====
NEWS
====

Highlights of what's new in each release:

Releases
========

v1.8.0 <DATE>
---------------

* #32: Raise a more useful error explaining which `known_hosts` key line was
  problematic, when encountering `binascii` issues decoding known host keys.
  Thanks to `@thomasvs` for catch & patch.
* #33: Bring `ssh_config` parsing more in line with OpenSSH spec, re: order of
  setting overrides by `Host` specifiers. Specifically, the overrides now go by
  file order instead of automatically sorting by `Host` value length. In
  addition, the first value found per config key (e.g. `Port`, `User` etc)
  wins, instead of the last. Thanks to Jan Brauer for the contribution.
* #36: Support new server two-factor authentication option
  (`RequiredAuthentications2`), at least re: combining key-based & password
  auth. Thanks to Github user `bninja`.
* #11: When raising an exception for hosts not listed in
  `known_hosts` (when `RejectPolicy` is in effect) the exception message was
  confusing/vague. This has been improved somewhat. Thanks to Cal Leeming for
  highlighting the issue.
* #40: Fixed up & expanded EINTR signal handling. Thanks to Douglas Turk.
* #15: Implemented parameter substitution in SSHConfig, matching the
  implementation of `ssh_config(5)`. Thanks to Olle Lundberg for the patch.
* #24: Switch some internal type checking to use `isinstance` to help prevent
  problems with client libraries using subclasses of builtin types. Thanks to
  Alex Morega for the patch.
* [Fabric #562](https://github.com/fabric/fabric/issues/562): Agent forwarding
  would error out (with `Authentication response too long`) or freeze, when more
  than one remote connection to the local agent was active at the same time.
  This has been fixed. Thanks to Steven McDonald for assisting in
  troubleshooting/patching, and to GitHub user `@lynxis` for providing the
  final version of the patch.
* #5: Moved a `fcntl` import closer to where it's used to help avoid
  `ImportError` problems on Windows platforms. Thanks to Jason Coombs for the
  catch + suggested fix.
* #4: Updated implementation of WinPageant integration to work on 64-bit
  Windows. Thanks again to Jason Coombs for the patch.
* Added an IO loop sleep() call to avoid needless CPU usage when agent
  forwarding is in use.
* Handful of internal tweaks to version number storage.
* Updated `setup.py` with `==dev` install URL for `pip` users.
* Updated `setup.py` to account for packaging problems in PyCrypto 2.4.0
* Initial fork of Paramiko 1.7.7.1
* Renamed package to 'ssh'
* Added an extra `atfork()` call to help prevent spurious RNG errors when
  running under high parallel (multiprocess) load.
* Merge PR #28: https://github.com/paramiko/paramiko/pull/28 which adds a
  ssh-keygen like demo module. (Sofian Brabez)

v1.7.7.2 16may12
----------------
  * Merge pull request #63: https://github.com/paramiko/paramiko/pull/63 which
    fixes exceptions that occur when re-keying over fast connections. (Dwayne
    Litzenberger)

v1.7.7.1 (George) 21may11
-------------------------
  * Make the verification phase of SFTP.put optional (Larry Wright)
  * Patches to fix AIX support (anonymous)
  * Patch from Michele Bertoldi to allow compression to be turned on in the
    client constructor.
  * Patch from Shad Sharma to raise an exception if the transport isn't active
    when you try to open a new channel.
  * Stop leaking file descriptors in the SSH agent (John Adams)
  * More fixes for Windows address family support (Andrew Bennetts)
  * Use Crypto.Random rather than Crypto.Util.RandomPool
    (Gary van der Merwe, #271791)
  * Support for openssl keys (tehfink)
  * Fix multi-process support by calling Random.atfork (sugarc0de)

v1.7.6 (Fanny) 1nov09
---------------------
  * fixed bugs 411099 (sftp chdir isn't unicode-safe), 363163 & 411910 (more
    IPv6 problems on windows), 413850 (race when server closes the channel),
    426925 (support port numbers in host keys)

v1.7.5 (Ernest) 19jul09
-----------------------
  * added support for ARC4 cipher and CTR block chaining (Denis Bernard)
  * made transport threads daemonize, to fix python 2.6 atexit behavior
  * support unicode hostnames, and IP6 addresses (Maxime Ripard, Shikhar
    Bhushan)
  * various small bug fixes

