Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-paramiko for openSUSE:Factory
checked in at 2022-05-30 12:42:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-paramiko (Old)
and /work/SRC/openSUSE:Factory/.python-paramiko.new.2254 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-paramiko"
Mon May 30 12:42:42 2022 rev:55 rq:979467 version:2.11.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-paramiko/python-paramiko.changes
2022-05-01 18:53:35.639163260 +0200
+++
/work/SRC/openSUSE:Factory/.python-paramiko.new.2254/python-paramiko.changes
2022-05-30 12:43:19.852341060 +0200
@@ -1,0 +2,34 @@
+Thu May 26 20:43:45 UTC 2022 - Michael Str??der <[email protected]>
+
+- update to 2.11.0
+ * [Feature] #1951: Add SSH config token expansion (eg %h, %p) when
+ parsing ProxyJump directives.
+ * [Support] #2004: (via #2011) Apply unittest skipIf to tests currently
+ using SHA1 in their critical path, to avoid failures on systems starting
+ to disable SHA1 outright in their crypto backends (eg RHEL 9).
+ * [Support] #1838: (via #1870/#2028) Update camelCase method calls
+ against the threading module to be snake_case; this and related tweaks
+ should fix some deprecation warnings under Python 3.10.
+ * [Support] #2038: (via #2039) Recent versions of Cryptography have
+ deprecated Blowfish algorithm support; in lieu of an easy method for
+ users to remove it from the list of algorithms Paramiko tries to import
+ and use, we???ve decided to remove it from our ???preferred algorithms???
list.
+ This will both discourage use of a weak algorithm, and avoid warnings.
+- update to 2.10.5
+ * [Bug] #2008: (via #2010) Windows-native SSH agent support as merged in
+ 2.10 could encounter Errno 22 OSError exceptions in some scenarios
+ (eg server not cleanly closing a relevant named pipe).
+ This has been worked around and should be less problematic.
+ * [Bug] #2017: OpenSSH 7.7 and older has a bug preventing it from
+ understanding how to perform SHA2 signature verification for RSA
+ certificates (specifically certs - not keys), so when we added SHA2
+ support it broke all clients using RSA certificates with these servers.
+ This has been fixed in a manner similar to what OpenSSH???s own client
+ does: a version check is performed and the algorithm used is downgraded
+ if needed.
+ * [Bug] #1933: Align signature verification algorithm with OpenSSH re:
+ zero-padding signatures which don???t match their nominal size/length.
This
+ shouldn???t affect most users, but will help Paramiko-implemented SSH
+ servers handle poorly behaved clients such as PuTTY.
+
+-------------------------------------------------------------------
Old:
----
paramiko-2.10.4.tar.gz
New:
----
paramiko-2.11.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-paramiko.spec ++++++
--- /var/tmp/diff_new_pack.3dlrsJ/_old 2022-05-30 12:43:20.384341768 +0200
+++ /var/tmp/diff_new_pack.3dlrsJ/_new 2022-05-30 12:43:20.388341773 +0200
@@ -19,7 +19,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%define skip_python2 1
Name: python-paramiko
-Version: 2.10.4
+Version: 2.11.0
Release: 0
Summary: SSH2 protocol library
License: LGPL-2.1-or-later
++++++ paramiko-2.10.4.tar.gz -> paramiko-2.11.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/PKG-INFO new/paramiko-2.11.0/PKG-INFO
--- old/paramiko-2.10.4/PKG-INFO 2022-04-25 18:26:15.000000000 +0200
+++ new/paramiko-2.11.0/PKG-INFO 2022-05-17 03:06:27.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: paramiko
-Version: 2.10.4
+Version: 2.11.0
Summary: SSH2 protocol library
Home-page: https://paramiko.org
Author: Jeff Forcier
@@ -77,7 +77,7 @@
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
-Provides-Extra: ed25519
+Provides-Extra: gssapi
Provides-Extra: all
Provides-Extra: invoke
-Provides-Extra: gssapi
+Provides-Extra: ed25519
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/demos/demo.py
new/paramiko-2.11.0/demos/demo.py
--- old/paramiko-2.10.4/demos/demo.py 2022-04-25 18:22:40.000000000 +0200
+++ new/paramiko-2.11.0/demos/demo.py 2022-05-17 03:04:13.000000000 +0200
@@ -16,7 +16,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import base64
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/demos/demo_keygen.py
new/paramiko-2.11.0/demos/demo_keygen.py
--- old/paramiko-2.10.4/demos/demo_keygen.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/demos/demo_keygen.py 2022-05-17 03:04:13.000000000
+0200
@@ -16,7 +16,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import sys
