * :support:`422` Clean up some unused imports. Courtesy of Olle Lundberg. * :bug:`266` Change numbering of `~paramiko.transport.Transport` channels to start at 0 instead of 1 for better compatibility with OpenSSH & certain -- cgit v1.2.3 From 681f32583fe052c0516a2fda67e163169676ad11 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 17 Dec 2014 16:07:13 -0800 Subject: Changelog closes #455 --- sites/www/changelog.rst | 3 +++ 1 file changed, 3 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 9603e6d5..4e56ad1f 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,9 @@ Changelog ========= +* :bug:`455` Tweak packet size handling to conform better to the OpenSSH RFCs; + this helps address issues with interactive program cursors. Courtesy of Jeff + Quast. * :bug:`428` Fix an issue in `~paramiko.file.BufferedFile` (primarily used in the SFTP modules) concerning incorrect behavior by `~paramiko.file.BufferedFile.readlines` on files whose size exceeds the -- cgit v1.2.3 From 741b4fbb9322a45282e86958c92b1b6706c07f8c Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Thu, 18 Dec 2014 13:53:24 -0800 Subject: Changelog re #413, closes #454 --- sites/www/changelog.rst | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 99c28fbd..66bbb806 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,11 @@ Changelog ========= +* :bug:`413` (also :issue:`414`, :issue:`420`, :issue:`454`) Be significantly + smarter about polling & timing behavior when running proxy commands, to avoid + unnecessary (often 100%!) CPU usage. Major thanks to Jason Dunsmore for + report & initial patchset and to Chris Adams & John Morrissey for followup + improvements. * :bug:`428` Fix an issue in `~paramiko.file.BufferedFile` (primarily used in the SFTP modules) concerning incorrect behavior by `~paramiko.file.BufferedFile.readlines` on files whose size exceeds the -- cgit v1.2.3 From ec5a86619c5527f119a687ec00e8811657dd1f51 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Thu, 18 Dec 2014 13:57:36 -0800 Subject: Fix busted changelog indent --- sites/www/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 66bbb806..8a705382 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -24,7 +24,7 @@ Changelog packets encountered type errors. This is now fixed. Thanks to ``@mjmaenpaa`` for the catch. * :bug:`320` Update our win_pageant module to be Python 3 compatible. Thanks to -``@sherbang`` and ``@adamkerz`` for the patches. + ``@sherbang`` and ``@adamkerz`` for the patches. * :support:`378 backported` Minor code cleanup in the SSH config module courtesy of Olle Lundberg. * :support:`249` Consolidate version information into one spot. Thanks to Gabi -- cgit v1.2.3 From 3905dfb0a8f719b435125d404ca4403f9849e17c Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Thu, 18 Dec 2014 14:00:30 -0800 Subject: Mark some backported support items as such --- sites/www/changelog.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 8a705382..9cc3a3eb 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -11,7 +11,8 @@ Changelog the SFTP modules) concerning incorrect behavior by `~paramiko.file.BufferedFile.readlines` on files whose size exceeds the buffer size. Thanks to ``@achapp`` for catch & patch. -* :support:`422` Clean up some unused imports. Courtesy of Olle Lundberg. +* :support:`422 backported` Clean up some unused imports. Courtesy of Olle + Lundberg. * :bug:`266` Change numbering of `~paramiko.transport.Transport` channels to start at 0 instead of 1 for better compatibility with OpenSSH & certain server implementations which break on 1-indexed channels. Thanks to @@ -27,8 +28,8 @@ Changelog ``@sherbang`` and ``@adamkerz`` for the patches. * :support:`378 backported` Minor code cleanup in the SSH config module courtesy of Olle Lundberg. -* :support:`249` Consolidate version information into one spot. Thanks to Gabi - Davar for the reminder. +* :support:`249 backported` Consolidate version information into one spot. + Thanks to