v1.7.4 (Desmond) 06jul08
------------------------
  * more randpool fixes for windows, from Dwayne Litzenberger
    (NOTE: this may require a pycrypto upgrade on windows)
  * fix potential deadlock during key exchange (Dwayne Litzenberger)
  * remove MFC dependency from windows (Mark Hammond)
  * added some optional API improvements for SFTPClient get() and put()

v1.7.3 (Clara) 23mar08
----------------------
  * SSHClient can be asked not to use an SSH agent now, and not to search
    for private keys
  * added WarningPolicy option for SSHClient (warn, but allow, on unknown
    server keys)
  * added Channel.exit_status_ready to poll if a channel has received an
    exit status yet
  * new demo for reverse port forwarding
  * (bug 177117) fix UTF-8 passwords
  * (bug 189466) fix typo in osrandom.py
  * (bug 191657) potentially fix a race at channel shutdown
  * (bug 192749) document that SSHClient.connect may raise socket.error
  * (bug 193779) translate EOFError into AuthException during authentication
  * (bug 200416) don't create a new logger object for each channel

v1.7.2 (Basil) 21jan08
----------------------
  * (bug 137219) catch EINTR and handle correctly
  * (bug 157205) fix select() to trigger on stderr for a channel too
  * added SSHClient.get_transport()
  * added Channel.send_ready()
  * added direct-tcpip forwarding [patch from david guerizec]
  * fixed the PRNG to be more secure on windows and in cases where fork() is
    called [patch from dwayne litzenberger]

v1.7.1 (Amy) 10jun07
--------------------
  * windows SSH agent support can use the 'ctypes' module now if 'win32all' is
    not available [patch from alexander belchenko]
  * SFTPClient.listdir_attr() now preserves the 'longname' field [patch from
    wesley augur]
  * SFTPClient.get_channel() API added
  * SSHClient constuctor takes an optional 'timeout' parameter [patch from
    james bardin]

v1.7 (zubat) 18feb07
--------------------
  * added x11 channel support (patch from david guerizec)
  * added reverse port forwarding support
  * (bug 75370) raise an exception when contacting a broken SFTP server
  * (bug 80295) SSHClient shouldn't expand the user directory twice when reading
    RSA/DSS keys
  * (bug 82383) typo in DSS key in SSHClient
  * (bug 83523) python 2.5 warning when encoding a file's modification time
  * if connecting to an SSH agent fails, silently fallback instead of raising
    an exception

v1.6.4 (yanma) 19nov06
----------------------
  * fix setup.py on osx (oops!)
  * (bug 69330) check for the existence of RSA/DSA keys before trying to open
    them in SFTPClient
  * (bug 69222) catch EAGAIN in socket code to workaround a bug in recent
    Linux 2.6 kernels
  * (bug 70398) improve dict emulation in HostKeys objects
  * try harder to make sure all worker threads are joined on Transport.close()

v1.6.3 (xatu) 14oct06
---------------------
  * fixed bug where HostKeys.__setitem__ wouldn't always do the right thing
  * fixed bug in SFTPClient.chdir and SFTPAttributes.__str__ [patch from
    mike barber]
  * try harder not to raise EOFError from within SFTPClient
  * fixed bug where a thread waiting in accept() could block forever if the
    transport dies [patch from mike looijmans]

v1.6.2 (weedle) 16aug06
-----------------------
  * added support for "old" group-exchange server mode, for compatibility
    with the windows putty client
  * fixed some more interactions with SFTP file readv() and prefetch()
  * when saving the known_hosts file, preserve the original order [patch from
    warren young]
  * fix a couple of broken lines when exporting classes (bug 55946)

v1.6.1 (vulpix) 10jul06
-----------------------
  * more unit tests fixed for windows/cygwin (thanks to alexander belchenko)
  * a couple of fixes related to exceptions leaking out of SFTPClient
  * added ability to set items in HostKeys via __setitem__
  * HostKeys now retains order and has a save() method
  * added PKey.write_private_key and PKey.from_private_key

