410 lines
18 KiB
Plaintext
410 lines
18 KiB
Plaintext
|
|
====
|
|
NEWS
|
|
====
|
|
|
|
Highlights of what's new in each release.
|
|
|
|
Issues noted as "'ssh' #NN" can be found at https://github.com/bitprophet/ssh/.
|
|
|
|
Issues noted as "Fabric #NN" can be found at https://github.com/fabric/fabric/.
|
|
|
|
Releases
|
|
========
|
|
|
|
v1.8.1 (DD MM YYYY)
|
|
-------------------
|
|
|
|
* #90: Ensure that callbacks handed to `SFTPClient.get()` always fire at least
|
|
once, even for zero-length files downloaded. Thanks to Github user `@enB` for
|
|
the catch.
|
|
* #85: Paramiko's test suite overrides
|
|
`unittest.TestCase.assertTrue/assertFalse` to provide these modern assertions
|
|
to Python 2.2/2.3, which lacked them. However on newer Pythons such as 2.7,
|
|
this now causes deprecation warnings. The overrides have been patched to only
|
|
execute when necessary. Thanks to `@Arfrever` for catch & patch.
|
|
|
|
|
|
v1.8.0 (3rd Oct 2012)
|
|
---------------------
|
|
|
|
* 'ssh' 32: Raise a more useful error explaining which `known_hosts` key line was
|
|
problematic, when encountering `binascii` issues decoding known host keys.
|
|
Thanks to `@thomasvs` for catch & patch.
|
|
* 'ssh' 33: Bring `ssh_config` parsing more in line with OpenSSH spec, re: order of
|
|
setting overrides by `Host` specifiers. Specifically, the overrides now go by
|
|
file order instead of automatically sorting by `Host` value length. In
|
|
addition, the first value found per config key (e.g. `Port`, `User` etc)
|
|
wins, instead of the last. Thanks to Jan Brauer for the contribution.
|
|
* 'ssh' 36: Support new server two-factor authentication option
|
|
(`RequiredAuthentications2`), at least re: combining key-based & password
|
|
auth. Thanks to Github user `bninja`.
|
|
* 'ssh' 11: When raising an exception for hosts not listed in
|
|
`known_hosts` (when `RejectPolicy` is in effect) the exception message was
|
|
confusing/vague. This has been improved somewhat. Thanks to Cal Leeming for
|
|
highlighting the issue.
|
|
* 'ssh' 40: Fixed up & expanded EINTR signal handling. Thanks to Douglas Turk.
|
|
* 'ssh' 15: Implemented parameter substitution in SSHConfig, matching the
|
|
implementation of `ssh_config(5)`. Thanks to Olle Lundberg for the patch.
|
|
* 'ssh' 24: Switch some internal type checking to use `isinstance` to help prevent
|
|
problems with client libraries using subclasses of builtin types. Thanks to
|
|
Alex Morega for the patch.
|
|
* Fabric #562: Agent forwarding would error out (with `Authentication response
|
|
too long`) or freeze, when more than one remote connection to the local agent
|
|
was active at the same time. This has been fixed. Thanks to Steven McDonald
|
|
for assisting in troubleshooting/patching, and to GitHub user `@lynxis` for
|
|
providing the final version of the patch.
|
|
* 'ssh' 5: Moved a `fcntl` import closer to where it's used to help avoid
|
|
`ImportError` problems on Windows platforms. Thanks to Jason Coombs for the
|
|
catch + suggested fix.
|
|
* 'ssh' 4: Updated implementation of WinPageant integration to work on 64-bit
|
|
Windows. Thanks again to Jason Coombs for the patch.
|
|
* Added an IO loop sleep() call to avoid needless CPU usage when agent
|
|
forwarding is in use.
|
|
* Handful of internal tweaks to version number storage.
|
|
* Updated `setup.py` with `==dev` install URL for `pip` users.
|
|
* Updated `setup.py` to account for packaging problems in PyCrypto 2.4.0
|
|
* Added an extra `atfork()` call to help prevent spurious RNG errors when
|
|
running under high parallel (multiprocess) load.