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/demos/demo_server.py
new/paramiko-2.11.0/demos/demo_server.py
--- old/paramiko-2.10.4/demos/demo_server.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/demos/demo_server.py 2022-05-17 03:04:13.000000000
+0200
@@ -16,7 +16,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import base64
from binascii import hexlify
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/demos/demo_sftp.py
new/paramiko-2.11.0/demos/demo_sftp.py
--- old/paramiko-2.10.4/demos/demo_sftp.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/demos/demo_sftp.py 2022-05-17 03:04:13.000000000
+0200
@@ -16,7 +16,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# based on code provided by raymond mosteller (thanks!)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/demos/demo_simple.py
new/paramiko-2.11.0/demos/demo_simple.py
--- old/paramiko-2.10.4/demos/demo_simple.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/demos/demo_simple.py 2022-05-17 03:04:13.000000000
+0200
@@ -16,7 +16,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import base64
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/demos/forward.py
new/paramiko-2.11.0/demos/forward.py
--- old/paramiko-2.10.4/demos/forward.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/demos/forward.py 2022-05-17 03:04:13.000000000
+0200
@@ -16,7 +16,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Sample script showing how to do local port forwarding over paramiko.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/demos/interactive.py
new/paramiko-2.11.0/demos/interactive.py
--- old/paramiko-2.10.4/demos/interactive.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/demos/interactive.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import socket
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/demos/rforward.py
new/paramiko-2.11.0/demos/rforward.py
--- old/paramiko-2.10.4/demos/rforward.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/demos/rforward.py 2022-05-17 03:04:13.000000000
+0200
@@ -16,7 +16,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Sample script showing how to do remote port forwarding over paramiko.
Binary files old/paramiko-2.10.4/docs/.doctrees/environment.pickle and
new/paramiko-2.11.0/docs/.doctrees/environment.pickle differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/__init__.py
new/paramiko-2.11.0/paramiko/__init__.py
--- old/paramiko-2.10.4/paramiko/__init__.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/__init__.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# flake8: noqa
import sys
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/_version.py
new/paramiko-2.11.0/paramiko/_version.py
--- old/paramiko-2.10.4/paramiko/_version.py 2022-04-25 18:25:50.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/_version.py 2022-05-17 03:06:20.000000000
+0200
@@ -1,2 +1,2 @@
-__version_info__ = (2, 10, 4)
+__version_info__ = (2, 11, 0)
__version__ = ".".join(map(str, __version_info__))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/agent.py
new/paramiko-2.11.0/paramiko/agent.py
--- old/paramiko-2.10.4/paramiko/agent.py 2022-04-25 18:25:27.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/agent.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
SSH Agent interface
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/auth_handler.py
new/paramiko-2.11.0/paramiko/auth_handler.py
--- old/paramiko-2.10.4/paramiko/auth_handler.py 2022-04-25
18:22:40.000000000 +0200
+++ new/paramiko-2.11.0/paramiko/auth_handler.py 2022-05-17
03:04:13.000000000 +0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
`.AuthHandler`
@@ -22,6 +22,7 @@
import weakref
import time
+import re
from paramiko.common import (
cMSG_SERVICE_REQUEST,
@@ -298,6 +299,23 @@
key_type
),
)
+ # NOTE re #2017: When the key is an RSA cert and the remote server is
+ # OpenSSH 7.7 or earlier, always use [email protected].
+ # Those versions of the server won't support rsa-sha2 family sig algos
+ # for certs specifically, and in tandem with various server bugs
+ # regarding server-sig-algs, it's impossible to fit this into the rest
+ # of the logic here.
+ if key_type.endswith("[email protected]") and re.search(
+ r"-OpenSSH_(?:[1-6]|7\.[0-7])", self.transport.remote_version
+ ):
+ pubkey_algo = "[email protected]"
+ self.transport._agreed_pubkey_algorithm = pubkey_algo
+ self._log(DEBUG, "OpenSSH<7.8 + RSA cert = forcing ssh-rsa!")