v1.6 (umbreon) 10may06
----------------------
  * pageant support on Windows thanks to john arbash meinel and todd whiteman
  * fixed unit tests to work under windows and cygwin (thanks to alexander
    belchenko for debugging)
  * various bugfixes/tweaks to SFTP file prefetch
  * added SSHClient for a higher-level API
  * SFTP readv() now yields results as it gets them
  * several APIs changed to throw an exception instead of "False" on failure

v1.5.4 (tentacool) 11mar06
--------------------------
  * fixed HostKeys to more correctly emulate a python dict
  * fixed a bug where file read buffering was too aggressive
  * improved prefetching so that out-of-order reads still use the prefetch
    buffer
  * added experimental SFTPFile.readv() call
  * more unit tests

v1.5.3 (squirtle) 19feb06
-------------------------
  * a few performance enhancements
  * added HostKeys, for dealing with openssh style "known_hosts" files, and
    added support for hashed hostnames
  * added Transport.atfork() for dealing with forked children
  * added SFTPClient.truncate, SFTPFile.chmod, SFTPFile.chown, SFTPFile.utime,
    and SFTPFile.truncate
  * improved windows demos [patch from mike looijmans], added an sftp demo, and
    moved demos to the demos/ folder
  * fixed a few interoperability bugs
  * cleaned up logging a bit
  * fixed a bug where EOF on a Channel might not be detected by select [found
    by thomas steinacher]
  * fixed python 2.4-ism that crept in [patch by jan hudec]
  * fixed a few reference loops that could have interacted badly with the python
    garbage collector
  * fixed a bunch of pychecker warnings, some of which were bugs

v1.5.2 (rhydon) 04dec05
-----------------------
  * compression support (opt-in via Transport.use_compression)
  * sftp files may be opened with mode flag 'x' for O_EXCL (exclusive-open)
    behavior, which has no direct python equivalent
  * added experimental util functions for parsing openssh config files
  * fixed a few bugs (and potential deadlocks) with key renegotiation
  * fixed a bug that caused SFTPFile.prefetch to occasionally lock up
  * fixed an sftp bug which affected van dyke sftp servers
  * fixed the behavior of select()ing on a closed channel, such that it will
    always trigger as readable

v1.5.1 (quilava) 31oct05
------------------------
  * SFTPFile.prefetch() added to dramatically speed up downloads (automatically
    turned on in SFTPClient.get())
  * fixed bug where garbage-collected Channels could trigger the Transport to
    close the session (reported by gordon good)
  * fixed a deadlock in rekeying (reported by wendell wood)
  * fixed some windows bugs and SFTPAttributes.__str__() (reported by grzegorz
    makarewicz)
  * better sftp error reporting by adding fake "errno" info to IOErrors

v1.5 (paras) 02oct05
--------------------
  * added support for "keyboard-interactive" authentication
  * added mode (on by default) where password authentication will try to
    fallback to "keyboard-interactive" if it's supported
  * added pipelining to SFTPFile.write and SFTPClient.put
  * fixed bug with SFTPFile.close() not guarding against being called more
    than once (thanks to Nathaniel Smith)
  * fixed broken 'a' flag in SFTPClient.file() (thanks to Nathaniel Smith)
  * fixed up epydocs to look nicer
  * reorganized auth_transport into auth_handler, which seems to be a cleaner
    separation
  * demo scripts fixed to have a better chance of loading the host keys
    correctly on windows/cygwin
  
v1.4 (oddish) 17jul05
---------------------
  * added SSH-agent support (for posix) from john rochester
  * added chdir() and getcwd() to SFTPClient, to emulate a "working directory"
  * added get() and put() to SFTPClient, to emulate ftp whole-file transfers
  * added check() to SFTPFile (a file hashing protocol extension)
  * fixed Channels and SFTPFiles (among others) to auto-close when GC'd
  * fixed Channel.fileno() for Windows, this time really
  * don't log socket errors as "unknown exception"
  * some misc. backward-compatible API improvements (like allowing
    Transport.start_client() and start_server() to be called in a blocking way)

v1.3.1 (nidoran) 28jun05
------------------------
  * added SFTPClient.close()
  * fixed up some outdated documentation
  * made SFTPClient.file() an alias for open()
  * added Transport.open_sftp_client() for convenience
  * refactored packetizing out of Transport
  * fixed bug (reported by alain s.) where connecting to a non-SSH host could
    cause paramiko to freeze up
  * fixed Channel.fileno() for Windows (again)
  * some more unit tests