|
|
* Merge PR #28: https://github.com/paramiko/paramiko/pull/28 which adds a
|
|
ssh-keygen like demo module. (Sofian Brabez)
|
|
|
|
v1.7.7.2 16may12
|
|
----------------
|
|
* Merge pull request #63: https://github.com/paramiko/paramiko/pull/63 which
|
|
fixes exceptions that occur when re-keying over fast connections. (Dwayne
|
|
Litzenberger)
|
|
|
|
v1.7.7.1 (George) 21may11
|
|
-------------------------
|
|
* Make the verification phase of SFTP.put optional (Larry Wright)
|
|
* Patches to fix AIX support (anonymous)
|
|
* Patch from Michele Bertoldi to allow compression to be turned on in the
|
|
client constructor.
|
|
* Patch from Shad Sharma to raise an exception if the transport isn't active
|
|
when you try to open a new channel.
|
|
* Stop leaking file descriptors in the SSH agent (John Adams)
|
|
* More fixes for Windows address family support (Andrew Bennetts)
|
|
* Use Crypto.Random rather than Crypto.Util.RandomPool
|
|
(Gary van der Merwe, #271791)
|
|
* Support for openssl keys (tehfink)
|
|
* Fix multi-process support by calling Random.atfork (sugarc0de)
|
|
|
|
v1.7.6 (Fanny) 1nov09
|
|
---------------------
|
|
* fixed bugs 411099 (sftp chdir isn't unicode-safe), 363163 & 411910 (more
|
|
IPv6 problems on windows), 413850 (race when server closes the channel),
|
|
426925 (support port numbers in host keys)
|
|
|
|
v1.7.5 (Ernest) 19jul09
|
|
-----------------------
|
|
* added support for ARC4 cipher and CTR block chaining (Denis Bernard)
|
|
* made transport threads daemonize, to fix python 2.6 atexit behavior
|
|
* support unicode hostnames, and IP6 addresses (Maxime Ripard, Shikhar
|
|
Bhushan)
|
|
* various small bug fixes
|
|
|
|
v1.7.4 (Desmond) 06jul08
|
|
------------------------
|
|
* more randpool fixes for windows, from Dwayne Litzenberger
|
|
(NOTE: this may require a pycrypto upgrade on windows)
|
|
* fix potential deadlock during key exchange (Dwayne Litzenberger)
|
|
* remove MFC dependency from windows (Mark Hammond)
|
|
* added some optional API improvements for SFTPClient get() and put()
|
|
|
|
v1.7.3 (Clara) 23mar08
|
|
----------------------
|
|
* SSHClient can be asked not to use an SSH agent now, and not to search
|
|
for private keys
|
|
* added WarningPolicy option for SSHClient (warn, but allow, on unknown
|
|
server keys)
|
|
* added Channel.exit_status_ready to poll if a channel has received an
|
|
exit status yet
|
|
* new demo for reverse port forwarding
|
|
* (bug 177117) fix UTF-8 passwords
|
|
* (bug 189466) fix typo in osrandom.py
|
|
* (bug 191657) potentially fix a race at channel shutdown
|
|
* (bug 192749) document that SSHClient.connect may raise socket.error
|
|
* (bug 193779) translate EOFError into AuthException during authentication
|
|
* (bug 200416) don't create a new logger object for each channel
|
|
|
|
v1.7.2 (Basil) 21jan08
|
|
----------------------
|
|
* (bug 137219) catch EINTR and handle correctly
|
|
* (bug 157205) fix select() to trigger on stderr for a channel too
|
|
* added SSHClient.get_transport()
|
|
* added Channel.send_ready()
|
|
* added direct-tcpip forwarding [patch from david guerizec]
|
|
* fixed the PRNG to be more secure on windows and in cases where fork() is
|
|
called [patch from dwayne litzenberger]
|
|
|
|
v1.7.1 (Amy) 10jun07
|
|
--------------------
|
|
* windows SSH agent support can use the 'ctypes' module now if 'win32all' is
|
|
not available [patch from alexander belchenko]
|
|
* SFTPClient.listdir_attr() now preserves the 'longname' field [patch from
|
|
wesley augur]
|
|
* SFTPClient.get_channel() API added
|
|
* SSHClient constuctor takes an optional 'timeout' parameter [patch from
|
|
james bardin]
|
|
|
|
v1.7 (zubat) 18feb07
|
|
--------------------
|
|
* added x11 channel support (patch from david guerizec)
|
|
* added reverse port forwarding support
|
|
* (bug 75370) raise an exception when contacting a broken SFTP server
|
|
* (bug 80295) SSHClient shouldn't expand the user directory twice when reading
|
|
RSA/DSS keys
|
|
* (bug 82383) typo in DSS key in SSHClient
|
|
* (bug 83523) python 2.5 warning when encoding a file's modification time
|
|
* if connecting to an SSH agent fails, silently fallback instead of raising
|
|
an exception
|
|
|
|
v1.6.4 (yanma) 19nov06
|
|
----------------------
|
|
* fix setup.py on osx (oops!)