+ self._log(
+ DEBUG, "Agreed upon {!r} pubkey algorithm".format(pubkey_algo)
+ )
+ return pubkey_algo
+ # Normal attempts to handshake follow from here.
# Only consider RSA algos from our list, lest we agree on another!
my_algos = [x for x in self.transport.preferred_pubkeys if "rsa" in x]
self._log(DEBUG, "Our pubkey algorithm list: {}".format(my_algos))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/ber.py
new/paramiko-2.11.0/paramiko/ber.py
--- old/paramiko-2.10.4/paramiko/ber.py 2022-04-25 18:22:40.000000000 +0200
+++ new/paramiko-2.11.0/paramiko/ber.py 2022-05-17 03:04:13.000000000 +0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
from paramiko.common import max_byte, zero_byte
from paramiko.py3compat import b, byte_ord, byte_chr, long
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/buffered_pipe.py
new/paramiko-2.11.0/paramiko/buffered_pipe.py
--- old/paramiko-2.10.4/paramiko/buffered_pipe.py 2022-04-25
18:22:40.000000000 +0200
+++ new/paramiko-2.11.0/paramiko/buffered_pipe.py 2022-05-17
03:04:13.000000000 +0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Attempt to generalize the "feeder" part of a `.Channel`: an object which can be
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/channel.py
new/paramiko-2.11.0/paramiko/channel.py
--- old/paramiko-2.10.4/paramiko/channel.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/channel.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Abstraction for an SSH2 channel.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/client.py
new/paramiko-2.11.0/paramiko/client.py
--- old/paramiko-2.10.4/paramiko/client.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/client.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
SSH client & key policies
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/common.py
new/paramiko-2.11.0/paramiko/common.py
--- old/paramiko-2.10.4/paramiko/common.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/common.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Common constants and global variables.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/compress.py
new/paramiko-2.11.0/paramiko/compress.py
--- old/paramiko-2.10.4/paramiko/compress.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/compress.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Compression implementations for a Transport.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/config.py
new/paramiko-2.11.0/paramiko/config.py
--- old/paramiko-2.10.4/paramiko/config.py 2022-04-25 18:25:27.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/config.py 2022-05-17 03:04:13.000000000
+0200
@@ -15,7 +15,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Configuration file (aka ``ssh_config``) support.
@@ -64,6 +64,7 @@
"hostname": ["%h"],
"identityfile": ["%C", "~", "%d", "%h", "%l", "%u", "%r"],
"proxycommand": ["~", "%h", "%p", "%r"],
+ "proxyjump": ["%h", "%p", "%r"],
# Doesn't seem worth making this 'special' for now, it will fit well
# enough (no actual match-exec config key to be confused with).
"match-exec": ["%C", "%d", "%h", "%L", "%l", "%n", "%p", "%r", "%u"],
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/dsskey.py
new/paramiko-2.11.0/paramiko/dsskey.py
--- old/paramiko-2.10.4/paramiko/dsskey.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/dsskey.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
DSS keys.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/ecdsakey.py
new/paramiko-2.11.0/paramiko/ecdsakey.py
--- old/paramiko-2.10.4/paramiko/ecdsakey.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/ecdsakey.py 2022-05-17 03:04:13.000000000
+0200
@@ -7,14 +7,14 @@
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
-# Paramiko is distrubuted in the hope that it will be useful, but WITHOUT ANY
+# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
ECDSA keys
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/ed25519key.py
new/paramiko-2.11.0/paramiko/ed25519key.py
--- old/paramiko-2.10.4/paramiko/ed25519key.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/ed25519key.py 2022-05-17 03:04:13.000000000
+0200
@@ -5,14 +5,14 @@
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
-# Paramiko is distrubuted in the hope that it will be useful, but WITHOUT ANY
+# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import bcrypt
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/file.py
new/paramiko-2.11.0/paramiko/file.py
--- old/paramiko-2.10.4/paramiko/file.py 2022-04-25 18:25:27.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/file.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