v1.3 (marowak) 09apr05
----------------------
  * fixed a bug where packets larger than about 12KB would cause the session
    to die on all platforms except osx
  * added a potential workaround for windows to let Channel.fileno() (and
    therefore the select module) work!
  * changed API for subsystem handlers (sorry!) to pass more info and make it
    easier to write a functional SFTP server

v1.2 (lapras) 28feb05
---------------------
  * added SFTPClient.listdir_attr() for fetching a list of files and their
    attributes in one call
  * added Channel.recv_exit_status() and Channel.send_exit_status() for
    manipulating the exit status of a command from either client or server
    mode
  * moved check_global_request into ServerInterface, where it should've been
    all along (oops)
  * SFTPHandle's default implementations are fleshed out more
  * made logging a bit more consistent, and started logging thread ids
  * fixed a few race conditions, one of which would sometimes cause a Transport
    to fail to start on slow machines
  * more unit tests

v1.1 (kabuto) 12dec04
---------------------
  * server-side SFTP support
  * added support for stderr streams on client & server channels
  * added a new distinct exception for failed client authentication
    when caused by the server rejecting that *type* of auth
  * added support for multi-part authentication
  * fixed bug where get_username() wasn't working in server mode

v1.0 (jigglypuff) 06nov04
-------------------------
  * fixed bug that broke server-mode authentication by private key
  * fixed bug where closing a Channel could end up killing the entire
    Transport
  * actually include demo_windows.py this time (oops!)
  * fixed recently-introduced bug in group-exchange key negotiation that
    would generate the wrong hash (and therefore fail the initial handshake)
  * server-mode subsystem handler is a bit more flexible

v0.9 (ivysaur) 22oct04
----------------------
  * new ServerInterface class for implementing server policy, so it's no
    longer necessary to subclass Transport or Channel -- server code will
    need to be updated to follow this new API!  (see demo_server.py)
  * some bugfixes for re-keying an active session
  * Transport.get_security_options() allows fine-tuned control over the
    crypto negotiation on a new session
  * Transport.connect() takes a single hostkey object now instead of two
    string parameters
  * the Channel request methods (like 'exec_command') now return True on
    success or False on failure
  * added a mechanism for providing subsystems in server mode (and a new
    class to be subclassed: SubsystemHandler)
  * renamed SFTP -> SFTPClient (but left an alias for existing code)
  * added SFTPClient.normalize() to resolve paths on the server
  * fleshed out the API a bit more for SFTPClient and private keys
  * a bunch of new unit tests!

v0.9 (horsea) 27jun04
---------------------
  * fixed a lockup that could happen if the channel was closed while the
    send window was full
  * better checking of maximum packet sizes
  * better line buffering for file objects
  * now chops sftp requests into smaller packets for some older servers
  * more sftp unit tests

v0.9 (gyarados) 31may04
-----------------------
  * Transport.open_channel() -- supports local & remote port forwarding now
  * now imports UTF-8 encodings explicitly as a hint to "freeze" utilities
  * no longer rejects older SFTP servers
  * default packet size bumped to 8kB
  * fixed deadlock in closing a channel
  * Transport.connect() -- fixed bug where it would always fail when given a
    host key to verify

v0.9 (fearow) 23apr04
---------------------
  * Transport.send_ignore() -- send random ignored bytes
  * RSAKey/DSSKey added from_private_key_file() as a factory constructor;
    write_private_key_file() & generate() to create and save ssh2 keys;
    get_base64() to retrieve the exported public key
  * Transport added global_request() [client] and check_global_request()
    [server]
  * Transport.get_remove_server_key() now returns a PKey object instead of a
    tuple of strings
  * Transport.get_username() -- return the username you auth'd as [client]
  * Transport.set_keepalive() -- makes paramiko send periodic junk packets
    to the remote host, to keep the session active
  * python 2.2 support (thanks to Roger Binns)
  * misc. bug fixes

v0.9 (eevee) 08mar04
--------------------

v0.9 (doduo) 04jan04
--------------------

v0.1 (charmander) 10nov03
-------------------------

v0.1 (bulbasaur) 18sep03
------------------------

v0.1 (aerodactyl) 13sep03
-------------------------