|
|
* (bug 69330) check for the existence of RSA/DSA keys before trying to open
|
|
them in SFTPClient
|
|
* (bug 69222) catch EAGAIN in socket code to workaround a bug in recent
|
|
Linux 2.6 kernels
|
|
* (bug 70398) improve dict emulation in HostKeys objects
|
|
* try harder to make sure all worker threads are joined on Transport.close()
|
|
|
|
v1.6.3 (xatu) 14oct06
|
|
---------------------
|
|
* fixed bug where HostKeys.__setitem__ wouldn't always do the right thing
|
|
* fixed bug in SFTPClient.chdir and SFTPAttributes.__str__ [patch from
|
|
mike barber]
|
|
* try harder not to raise EOFError from within SFTPClient
|
|
* fixed bug where a thread waiting in accept() could block forever if the
|
|
transport dies [patch from mike looijmans]
|
|
|
|
v1.6.2 (weedle) 16aug06
|
|
-----------------------
|
|
* added support for "old" group-exchange server mode, for compatibility
|
|
with the windows putty client
|
|
* fixed some more interactions with SFTP file readv() and prefetch()
|
|
* when saving the known_hosts file, preserve the original order [patch from
|
|
warren young]
|
|
* fix a couple of broken lines when exporting classes (bug 55946)
|
|
|
|
v1.6.1 (vulpix) 10jul06
|
|
-----------------------
|
|
* more unit tests fixed for windows/cygwin (thanks to alexander belchenko)
|
|
* a couple of fixes related to exceptions leaking out of SFTPClient
|
|
* added ability to set items in HostKeys via __setitem__
|
|
* HostKeys now retains order and has a save() method
|
|
* added PKey.write_private_key and PKey.from_private_key
|
|
|
|
v1.6 (umbreon) 10may06
|
|
----------------------
|
|
* pageant support on Windows thanks to john arbash meinel and todd whiteman
|
|
* fixed unit tests to work under windows and cygwin (thanks to alexander
|
|
belchenko for debugging)
|
|
* various bugfixes/tweaks to SFTP file prefetch
|
|
* added SSHClient for a higher-level API
|
|
* SFTP readv() now yields results as it gets them
|
|
* several APIs changed to throw an exception instead of "False" on failure
|
|
|
|
v1.5.4 (tentacool) 11mar06
|
|
--------------------------
|
|
* fixed HostKeys to more correctly emulate a python dict
|
|
* fixed a bug where file read buffering was too aggressive
|
|
* improved prefetching so that out-of-order reads still use the prefetch
|
|
buffer
|
|
* added experimental SFTPFile.readv() call
|
|
* more unit tests
|
|
|
|
v1.5.3 (squirtle) 19feb06
|
|
-------------------------
|
|
* a few performance enhancements
|
|
* added HostKeys, for dealing with openssh style "known_hosts" files, and
|
|
added support for hashed hostnames
|
|
* added Transport.atfork() for dealing with forked children
|
|
* added SFTPClient.truncate, SFTPFile.chmod, SFTPFile.chown, SFTPFile.utime,
|
|
and SFTPFile.truncate
|
|
* improved windows demos [patch from mike looijmans], added an sftp demo, and
|
|
moved demos to the demos/ folder
|
|
* fixed a few interoperability bugs
|
|
* cleaned up logging a bit
|
|
* fixed a bug where EOF on a Channel might not be detected by select [found
|
|
by thomas steinacher]
|
|
* fixed python 2.4-ism that crept in [patch by jan hudec]
|
|
* fixed a few reference loops that could have interacted badly with the python
|
|
garbage collector
|
|
* fixed a bunch of pychecker warnings, some of which were bugs
|
|
|
|
v1.5.2 (rhydon) 04dec05
|
|