from paramiko.common import (
linefeed_byte_value,
crlf,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/hostkeys.py
new/paramiko-2.11.0/paramiko/hostkeys.py
--- old/paramiko-2.10.4/paramiko/hostkeys.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/hostkeys.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import binascii
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/kex_gex.py
new/paramiko-2.11.0/paramiko/kex_gex.py
--- old/paramiko-2.10.4/paramiko/kex_gex.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/kex_gex.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Variant on `KexGroup1 <paramiko.kex_group1.KexGroup1>` where the prime "p" and
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/kex_group1.py
new/paramiko-2.11.0/paramiko/kex_group1.py
--- old/paramiko-2.10.4/paramiko/kex_group1.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/kex_group1.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Standard SSH key exchange ("kex" if you wanna sound cool). Diffie-Hellman of
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/kex_group14.py
new/paramiko-2.11.0/paramiko/kex_group14.py
--- old/paramiko-2.10.4/paramiko/kex_group14.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/kex_group14.py 2022-05-17 03:04:13.000000000
+0200
@@ -7,14 +7,14 @@
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
-# Paramiko is distrubuted in the hope that it will be useful, but WITHOUT ANY
+# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Standard SSH key exchange ("kex" if you wanna sound cool). Diffie-Hellman of
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/kex_group16.py
new/paramiko-2.11.0/paramiko/kex_group16.py
--- old/paramiko-2.10.4/paramiko/kex_group16.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/kex_group16.py 2022-05-17 03:04:13.000000000
+0200
@@ -7,14 +7,14 @@
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
-# Paramiko is distrubuted in the hope that it will be useful, but WITHOUT ANY
+# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Standard SSH key exchange ("kex" if you wanna sound cool). Diffie-Hellman of
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/kex_gss.py
new/paramiko-2.11.0/paramiko/kex_gss.py
--- old/paramiko-2.10.4/paramiko/kex_gss.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/kex_gss.py 2022-05-17 03:04:13.000000000
+0200
@@ -17,7 +17,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/message.py
new/paramiko-2.11.0/paramiko/message.py
--- old/paramiko-2.10.4/paramiko/message.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/message.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Implementation of an SSH2 "message".
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/packet.py
new/paramiko-2.11.0/paramiko/packet.py
--- old/paramiko-2.10.4/paramiko/packet.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/packet.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Packet handling
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/pipe.py
new/paramiko-2.11.0/paramiko/pipe.py
--- old/paramiko-2.10.4/paramiko/pipe.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/pipe.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Abstraction of a one-way pipe where the read end can be used in
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/pkey.py
new/paramiko-2.11.0/paramiko/pkey.py
--- old/paramiko-2.10.4/paramiko/pkey.py 2022-04-25 18:25:27.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/pkey.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Common API for all public keys.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/primes.py
new/paramiko-2.11.0/paramiko/primes.py
--- old/paramiko-2.10.4/paramiko/primes.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/primes.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Utility functions for dealing with primes.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/proxy.py
new/paramiko-2.11.0/paramiko/proxy.py
--- old/paramiko-2.10.4/paramiko/proxy.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/proxy.py 2022-05-17 03:04:13.000000000
+0200
@@ -7,14 +7,14 @@
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
-# Paramiko is distrubuted in the hope that it will be useful, but WITHOUT ANY
+# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import os
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/rsakey.py
new/paramiko-2.11.0/paramiko/rsakey.py
--- old/paramiko-2.10.4/paramiko/rsakey.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/rsakey.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
RSA keys.