Gabi Davar for the reminder. * :release:`1.13.2 <2014-08-25>` * :bug:`376` Be less aggressive about expanding variables in ``ssh_config`` files, which results in a speedup of SSH config parsing. Credit to Olle -- cgit v1.2.3 From 5601bf0928e2e738917320d83f8302703a62091b Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Thu, 18 Dec 2014 14:02:28 -0800 Subject: Mark more backported support issues as such --- sites/www/changelog.rst | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index f6f2bb28..e5adbd22 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -18,15 +18,15 @@ Changelog none`` as the lack of a proxy command, instead of as a literal command string of ``"none"``. Thanks to Richard Spiers for the catch & Sean Johnson for the fix. -* :support:`431` Replace handrolled ``ssh_config`` parsing code with use of the - ``shlex`` module. Thanks to Yan Kalchevskiy. +* :support:`431 backported` Replace handrolled ``ssh_config`` parsing code with + use of the ``shlex`` module. Thanks to Yan Kalchevskiy. * :support:`422 backported` Clean up some unused imports. Courtesy of Olle Lundberg. -* :support:`421` Modernize threading calls to user newer API. Thanks to Olle - Lundberg. -* :support:`419` Modernize a bunch of the codebase internals to leverage - decorators. Props to ``@beckjake`` for realizing we're no longer on Python - 2.2 :D +* :support:`421 backported` Modernize threading calls to user newer API. Thanks + to Olle Lundberg. +* :support:`419 backported` Modernize a bunch of the codebase internals to + leverage decorators. Props to ``@beckjake`` for realizing we're no longer on + Python 2.2 :D * :bug:`266` Change numbering of `~paramiko.transport.Transport` channels to start at 0 instead of 1 for better compatibility with OpenSSH & certain server implementations which break on 1-indexed channels. Thanks to -- cgit v1.2.3 From 9451f2aada77850c4ba5719e8f732989c9b4f663 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Fri, 19 Dec 2014 14:54:15 -0800 Subject: Cut 1.13.3 --- sites/www/changelog.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 9cc3a3eb..9ce2eded 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,7 @@ Changelog ========= +* :release:`1.13.3 <2014-12-19>` * :bug:`413` (also :issue:`414`, :issue:`420`, :issue:`454`) Be significantly smarter about polling & timing behavior when running proxy commands, to avoid unnecessary (often 100%!) CPU usage. Major thanks to Jason Dunsmore for -- cgit v1.2.3 From ccdfd02c047d5588b6bebdc501a766271a009493 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Fri, 19 Dec 2014 14:55:15 -0800 Subject: Cut 1.14.2 --- sites/www/changelog.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 8ad82a71..695149de 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,7 @@ Changelog ========= +* :release:`1.14.2 <2014-12-19>` * :release:`1.13.3 <2014-12-19>` * :bug:`413` (also :issue:`414`, :issue:`420`, :issue:`454`) Be significantly smarter about polling & timing behavior when running proxy commands, to avoid -- cgit v1.2.3 From 424ba615c2a94d3b059e7f24db1a1093a92d8d22 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Fri, 19 Dec 2014 14:55:48 -0800 Subject: Cut 1.15.2 --- paramiko/_version.py | 2 +- sites/www/changelog.rst | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'sites/www') diff --git a/paramiko/_version.py b/paramiko/_version.py index d9f78740..3bf9dac7 100644 --- a/paramiko/_version.py +++ b/paramiko/_version.py @@ -1,2 +1,2 @@ -__version_info__ = (1, 15, 1) +__version_info__ = (1, 15, 2) __version__ = '.'