-----------------------
|
|
* compression support (opt-in via Transport.use_compression)
|
|
* sftp files may be opened with mode flag 'x' for O_EXCL (exclusive-open)
|
|
behavior, which has no direct python equivalent
|
|
* added experimental util functions for parsing openssh config files
|
|
* fixed a few bugs (and potential deadlocks) with key renegotiation
|
|
* fixed a bug that caused SFTPFile.prefetch to occasionally lock up
|
|
* fixed an sftp bug which affected van dyke sftp servers
|
|
* fixed the behavior of select()ing on a closed channel, such that it will
|
|
always trigger as readable
|
|
|
|
v1.5.1 (quilava) 31oct05
|
|
------------------------
|
|
* SFTPFile.prefetch() added to dramatically speed up downloads (automatically
|
|
turned on in SFTPClient.get())
|
|
* fixed bug where garbage-collected Channels could trigger the Transport to
|
|
close the session (reported by gordon good)
|
|
* fixed a deadlock in rekeying (reported by wendell wood)
|
|
* fixed some windows bugs and SFTPAttributes.__str__() (reported by grzegorz
|
|
makarewicz)
|
|
* better sftp error reporting by adding fake "errno" info to IOErrors
|
|
|
|
v1.5 (paras) 02oct05
|
|
--------------------
|
|
* added support for "keyboard-interactive" authentication
|
|
* added mode (on by default) where password authentication will try to
|
|
fallback to "keyboard-interactive" if it's supported
|
|
* added pipelining to SFTPFile.write and SFTPClient.put
|
|
* fixed bug with SFTPFile.close() not guarding against being called more
|
|
than once (thanks to Nathaniel Smith)
|
|
* fixed broken 'a' flag in SFTPClient.file() (thanks to Nathaniel Smith)
|
|
* fixed up epydocs to look nicer
|
|
* reorganized auth_transport into auth_handler, which seems to be a cleaner
|
|
separation
|
|
* demo scripts fixed to have a better chance of loading the host keys
|
|
correctly on windows/cygwin
|
|
|
|
v1.4 (oddish) 17jul05
|
|
---------------------
|
|
* added SSH-agent support (for posix) from john rochester
|
|
* added chdir() and getcwd() to SFTPClient, to emulate a "working directory"
|
|
* added get() and put() to SFTPClient, to emulate ftp whole-file transfers
|
|
* added check() to SFTPFile (a file hashing protocol extension)
|
|
* fixed Channels and SFTPFiles (among others) to auto-close when GC'd
|
|
* fixed Channel.fileno() for Windows, this time really
|
|
* don't log socket errors as "unknown exception"
|
|
* some misc. backward-compatible API improvements (like allowing
|
|
Transport.start_client() and start_server() to be called in a blocking way)
|
|
|
|
v1.3.1 (nidoran) 28jun05
|
|
------------------------
|
|
* added SFTPClient.close()
|
|
* fixed up some outdated documentation
|
|
* made SFTPClient.file() an alias for open()
|
|
* added Transport.open_sftp_client() for convenience
|
|
* refactored packetizing out of Transport
|
|
* fixed bug (reported by alain s.) where connecting to a non-SSH host could
|
|
cause paramiko to freeze up
|
|
* fixed Channel.fileno() for Windows (again)
|
|
* some more unit tests
|
|
|
|
v1.3 (marowak) 09apr05
|
|
----------------------
|
|
* fixed a bug where packets larger than about 12KB would cause the session
|
|
to die on all platforms except osx
|
|
* added a potential workaround for windows to let Channel.fileno() (and
|
|
therefore the select module) work!
