fix extremely unlikely channel counter wrapping
Transport's channel counter can overflow after 4 billion some channels are
created. make it wrap back around after 16 million instead. also allow the
logging channel to be set manually. fix some comments elsewhere.
don't unlink a Channel until the server closes it too
when close()'ing a Channel, don't immediately unlink it from the Transport.
instead, wait for the server to send a close message.
this should fix a bug where doing close() on an EOF'd channel would cause
the entire transport to be killed, because the server would send an
'exit-status' and 'close' message for a channel that we no longer had a
record of.
clean up server interface; no longer need to subclass Channel
- export AUTH_*, OPEN_FAILED_*, and the new OPEN_SUCCEEDED into the paramiko
namespace instead of making people dig into paramiko.Transport.AUTH_* etc.
- move all of the check_* methods from Channel to ServerInterface so apps
don't need to subclass Channel anymore just to run an ssh server
- ServerInterface.check_channel_request() returns an error code now, not a
new Channel object
- fix demo_server.py to follow all these changes
- fix a bunch of places where i used "string" in docstrings but meant "str"
- added Channel.get_id()
added Transport.get_security_options()
just something i wanted to play with:
added Transport.get_security_options() which returns a SecurityOptions object.
this object is a kind of proxy for the 4 "preferred_*" fields in Transport,
and lets me avoid exposing those fields directly in case i change my mind
later about how they should be stored.
added some docs to Channel explaining that the request methods now return
True/False, and fixed up docs in a few other places.
replay patch 63 (missing channel changes)
i'm still getting the hang of tla/arch, obviously.
replay patch 63, which was meant to be part of the later mega-patch, but
apparently when i reversed it, i lost it entirely.
add settimeout/gettimeout/setblocking, some bugfixes.
hide the command and response codes in sftp so they aren't exported.
add settimeout/gettimeout/setblocking that just wrap calls to the underlying
socket or channel. fix _read_all to not catch timeout exceptions.
some Channel fixes for max packet size & blocking on zero window
some clean-ups and fixes to channels:
* when send() is blocked on a zero-width window, check that the channel is
still open. this was causing some lockups.
* set a lower bound to the "maximum packet size" we accept from the remote
host. if they tell us anything less than 1KB, assume they meant 1KB. (it's
not reasonable to fragment below that.)
* leave a little padding instead of cutting right up to the maximum packet
size: some space will be taken up by protocol overhead.
* turn off some of the debug log lines unless "ultra_debug" is on (nobody
cares about the feed info)
fix deadlock in closing a channel
closing a channel would enter an odd codepath where the lock was grabbed,
some stuff was done, then another function was called where the lock was
grabbed again. unfortunately python locks aren't monitors so this would
deadlock. instead, make the smaller function lock-free with an explicit
notice that you must be holding the lock before calling.
fearow date and last-minute fixes
update release date of fearow to 23apr. fix channel._set_closed() to grab
the lock before notifying the in/out buffers that the channel is closed.
try roger's trick for finding the home folder on windows.
add get_username() method for remembering who you auth'd as
add get_username() method for remembering who you auth'd as. also, fix these
bugs:
* "continue" auth response counted as a failure (in server mode).
* try to import 'logging' in py22 before falling back to the fake logger,
in case they have a backported version of 'logger'
* raise the right exception when told to read a private key from a file that
isn't a private key file
* tell channels to close when the transport dies
support py22, more or less
add roger binns' patches for supporting python 2.2. i hedged a bit on the
logging stuff and just added some trickery to let logging be stubbed out for
python 2.2. this changed a lot of import statements but i managed to avoid
hacking at any of the existing logging.
socket timeouts are required for the threads to notice when they've been
deactivated. worked around it by using the 'select' module on py22.
also fixed the sftp unit tests to cope with a password-protected private key.
add BufferedFile abstraction
SFTP client mode is mostly functional. there are probably still some bugs
but most of the operations on "file" objects have survived my simple tests.
BufferedFile wraps a simpler stream in something that looks like a python
file (and can even handle seeking if the stream underneath supports it).
it's meant to be subclassed. most of it is ripped out of what used to be
ChannelFile so i can reuse it for sftp -- ChannelFile is now tiny.
SFTP and Message are now exported.
fixed util.format_binary_line to not quote spaces.
fix MANIFEST.in, change version numbers to 0.9-doduo, fix LPGL notices
fixed MANIFEST.in to include the demo scripts, LICENSE, and ChangeLog.
upped everything to version 0.9-doduo.
fixed the copyright notice, and added the LGPL banner to the top of every
python file.
more docs, and password-protected key files can now be read
lots more documentation, some of it moved out of the README file, which is
now much smaller and less rambling.
repr(Transport) now reports the number of bits used in the cipher.
cleaned up BER to use util functions, and throw a proper exception (the new
BERException) on error. it doesn't ever have to be a full BER decoder, but
it can at least comb its hair and tuck in its shirt.
lots of stuff added to PKey.read_private_key_file so it can try to decode
password-protected key files. right now it only understands "DES-EDE3-CBC"
format, but this is the only format i've seen openssh make so far. if the
key is password-protected, but no password was given, a new exception
(PasswordRequiredException) is raised so an outer layer can ask for a password
and try again.
lots more documentation, and added Transport.connect()
renamed demo_host_key to demo_rsa_key. moved changelog to a separate file,
and indicated that future changelog entries should be fetched from tla.
tried to clean up "__all__" in a way that makes epydoc still work.
added lots more documentation, and renamed many methods and vars to hide
them as private non-exported API.
Transport's ModulusPack is now a static member, so it only has to be loaded
once, and can then be used by any future Transport object.
added Transport.connect(), which tries to wrap all the SSH2 negotiation and
authentication into one method. you should be able to create a Transport,
call connect(), and then create channels.
hook up server-side kex-gex; add more documentation
group-exchange kex should work now on the server side. it will only be
advertised if a "moduli" file has been loaded (see the -gasp- docs) so we
don't spend hours (literally. hours.) computing primes. some of the logic
was previously wrong, too, since it had never been tested.
fixed repr() string for Transport/BaseTransport. moved is_authenticated to
Transport where it belongs.
added lots of documentation (but still only about 10% documented). lots of
methods were made private finally.
fix up new paramiko/ folder.
moved SSHException to a new file (ssh_exception.py) and turned paramiko.py
into an __init__.py file. i'm still not entirely sure how this normally
works, so i may have done something wrong, but it's supposed to work the
same as before.
Robey Pointer