.join(map(str, __version_info__)) diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index f5348e5b..bb93f885 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,7 @@ Changelog ========= +* :release:`1.15.2 <2014-12-19>` * :release:`1.14.2 <2014-12-19>` * :release:`1.13.3 <2014-12-19>` * :bug:`413` (also :issue:`414`, :issue:`420`, :issue:`454`) Be significantly -- cgit v1.2.3 From c5d0d6a2919ca2158b3f6271f7449faeeb3c865f Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 4 Feb 2015 16:00:50 -0800 Subject: Changelog fixes #402, closes #479 --- sites/www/changelog.rst | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index bb93f885..6520dde4 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,10 @@ Changelog ========= +* :bug:`402` Check to see if an SSH agent is actually present before trying to + forward it to the remote end. This replaces what was usually a useless + ``TypeError`` with a human-readable ``AuthenticationError``. Credit to Ken + Jordan for the fix and Yvan Marques for original report. * :release:`1.15.2 <2014-12-19>` * :release:`1.14.2 <2014-12-19>` * :release:`1.13.3 <2014-12-19>` -- cgit v1.2.3 From d1f72859c76beda46a072cdc75b2e19e4418275a Mon Sep 17 00:00:00 2001 From: Olle Lundberg Date: Tue, 24 Feb 2015 14:49:36 +0100 Subject: Expose handshake timeout in the transport API. This is a reimplementation of #62. --- paramiko/transport.py | 9 +++++++++ sites/www/changelog.rst | 5 +++++ tests/test_transport.py | 17 +++++++++++++++++ 3 files changed, 31 insertions(+) (limited to 'sites/www') diff --git a/paramiko/transport.py b/paramiko/transport.py index 36da3043..6047fb99 100644 --- a/paramiko/transport.py +++ b/paramiko/transport.py @@ -295,6 +295,8 @@ class Transport (threading.Thread, ClosingContextManager): self.global_response = None # response Message from an arbitrary global request self.completion_event = None # user-defined event callbacks self.banner_timeout = 15 # how long (seconds) to wait for the SSH banner + self.handshake_timeout = 15 # how long (seconds) to wait for the handshake to finish after SSH banner sent. + # server mode: self.server_mode = False @@ -1582,6 +1584,12 @@ class Transport (threading.Thread, ClosingContextManager): try: self.packetizer.write_all(b(self.local_version + '\r\n')) self._check_banner() + # The above is actually very much part of the handshake, but sometimes the banner can be read + # but the machine is not responding, for example when the remote ssh daemon is loaded in to memory + # but we can not read from the disk/spawn a new shell. + # Make sure we can specify a timeout for the initial handshake. + # Re-use the banner timeout for now. + self.packetizer.start_handshake(self.handshake_timeout) self._send_kex_init() self._expect_packet(MSG_KEXINIT) @@ -1631,6 +1639,7 @@ class Transport (threading.Thread, ClosingContextManager): msg.add_byte(cMSG_UNIMPLEMENTED) msg.add_int(m.seqno) self._send_message(msg) + self.packetizer.complete_handshake() except SSHException as e: self._log(ERROR, 'Exception: ' + str(e)) self._log(ERROR, util.tb_strings()) diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 6520dde4..f9900327 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,11 @@ Changelog ========= +* :bug:`62` Add timeout for handshake completion. + This adds a mechanism for timing out a connection if the ssh handshake + never completes. + Credit to ``@dacut`` for initial report and patch and to Olle Lundberg for + re-implementation. * :bug:`402` Check to see if an SSH agent is actually present before trying to forward it to the remote end. This replaces what was usually a useless ``TypeError`` with a human-readable ``AuthenticationError``. Credit to Ken diff --git a/tests/test_transport.py b/tests/test_transport.py index 5cf9a867..3c8ad81e 100644 --- a/tests/test_transport.py +++ b/tests/test_transport.py @@ -792,3 +792,20 @@ class TransportTest(unittest.TestCase): (None, DEFAULT_WINDOW_SIZE), (2**32, MAX_WINDOW_SIZE)]: self.assertEqual(self.tc._sanitize_window_size(val), correct) + + def test_L_handshake_timeout(self): + """ + verify that we can get a hanshake timeout. + """ + host_key = RSAKey.from_private_key_file(test_path('test_rsa.key')) + public_host_key = RSAKey(data=host_key.asbytes()) + self.ts.add_server_key(host_key) + event = threading.Event() + server = NullServer() + self.assertTrue(not event.is_set()) + self.tc.handshake_timeout = 0.000000000001 + self.ts.start_server(event, server) + self.assertRaises(EOFError, self.tc.connect, + hostkey=public_host_key, + username='slowdive', + password='pygmalion') -- cgit v1.2.3 From 6ba6ccda7bb34f16e92aa1acfb430055f264bd41 Mon Sep 17 00:00:00 2001 From: Olle Lundberg Date: Tue, 24 Feb 2015 15:14:51 +0100 Subject: Patch resolving the timeout issue on lost conection. (This rolls in patch in #439) --- paramiko/client.py | 2 +- paramiko/transport.py | 18 +++++++++++++----- sites/www/changelog.rst | 3 +++ 3 files changed, 17 insertions(+), 6 deletions(-) (limited to 'sites/www') diff --git a/paramiko/client.py b/paramiko/client.py index 393e3e09..9ee30287 100644 --- a/paramiko/client.py +++ b/paramiko/client.py @@ -338,7 +338,7 @@ class SSHClient (ClosingContextManager): :raises SSHException: if the server fails to execute the command """ - chan = self._transport.open_session() + chan = self._transport.open_session(timeout=timeout) if get_pty: chan.get_pty() chan.settimeout(timeout) diff --git a/paramiko/transport.py b/paramiko/transport.py index 6047fb99..31c27a2f 100644 --- a/paramiko/transport.py +++ b/paramiko/transport.py @@ -589,7 +589,7 @@ class Transport (threading.Thread, ClosingContextManager): """ return self.active - def open_session(self, window_size=None, max_packet_size=None): + def open_session(self, window_size=None, max_packet_size=None, timeout=None): """ Request a new channel to the server, of type ``"session"``. This is just an alias for calling `open_channel` with an argument of @@ -614,7 +614,8 @@ class Transport (threading.Thread, ClosingContextManager): """ return self.open_channel('session', window_size=window_size, - max_packet_size=max_packet_size) + max_packet_size=max_packet_size, + timeout=timeout) def open_x11_channel(self, src_addr=None): """ @@ -661,7 +662,8 @@ class Transport (threading.Thread, ClosingContextManager): dest_addr=None, src_addr=None, window_size=None, - max_packet_size=None): + max_packet_size=None, + timeout=None): """ Request a new channel to the server. `Channels <.Channel>` are socket-like objects used for the actual transfer of data across the @@ -685,17 +687,20 @@ class Transport (threading.Thread, ClosingContextManager): optional window size for this session. :param int max_packet_size: optional max packet size for this session. + :param float timeout: + optional timeout opening a channel, default 3600s (1h) :return: a new `.Channel` on success - :raises SSHException: if the request is rejected or the session ends - prematurely + :raises SSHException: if the request is rejected, the session ends + prematurely or there is a timeout openning a channel .. versionchanged:: 1.15 Added the ``window_size`` and ``max_packet_size`` arguments. """ if not self.active: raise SSHException('SSH session not active') + timeout = 3600 if timeout is None else timeout self.lock.acquire() try: window_size = self._sanitize_window_size(window_size) @@ -724,6 +729,7 @@ class Transport (threading.Thread, ClosingContextManager): finally: self.lock.release() self._send_user_message(m) + start_ts = time.time() while True: event.wait(0.1) if not self.active: @@ -733,6 +739,8 @@ class Transport (threading.Thread, ClosingContextManager): raise e if event.is_set(): break + elif start_ts + timeout < time.time(): + raise SSHException('Timeout openning channel.') chan = self._channels.get(chanid) if chan is not None: return chan diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index f9900327..16a60a68 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,9 @@ Changelog ========= +* :bug:`439` Resolve the timeout issue on lost conection. + When the destination disappears on an established session paramiko will hang on trying to open a channel. + Credit to ``@vazir`` for patch. * :bug:`62` Add timeout for handshake completion. This adds a mechanism for timing out a connection if the ssh handshake never completes. -- cgit v1.2.3 From 