more docs, and password-protected key files can now be read
lots more documentation, some of it moved out of the README file, which is
now much smaller and less rambling.
repr(Transport) now reports the number of bits used in the cipher.
cleaned up BER to use util functions, and throw a proper exception (the new
BERException) on error. it doesn't ever have to be a full BER decoder, but
it can at least comb its hair and tuck in its shirt.
lots of stuff added to PKey.read_private_key_file so it can try to decode
password-protected key files. right now it only understands "DES-EDE3-CBC"
format, but this is the only format i've seen openssh make so far. if the
key is password-protected, but no password was given, a new exception
(PasswordRequiredException) is raised so an outer layer can ask for a password
and try again.
lots more documentation, and added Transport.connect()
renamed demo_host_key to demo_rsa_key. moved changelog to a separate file,
and indicated that future changelog entries should be fetched from tla.
tried to clean up "__all__" in a way that makes epydoc still work.
added lots more documentation, and renamed many methods and vars to hide
them as private non-exported API.
Transport's ModulusPack is now a static member, so it only has to be loaded
once, and can then be used by any future Transport object.
added Transport.connect(), which tries to wrap all the SSH2 negotiation and
authentication into one method. you should be able to create a Transport,
call connect(), and then create channels.
hook up server-side kex-gex; add more documentation
group-exchange kex should work now on the server side. it will only be
advertised if a "moduli" file has been loaded (see the -gasp- docs) so we
don't spend hours (literally. hours.) computing primes. some of the logic
was previously wrong, too, since it had never been tested.
fixed repr() string for Transport/BaseTransport. moved is_authenticated to
Transport where it belongs.
added lots of documentation (but still only about 10% documented). lots of
methods were made private finally.
cleaned up server code, renamed some files & classes
renamed demo-server.py and demo-host-key to demo_server.py and
demo_host_key, just to be consistent.
renamed SSHException -> SecshException.
generalized the mechanism where Channel decides whether to allow
different channel requests: 4 of the main ones (pty, window-change,
shell, and subsystem) go through easily override-able methods now.
you could probably make an actual ssh shell server.
gave ChannelFile a repr().
turned off ultra debugging in the demos. demo_server creates a
subclass of Channel to allow pty/shell and sets an event when the
shell request is made, so that it knows when it can start sending
the fake bbs.
renamed to charmander and updated some of the distutils files.
big chunk of work which makes server code 95% done
fixed auth check methods to return just a result (failed, succeeded,
partially succeeded) and always use get_allowed_auths to determine the
list of allowed auth methods to return.
channel's internal API changed a bit to allow for client-side vs.
server-side channels. we now honor the "want-reply" bit from channel
requests. in server mode (for now), we automatically allow pty-req
and shell requests without doing anything.
ChannelFile was fixed up a bit to support universal newlines. readline
got rewritten: the old way used the "greedy" read call from ChannelFile,
which won't work if the socket doesn't have that much data buffered and
ready. now it uses recv directly, and tracks the different newlines.
demo-server.py now answers to a single shell request (like a CLI ssh
tool will make) and does a very simple demo pretending to be a BBS.
transport: fixed a bug with parsing the remote side's banner. channel
requests are passed to another method in server mode, to determine if
we should allow it. new allowed channels are added to an accept queue,
and a new method 'accept' (with timeout) will block until the next
incoming channel is ready.
Robey Pointer