@@ -141,12 +141,16 @@
if isinstance(key, rsa.RSAPrivateKey):
key = key.public_key()
+ # NOTE: pad received signature with leading zeros, key.verify()
+ # expects a signature of key size (e.g. PuTTY doesn't pad)
+ sign = msg.get_binary()
+ diff = key.key_size - len(sign) * 8
+ if diff > 0:
+ sign = b"\x00" * ((diff + 7) // 8) + sign
+
try:
key.verify(
- msg.get_binary(),
- data,
- padding.PKCS1v15(),
- self.HASHES[sig_algorithm](),
+ sign, data, padding.PKCS1v15(), self.HASHES[sig_algorithm]()
)
except InvalidSignature:
return False
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/server.py
new/paramiko-2.11.0/paramiko/server.py
--- old/paramiko-2.10.4/paramiko/server.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/server.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
`.ServerInterface` is an interface to override for server support.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/sftp.py
new/paramiko-2.11.0/paramiko/sftp.py
--- old/paramiko-2.10.4/paramiko/sftp.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/sftp.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import select
import socket
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/sftp_attr.py
new/paramiko-2.11.0/paramiko/sftp_attr.py
--- old/paramiko-2.10.4/paramiko/sftp_attr.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/sftp_attr.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import stat
import time
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/sftp_client.py
new/paramiko-2.11.0/paramiko/sftp_client.py
--- old/paramiko-2.10.4/paramiko/sftp_client.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/sftp_client.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
from binascii import hexlify
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/sftp_file.py
new/paramiko-2.11.0/paramiko/sftp_file.py
--- old/paramiko-2.10.4/paramiko/sftp_file.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/sftp_file.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
SFTP file object
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/sftp_handle.py
new/paramiko-2.11.0/paramiko/sftp_handle.py
--- old/paramiko-2.10.4/paramiko/sftp_handle.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/sftp_handle.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Abstraction of an SFTP file handle (for server mode).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/sftp_server.py
new/paramiko-2.11.0/paramiko/sftp_server.py
--- old/paramiko-2.10.4/paramiko/sftp_server.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/sftp_server.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Server-mode SFTP support.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/sftp_si.py
new/paramiko-2.11.0/paramiko/sftp_si.py
--- old/paramiko-2.10.4/paramiko/sftp_si.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/sftp_si.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
An interface to override for SFTP server support.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/ssh_exception.py
new/paramiko-2.11.0/paramiko/ssh_exception.py
--- old/paramiko-2.10.4/paramiko/ssh_exception.py 2022-04-25
18:22:40.000000000 +0200
+++ new/paramiko-2.11.0/paramiko/ssh_exception.py 2022-05-17
03:04:13.000000000 +0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import socket
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/ssh_gss.py
new/paramiko-2.11.0/paramiko/ssh_gss.py
--- old/paramiko-2.10.4/paramiko/ssh_gss.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/ssh_gss.py 2022-05-17 03:04:13.000000000
+0200
@@ -16,7 +16,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/transport.py
new/paramiko-2.11.0/paramiko/transport.py
--- old/paramiko-2.10.4/paramiko/transport.py 2022-04-25 18:25:27.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/transport.py 2022-05-17 03:04:13.000000000
+0200
@@ -15,7 +15,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Core protocol implementation
@@ -158,7 +158,6 @@
"aes128-cbc",
"aes192-cbc",
"aes256-cbc",
- "blowfish-cbc",
"3des-cbc",
)
_preferred_macs = (
@@ -232,12 +231,6 @@
"block-size": 16,
"key-size": 32,
},
- "blowfish-cbc": {
- "class": algorithms.Blowfish,
- "mode": modes.CBC,
- "block-size": 8,
- "key-size": 16,
- },
"aes128-cbc": {
"class": algorithms.AES,
"mode": modes.CBC,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/util.py
new/paramiko-2.11.0/paramiko/util.py
--- old/paramiko-2.10.4/paramiko/util.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/util.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Useful functions used by the rest of paramiko.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/win_openssh.py
new/paramiko-2.11.0/paramiko/win_openssh.py
--- old/paramiko-2.10.4/paramiko/win_openssh.py 2022-04-25 18:25:27.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/win_openssh.py 2022-05-17 03:04:13.000000000
+0200
@@ -15,26 +15,42 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import os.path
+import time
PIPE_NAME = r"\\.\pipe\openssh-ssh-agent"
def can_talk_to_agent():
- return os.path.exists(PIPE_NAME)
+ # use os.listdir() instead of os.path.exists(), because os.path.exists()
+ # uses CreateFileW() API and the pipe cannot be reopen unless the server
+ # calls DisconnectNamedPipe().
+ dir_, name = os.path.split(PIPE_NAME)
+ name = name.lower()
+ return any(name == n.lower() for n in os.listdir(dir_))
class OpenSSHAgentConnection:
def __init__(self):
- self._pipe = open(PIPE_NAME, "rb+", buffering=0)
+ while True:
+ try:
+ self._pipe = os.open(PIPE_NAME, os.O_RDWR | os.O_BINARY)
+ except OSError as e:
+ # retry when errno 22 which means that the server has not
+ # called DisconnectNamedPipe() yet.