|
|
* changed API for subsystem handlers (sorry!) to pass more info and make it
|
|
easier to write a functional SFTP server
|
|
|
|
v1.2 (lapras) 28feb05
|
|
---------------------
|
|
* added SFTPClient.listdir_attr() for fetching a list of files and their
|
|
attributes in one call
|
|
* added Channel.recv_exit_status() and Channel.send_exit_status() for
|
|
manipulating the exit status of a command from either client or server
|
|
mode
|
|
* moved check_global_request into ServerInterface, where it should've been
|
|
all along (oops)
|
|
* SFTPHandle's default implementations are fleshed out more
|
|
* made logging a bit more consistent, and started logging thread ids
|
|
* fixed a few race conditions, one of which would sometimes cause a Transport
|
|
to fail to start on slow machines
|
|
* more unit tests
|
|
|
|
v1.1 (kabuto) 12dec04
|
|
---------------------
|
|
* server-side SFTP support
|
|
* added support for stderr streams on client & server channels
|
|
* added a new distinct exception for failed client authentication
|
|
when caused by the server rejecting that *type* of auth
|
|
* added support for multi-part authentication
|
|
* fixed bug where get_username() wasn't working in server mode
|
|
|
|
v1.0 (jigglypuff) 06nov04
|
|
-------------------------
|
|
* fixed bug that broke server-mode authentication by private key
|
|
* fixed bug where closing a Channel could end up killing the entire
|
|
Transport
|
|
* actually include demo_windows.py this time (oops!)
|
|
* fixed recently-introduced bug in group-exchange key negotiation that
|
|
would generate the wrong hash (and therefore fail the initial handshake)
|
|
* server-mode subsystem handler is a bit more flexible
|
|
|
|
v0.9 (ivysaur) 22oct04
|
|
----------------------
|
|
* new ServerInterface class for implementing server policy, so it's no
|
|
longer necessary to subclass Transport or Channel -- server code will
|
|
need to be updated to follow this new API! (see demo_server.py)
|
|
* some bugfixes for re-keying an active session
|
|
* Transport.get_security_options() allows fine-tuned control over the
|
|
crypto negotiation on a new session
|
|
* Transport.connect() takes a single hostkey object now instead of two
|
|
string parameters
|
|
* the Channel request methods (like 'exec_command') now return True on
|
|
success or False on failure
|
|
* added a mechanism for providing subsystems in server mode (and a new
|
|
class to be subclassed: SubsystemHandler)
|
|
* renamed SFTP -> SFTPClient (but left an alias for existing code)
|
|
* added SFTPClient.normalize() to resolve paths on the server
|
|
* fleshed out the API a bit more for SFTPClient and private keys
|
|
* a bunch of new unit tests!
|
|
|
|
v0.9 (horsea) 27jun04
|
|
---------------------
|
|
* fixed a lockup that could happen if the channel was closed while the
|
|
send window was full
|
|
* better checking of maximum packet sizes
|
|
* better line buffering for file objects
|
|
* now chops sftp requests into smaller packets for some older servers
|
|
* more sftp unit tests
|
|
|
|
v0.9 (gyarados) 31may04
|
|
-----------------------
|
|
* Transport.open_channel() -- supports local & remote port forwarding now
|
|
* now imports UTF-8 encodings explicitly as a hint to "freeze" utilities
|
|
* no longer rejects older SFTP servers
|
|
* default packet size bumped to 8kB
|
|
* fixed deadlock in closing a channel
|
|
* Transport.connect() -- fixed bug where it would always fail when given a
|
|
host key to verify
|
|
|
|
v0.9 (fearow) 23apr04
|
|
---------------------
|
|
* Transport.send_ignore() -- send random ignored bytes
|
|
* RSAKey/DSSKey added from_private_key_file() as a factory constructor;
|
|
write_private_key_file() & generate() to create and save ssh2 keys;
|
|
get_base64() to retrieve the exported public key
|
|
* Transport added global_request() [client] and check_global_request()
|
|
[server]
|
|
* Transport.get_remove_server_key() now returns a PKey object instead of a
|
|
tuple of strings
|
|
* Transport.get_username() -- return the username you auth'd as [client]
|
|
* Transport.set_keepalive() -- makes paramiko send periodic junk packets
|
|
to the remote host, to keep the session active
|
|
* python 2.2 support (thanks to Roger Binns)
|
|
* misc. bug fixes
|
|
|
|
v0.9 (eevee) 08mar04
|
|
--------------------
|
|
|
|
v0.9 (doduo) 04jan04
|
|
--------------------
|
|
|
|
v0.1 (charmander) 10nov03
|
|
-------------------------
|
|
|
|
v0.1 (bulbasaur) 18sep03
|
|
------------------------
|
|
|
|
v0.1 (aerodactyl) 13sep03
|
|
-------------------------
|