4ca8d68c0443c4e5e17ae4fcee39dd6f2507c7cd Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Fri, 27 Feb 2015 13:19:35 -0800 Subject: Changelog closes #22 --- sites/www/changelog.rst | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 6520dde4..0e8f92c4 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,11 @@ Changelog ========= +* :bug:`22 major` Try harder to connect to multiple network families (e.g. IPv4 + vs IPv6) in case of connection issues; this helps with problems such as hosts + which resolve both IPv4 and IPv6 addresses but are only listening on IPv4. + Thanks to Dries Desmet for original report and Torsten Landschoff for the + foundational patchset. * :bug:`402` Check to see if an SSH agent is actually present before trying to forward it to the remote end. This replaces what was usually a useless ``TypeError`` with a human-readable ``AuthenticationError``. Credit to Ken -- cgit v1.2.3 From ca0fd1024ecf61b1758bdd38350fbd4c4ccaaefb Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Sat, 28 Feb 2015 19:54:52 -0800 Subject: Replace/add RFC links using ``:rfc:``, /ht @sigmavirus24 --- paramiko/channel.py | 2 +- paramiko/kex_gss.py | 27 +++++++++++++++------------ paramiko/ssh_gss.py | 2 +- sites/www/index.rst | 8 ++------ 4 files changed, 19 insertions(+), 20 deletions(-) (limited to 'sites/www') diff --git a/paramiko/channel.py b/paramiko/channel.py index 8a97c974..7e39a15b 100644 --- a/paramiko/channel.py +++ b/paramiko/channel.py @@ -337,7 +337,7 @@ class Channel (ClosingContextManager): further x11 requests can be made from the server to the client, when an x11 application is run in a shell session. - From RFC4254:: + From :rfc:`4254`:: It is RECOMMENDED that the 'x11 authentication cookie' that is sent be a fake, random cookie, and that the cookie be checked and diff --git a/paramiko/kex_gss.py b/paramiko/kex_gss.py index 4e8380ef..d026807c 100644 --- a/paramiko/kex_gss.py +++ b/paramiko/kex_gss.py @@ -21,14 +21,15 @@ """ -This module provides GSS-API / SSPI Key Exchange as defined in RFC 4462. +This module provides GSS-API / SSPI Key Exchange as defined in :rfc:`4462`. .. note:: Credential delegation is not supported in server mode. .. note:: - `RFC 4462 Section 2.2 `_ says we are - not required to implement GSS-API error messages. Thus, in many methods - within this module, if an error occurs an exception will be thrown and the + `RFC 4462 Section 2.2 + `_ says we are not + required to implement GSS-API error messages. Thus, in many methods within + this module, if an error occurs an exception will be thrown and the connection will be terminated. .. seealso:: :doc:`/api/ssh_gss` @@ -55,8 +56,8 @@ c_MSG_KEXGSS_GROUPREQ, c_MSG_KEXGSS_GROUP = [byte_chr(c) for c in range(40, 42)] class KexGSSGroup1(object): """ - GSS-API / SSPI Authenticated Diffie-Hellman Key Exchange - as defined in `RFC 4462 Section 2 `_ + GSS-API / SSPI Authenticated Diffie-Hellman Key Exchange as defined in `RFC + 4462 Section 2 `_ """ # draft-ietf-secsh-transport-09.txt, page 17 P = 0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF @@ -278,8 +279,9 @@ class KexGSSGroup1(object): class KexGSSGroup14(KexGSSGroup1): """ - GSS-API / SSPI Authenticated Diffie-Hellman Group14 Key Exchange - as defined in `RFC 4462 Section 2 `_ + GSS-API / SSPI Authenticated Diffie-Hellman Group14 Key Exchange as defined + in `RFC 4462 Section 2 + `_ """ P = 0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF G = 2 @@ -288,8 +290,8 @@ class KexGSSGroup14(KexGSSGroup1): class KexGSSGex(object): """ - GSS-API / SSPI Authenticated Diffie-Hellman Group Exchange - as defined in `RFC 4462 Section 2 `_ + GSS-API / SSPI Authenticated Diffie-Hellman Group Exchange as defined in + `RFC 4462 Section 2 `_ """ NAME = "gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==" min_bits = 1024 @@ -590,8 +592,9 @@ class KexGSSGex(object): class NullHostKey(object): """ - This class represents the Null Host Key for GSS-API Key Exchange - as defined in `RFC 4462 Section 5 `_ + This class represents the Null Host Key for GSS-API Key Exchange as defined + in `RFC 4462 Section 5 + `_ """ def __init__(self): self.key = "" diff --git a/paramiko/ssh_gss.py b/paramiko/ssh_gss.py index ebf2cc80..aa28e2ec 100644 --- a/paramiko/ssh_gss.py +++ b/paramiko/ssh_gss.py @@ -20,7 +20,7 @@ """ -This module provides GSS-API / SSPI authentication as defined in RFC 4462. +This module provides GSS-API / SSPI authentication as defined in :rfc:`4462`. .. note:: Credential delegation is not supported in server mode. diff --git a/sites/www/index.rst b/sites/www/index.rst index 1b609709..8e7562af 100644 --- a/sites/www/index.rst +++ b/sites/www/index.rst @@ -26,11 +26,7 @@ Please see the sidebar to the left to begin. .. rubric:: Footnotes .. [#] - SSH is defined in RFCs - `4251 `_, - `4252 `_, - `4253 `_, and - `4254 `_; - the primary working implementation of the protocol is the `OpenSSH project + SSH is defined in :rfc:`4251`, :rfc:`4252`, :rfc:`4253` and :rfc:`4254`. The + primary working implementation of the protocol is the `OpenSSH project `_. Paramiko implements a large portion of the SSH feature set, but there are occasional gaps. -- cgit v1.2.3 From 97e134aa43c9632f34be278ca1d08f56cc83993a Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Thu, 10 Sep 2015 14:09:13 -0700 Subject: Changelog fixes #582 --- sites/www/changelog.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 0e8f92c4..6379dba9 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,8 @@ Changelog ========= +* :support:`582` Fix some old ``setup.py`` related helper code which was + breaking ``bdist_dumb`` on Mac OS X. Thanks to Peter Odding for the patch. * :bug:`22 major` Try harder to connect to multiple network families (e.g. IPv4 vs IPv6) in case of connection issues; this helps with problems such as hosts which resolve both IPv4 and IPv6 addresses but are only listening on IPv4. -- cgit v1.2.3 From aef405c9adc3ca087b21836d4a2ee56e05a2b3c4 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 30 Sep 2015 14:02:27 -0700 Subject: Changelog closes #353 --- sites/www/changelog.rst | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 6520dde4..be3f5da7 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,10 @@ Changelog ========= +* :bug:`353` (via :issue:`482`) Fix a bug introduced in the Python 3 port + which caused ``OverFlowError`` (and other symptoms) in SFTP functionality. + Thanks to ``@dboreham`` for leading the troubleshooting charge, and to + Scott Maxwell for the final patch. * :bug:`402` Check to see if an SSH agent is actually present before trying to forward it to the remote end. This replaces what was usually a useless ``TypeError`` with a human-readable ``AuthenticationError``. Credit to Ken -- cgit v1.2.3 From e9d65f4199bb6a8589c9a89f8a8d68edd66ac6d0 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 30 Sep 2015 14:09:15 -0700 Subject: Changelog closes #488 --- sites/www/changelog.rst | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index be3f5da7..7e8c02fe 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,10 @@ Changelog ========= +* :bug:`469` (also :issue:`488`, :issue:`461` and like a dozen others) Fix a + typo introduced in the 1.15 release which broke WinPageant support. Thanks to + everyone who submitted patches, and to Steve Cohen who was the lucky winner + of the cherry-pick lottery. * :bug:`353` (via :issue:`482`) Fix a bug introduced in the Python 3 port which caused ``OverFlowError`` (and other symptoms) in SFTP functionality. Thanks to ``@dboreham`` for leading the troubleshooting charge, and to -- cgit v1.2.3 From 48dc72b87567152ac8d45b4bad2bdd0d4ad3ac8b Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 30 Sep 2015 14:14:27 -0700 Subject: Changelog closes #404 --- sites/www/changelog.rst | 3 +++ 1 file changed, 3 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 7e8c02fe..3c11ff87 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,9 @@ Changelog ========= +* :bug:`404` Print details when displaying `BadHostKeyException` objects + (expected vs received data) instead of just "hey shit broke". Patch credit: + Loic Dachary. * :bug:`469` (also :issue:`488`, :issue:`461` and like a dozen others) Fix a typo introduced in the 1.15 release which broke WinPageant support. Thanks to everyone who submitted patches, and to Steve Cohen who was the lucky winner -- cgit v1.2.3 From fb258f88b4b61627a51f30f9a21fcbc7ec35c1e6 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 30 Sep 2015 14:18:24 -0700 Subject: Changelog closes #490, closes #500 (cherry-pick) --- sites/www/changelog.rst | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 3c11ff87..5f6a16f9 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,10 @@ Changelog ========= +* :bug:`490` Skip invalid/unparseable lines in ``known_hosts`` files, instead + of raising `SSHException`. This brings Paramiko's behavior more in line with + OpenSSH, which silently ignores such input. Catch & patch courtesy of Martin + Topholm. * :bug:`404` Print details when displaying `BadHostKeyException` objects (expected vs received data) instead of just "hey shit broke". Patch credit: Loic Dachary. -- cgit v1.2.3 From 57106d04def84ca1d9dd23c4d85b2ba9242556ff Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 30 Sep 2015 14:53:02 -0700 Subject: Rework changelog entries re #491 a bit Closes #491, closes #62, closes #439 --- sites/www/changelog.rst | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 97b6fe9c..764c8801 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,14 +2,10 @@ Changelog ========= -* :bug:`439` Resolve the timeout issue on lost conection. - When the destination disappears on an established session paramiko will hang on trying to open a channel. - Credit to ``@vazir`` for patch. -* :bug:`62` Add timeout for handshake completion. - This adds a mechanism for timing out a connection if the ssh handshake - never completes. - Credit to ``@dacut`` for initial report and patch and to Olle Lundberg for - re-implementation. +* :bug:`491` (combines :issue:`62` and :issue:`439`) Implement timeout + functionality to address hangs from dropped network connections and/or failed + handshakes. Credit to ``@vazir`` and ``@dacut`` for the original patches and + to Olle Lundberg for reimplementation. * :bug:`490` Skip invalid/unparseable lines in ``known_hosts`` files, instead of raising `SSHException`. This brings Paramiko's behavior more in line with OpenSSH, which silently ignores such input. Catch & patch courtesy of Martin -- cgit v1.2.3 From 8bf03014128b074bf6988100f18e48a94671cca2 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 30 Sep 2015 15:43:59 -0700 Subject: Changelog re #496 --- sites/www/changelog.rst | 3 +++ 1 file changed, 3 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 764c8801..5b900c61 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,9 @@ Changelog ========= +* :bug:`496` Fix a handful of small but critical bugs in Paramiko's GSSAPI + support (note: this includes switching from PyCrypo's Random to + `os.urandom`). Thanks to Anselm Kruis for catch & patch. * :bug:`491` (combines :issue:`62` and :issue:`439`) Implement timeout functionality to address hangs from dropped network connections and/or failed handshakes. Credit to ``@vazir`` and ``@dacut`` for the original patches and -- cgit v1.2.3 From b67ee80ba6cbb985a537123a0ae099b81ddfc999 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Wed, 30 Sep 2015 15:59:04 -0700 Subject: Changelog closes #516 --- sites/www/changelog.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 5b900c61..b7f19d63 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,8 @@ Changelog ========= +* :support:`516 backported` Document `~paramiko.agent.AgentRequestHandler`. + Thanks to ``@toejough`` for report & suggestions. * :bug:`496` Fix a handful of small but critical bugs in Paramiko's GSSAPI support (note: this includes switching from PyCrypo's Random to `os.urandom`). Thanks to Anselm Kruis for catch & patch. -- cgit v1.2.3 From a8ac9e6441030f2cc49de579c3d598e5f05ca331 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Fri, 2 Oct 2015 15:23:16 -0700 Subject: Changelog closes #554 --- sites/www/changelog.