+ if e.errno != 22:
+ raise
+ else:
+ break
+ time.sleep(0.1)
def send(self, data):
- return self._pipe.write(data)
+ return os.write(self._pipe, data)
def recv(self, n):
- return self._pipe.read(n)
+ return os.read(self._pipe, n)
def close(self):
- return self._pipe.close()
+ return os.close(self._pipe)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko/win_pageant.py
new/paramiko-2.11.0/paramiko/win_pageant.py
--- old/paramiko-2.10.4/paramiko/win_pageant.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/paramiko/win_pageant.py 2022-05-17 03:04:13.000000000
+0200
@@ -15,7 +15,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Functions for communicating with Pageant, the basic windows ssh agent program.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/paramiko.egg-info/PKG-INFO
new/paramiko-2.11.0/paramiko.egg-info/PKG-INFO
--- old/paramiko-2.10.4/paramiko.egg-info/PKG-INFO 2022-04-25
18:26:15.000000000 +0200
+++ new/paramiko-2.11.0/paramiko.egg-info/PKG-INFO 2022-05-17
03:06:27.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: paramiko
-Version: 2.10.4
+Version: 2.11.0
Summary: SSH2 protocol library
Home-page: https://paramiko.org
Author: Jeff Forcier
@@ -77,7 +77,7 @@
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
-Provides-Extra: ed25519
+Provides-Extra: gssapi
Provides-Extra: all
Provides-Extra: invoke
-Provides-Extra: gssapi
+Provides-Extra: ed25519
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/setup_helper.py
new/paramiko-2.11.0/setup_helper.py
--- old/paramiko-2.10.4/setup_helper.py 2022-04-25 18:22:40.000000000 +0200
+++ new/paramiko-2.11.0/setup_helper.py 2022-05-17 03:04:13.000000000 +0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# Note: Despite the copyright notice, this was submitted by John
# Arbash Meinel. Thanks John!
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/loop.py
new/paramiko-2.11.0/tests/loop.py
--- old/paramiko-2.10.4/tests/loop.py 2022-04-25 18:22:40.000000000 +0200
+++ new/paramiko-2.11.0/tests/loop.py 2022-05-17 03:04:13.000000000 +0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import socket
import threading
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/stub_sftp.py
new/paramiko-2.11.0/tests/stub_sftp.py
--- old/paramiko-2.10.4/tests/stub_sftp.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/stub_sftp.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
A stub SFTP server for loopback SFTP testing.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_auth.py
new/paramiko-2.11.0/tests/test_auth.py
--- old/paramiko-2.10.4/tests/test_auth.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_auth.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for authenticating over a Transport.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_buffered_pipe.py
new/paramiko-2.11.0/tests/test_buffered_pipe.py
--- old/paramiko-2.10.4/tests/test_buffered_pipe.py 2022-04-25
18:22:40.000000000 +0200
+++ new/paramiko-2.11.0/tests/test_buffered_pipe.py 2022-05-17
03:04:13.000000000 +0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for BufferedPipe.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_client.py
new/paramiko-2.11.0/tests/test_client.py
--- old/paramiko-2.10.4/tests/test_client.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_client.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for SSHClient.
@@ -41,7 +41,7 @@
from paramiko.pkey import PublicBlob
from paramiko.ssh_exception import SSHException, AuthenticationException
-from .util import _support, slow
+from .util import _support, requires_sha1_signing, slow
requires_gss_auth = unittest.skipUnless(
@@ -152,7 +152,12 @@
self.sockl.close()
def _run(
- self, allowed_keys=None, delay=0, public_blob=None, kill_event=None
+ self,
+ allowed_keys=None,
+ delay=0,
+ public_blob=None,
+ kill_event=None,
+ server_name=None,
):
if allowed_keys is None:
allowed_keys = FINGERPRINTS.keys()
@@ -164,6 +169,8 @@
self.socks.close()
return
self.ts = paramiko.Transport(self.socks)
+ if server_name is not None:
+ self.ts.local_version = server_name
keypath = _support("test_rsa.key")
host_key = paramiko.RSAKey.from_private_key_file(keypath)
self.ts.add_server_key(host_key)
@@ -179,11 +186,11 @@
"""
(Most) kwargs get passed directly into SSHClient.connect().
- The exception is ``allowed_keys`` which is stripped and handed to the
- ``NullServer`` used for testing.
+ The exceptions are ``allowed_keys``/``public_blob``/``server_name``
+ which are stripped and handed to the ``NullServer`` used for testing.