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index b7f19d63..1d3debb7 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,8 @@ Changelog ========= +* :support:`554 backported` Fix inaccuracies in the docstring for the ECDSA key + class. Thanks to Jared Hance for the patch. * :support:`516 backported` Document `~paramiko.agent.AgentRequestHandler`. Thanks to ``@toejough`` for report & suggestions. * :bug:`496` Fix a handful of small but critical bugs in Paramiko's GSSAPI -- cgit v1.2.3 From 9a5fbad601d7567cde59071f36ba6a34d6bcf696 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Fri, 2 Oct 2015 15:56:28 -0700 Subject: Fix some typos/bad doc references in changelog --- sites/www/changelog.rst | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'sites/www') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 1d3debb7..9a4e6c76 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -14,12 +14,12 @@ Changelog handshakes. Credit to ``@vazir`` and ``@dacut`` for the original patches and to Olle Lundberg for reimplementation. * :bug:`490` Skip invalid/unparseable lines in ``known_hosts`` files, instead - of raising `SSHException`. This brings Paramiko's behavior more in line with - OpenSSH, which silently ignores such input. Catch & patch courtesy of Martin - Topholm. -* :bug:`404` Print details when displaying `BadHostKeyException` objects - (expected vs received data) instead of just "hey shit broke". Patch credit: - Loic Dachary. + of raising `~paramiko.ssh_exception.SSHException`. This brings Paramiko's + behavior more in line with OpenSSH, which silently ignores such input. Catch + & patch courtesy of Martin Topholm. +* :bug:`404` Print details when displaying + `~paramiko.ssh_exception.BadHostKeyException` objects (expected vs received + data) instead of just "hey shit broke". Patch credit: Loic Dachary. * :bug:`469` (also :issue:`488`, :issue:`461` and like a dozen others) Fix a typo introduced in the 1.15 release which broke WinPageant support. Thanks to everyone who submitted patches, and to Steve Cohen who was the lucky winner @@ -30,8 +30,9 @@ Changelog Scott Maxwell for the final patch. * :bug:`402` Check to see if an SSH agent is actually present before trying to forward it to the remote end. This replaces what was usually a useless - ``TypeError`` with a human-readable ``AuthenticationError``. Credit to Ken - Jordan for the fix and Yvan Marques for original report. + ``TypeError`` with a human-readable + `~paramiko.ssh_exception.AuthenticationException`. Credit to Ken Jordan for + the fix and Yvan Marques for original report. * :release:`1.15.2 <2014-12-19>` * :release:`1.14.2 <2014-12-19>` * :release:`1.13.3 <2014-12-19>` -- cgit v1.2.3 From 5b1b13c2fb48ac55d64022212bf132b8c01ce0c7 Mon Sep 17 00:00:00 2001 From: Jeff Forcier Date: Fri, 2 Oct 2015 15:59:15 -0700 Subject: Cut 1.15.3 --- paramiko/_version.py | 2 +- sites/www/changelog.rst | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'sites/www') diff --git a/paramiko/_version.py b/paramiko/_version.py index 3bf9dac7..25aac14f 100644 --- a/paramiko/_version.py +++ b/paramiko/_version.py @@ -1,2 +1,2 @@ -__version_info__ = (1, 15, 2) +__version_info__ = (1, 15, 3) __version__ = '.'.join(map(str, __version_info__)) diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 9a4e6c76..d94d5bc2 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,7 @@ Changelog ========= +* :release:`1.15.3 <2015-10-02>` * :support:`554 backported` Fix inaccuracies in the docstring for the ECDSA key class. Thanks to Jared Hance for the patch. * :support:`516 backported` Document `~paramiko.agent.AgentRequestHandler`. -- cgit v1.2.3