"""
run_kwargs = {"kill_event": self.kill_event}
- for key in ("allowed_keys", "public_blob"):
+ for key in ("allowed_keys", "public_blob", "server_name"):
run_kwargs[key] = kwargs.pop(key, None)
# Server setup
threading.Thread(target=self._run, kwargs=run_kwargs).start()
@@ -205,7 +212,9 @@
self.event.wait(1.0)
self.assertTrue(self.event.is_set())
self.assertTrue(self.ts.is_active())
- self.assertEqual("slowdive", self.ts.get_username())
+ self.assertEqual(
+ self.connect_kwargs["username"], self.ts.get_username()
+ )
self.assertEqual(True, self.ts.is_authenticated())
self.assertEqual(False, self.tc.get_transport().gss_kex_used)
@@ -235,33 +244,39 @@
class SSHClientTest(ClientTest):
+ @requires_sha1_signing
def test_client(self):
"""
verify that the SSHClient stuff works too.
"""
self._test_connection(password="pygmalion")
+ @requires_sha1_signing
def test_client_dsa(self):
"""
verify that SSHClient works with a DSA key.
"""
self._test_connection(key_filename=_support("test_dss.key"))
+ @requires_sha1_signing
def test_client_rsa(self):
"""
verify that SSHClient works with an RSA key.
"""
self._test_connection(key_filename=_support("test_rsa.key"))
+ @requires_sha1_signing
def test_client_ecdsa(self):
"""
verify that SSHClient works with an ECDSA key.
"""
self._test_connection(key_filename=_support("test_ecdsa_256.key"))
+ @requires_sha1_signing
def test_client_ed25519(self):
self._test_connection(key_filename=_support("test_ed25519.key"))
+ @requires_sha1_signing
def test_multiple_key_files(self):
"""
verify that SSHClient accepts and tries multiple key files.
@@ -293,6 +308,7 @@
self.tearDown()
self.setUp()
+ @requires_sha1_signing
def test_multiple_key_files_failure(self):
"""
Expect failure when multiple keys in play and none are accepted
@@ -306,6 +322,7 @@
allowed_keys=["ecdsa-sha2-nistp256"],
)
+ @requires_sha1_signing
def test_certs_allowed_as_key_filename_values(self):
# NOTE: giving cert path here, not key path. (Key path test is below.
# They're similar except for which path is given; the expected auth and
@@ -319,6 +336,7 @@
public_blob=PublicBlob.from_file(cert_path),
)
+ @requires_sha1_signing
def test_certs_implicitly_loaded_alongside_key_filename_keys(self):
# NOTE: a regular test_connection() w/ test_rsa.key would incidentally
# test this (because test_xxx.key-cert.pub exists) but incidental tests
@@ -336,6 +354,29 @@
),
)
+ def _cert_algo_test(self, ver, alg):
+ # Issue #2017; see auth_handler.py
+ self.connect_kwargs["username"] = "somecertuser" # neuter pw auth
+ self._test_connection(
+ # NOTE: SSHClient is able to take either the key or the cert & will
+ # set up its internals as needed
+ key_filename=_support(
+ os.path.join("cert_support", "test_rsa.key-cert.pub")
+ ),
+ server_name="SSH-2.0-OpenSSH_{}".format(ver),
+ )
+ assert (
+ self.tc._transport._agreed_pubkey_algorithm
+ == "{}[email protected]".format(alg)
+ )
+
+ def test_old_openssh_needs_ssh_rsa_for_certs_not_rsa_sha2(self):
+ self._cert_algo_test(ver="7.7", alg="ssh-rsa")
+
+ def test_newer_openssh_uses_rsa_sha2_for_certs_not_ssh_rsa(self):
+ # NOTE: 512 happens to be first in our list and is thus chosen
+ self._cert_algo_test(ver="7.8", alg="rsa-sha2-512")
+
def test_default_key_locations_trigger_cert_loads_if_found(self):
# TODO: what it says on the tin: ~/.ssh/id_rsa tries to load
# ~/.ssh/id_rsa-cert.pub. Right now no other tests actually test that
@@ -469,6 +510,7 @@
kwargs = dict(self.connect_kwargs, banner_timeout=0.5)
self.assertRaises(paramiko.SSHException, self.tc.connect, **kwargs)
+ @requires_sha1_signing
def test_auth_trickledown(self):
"""
Failed key auth doesn't prevent subsequent pw auth from succeeding
@@ -489,6 +531,7 @@
)
self._test_connection(**kwargs)
+ @requires_sha1_signing
@slow
def test_auth_timeout(self):
"""
@@ -591,6 +634,7 @@
host_key = paramiko.ECDSAKey.generate()
self._client_host_key_bad(host_key)
+ @requires_sha1_signing
def test_host_key_negotiation_2(self):
host_key = paramiko.RSAKey.generate(2048)
self._client_host_key_bad(host_key)
@@ -598,6 +642,7 @@
def test_host_key_negotiation_3(self):
self._client_host_key_good(paramiko.ECDSAKey, "test_ecdsa_256.key")
+ @requires_sha1_signing
def test_host_key_negotiation_4(self):
self._client_host_key_good(paramiko.RSAKey, "test_rsa.key")
@@ -681,6 +726,7 @@
# instead of suffering a real connection cycle.
# TODO: in that case, move the below to be part of an integration suite?
+ @requires_sha1_signing
def test_password_kwarg_works_for_password_auth(self):
# Straightforward / duplicate of earlier basic password test.
self._test_connection(password="pygmalion")
@@ -688,10 +734,12 @@
# TODO: more granular exception pending #387; should be signaling "no auth
# methods available" because no key and no password
@raises(SSHException)
+ @requires_sha1_signing
def test_passphrase_kwarg_not_used_for_password_auth(self):
# Using the "right" password in the "wrong" field shouldn't work.
self._test_connection(passphrase="pygmalion")
+ @requires_sha1_signing
def test_passphrase_kwarg_used_for_key_passphrase(self):
# Straightforward again, with new passphrase kwarg.
self._test_connection(
@@ -699,6 +747,7 @@
passphrase="television",
)
+ @requires_sha1_signing
def test_password_kwarg_used_for_passphrase_when_no_passphrase_kwarg_given(
self
): # noqa
@@ -709,6 +758,7 @@
)
@raises(AuthenticationException) # TODO: more granular
+ @requires_sha1_signing
def
test_password_kwarg_not_used_for_passphrase_when_passphrase_kwarg_given( # noqa
self
):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_config.py
new/paramiko-2.11.0/tests/test_config.py
--- old/paramiko-2.10.4/tests/test_config.py 2022-04-25 18:25:27.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_config.py 2022-05-17 03:04:13.000000000
+0200
@@ -207,6 +207,25 @@
assert got == expected
@patch("paramiko.config.getpass")
+ def test_proxyjump_token_expansion(self, getpass):
+ getpass.getuser.return_value = "gandalf"
+ config = SSHConfig.from_text(
+ """
+Host justhost
+ ProxyJump jumpuser@%h
+Host userhost
+ ProxyJump %r@%h:222
+Host allcustom
+ ProxyJump %r@%h:%p
+"""
+ )
+ assert config.lookup("justhost")["proxyjump"] == "jumpuser@justhost"
+ assert config.lookup("userhost")["proxyjump"] == "gandalf@userhost:222"
+ assert (
+ config.lookup("allcustom")["proxyjump"] == "gandalf@allcustom:22"
+ )
+
+ @patch("paramiko.config.getpass")
def test_controlpath_token_expansion(self, getpass, socket):
getpass.getuser.return_value = "gandalf"
config = SSHConfig.from_text(
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_file.py
new/paramiko-2.11.0/tests/test_file.py
--- old/paramiko-2.10.4/tests/test_file.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_file.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for the BufferedFile abstraction.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_gssapi.py
new/paramiko-2.11.0/tests/test_gssapi.py
--- old/paramiko-2.10.4/tests/test_gssapi.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_gssapi.py 2022-05-17 03:04:13.000000000
+0200
@@ -16,7 +16,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Test the used APIs for GSS-API / SSPI authentication
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_hostkeys.py
new/paramiko-2.11.0/tests/test_hostkeys.py
--- old/paramiko-2.10.4/tests/test_hostkeys.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_hostkeys.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for HostKeys.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_kex.py
new/paramiko-2.11.0/tests/test_kex.py
--- old/paramiko-2.10.4/tests/test_kex.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_kex.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for the key exchange protocols.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_kex_gss.py
new/paramiko-2.11.0/tests/test_kex_gss.py
--- old/paramiko-2.10.4/tests/test_kex_gss.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_kex_gss.py 2022-05-17 03:04:13.000000000
+0200
@@ -17,7 +17,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Unit Tests for the GSS-API / SSPI SSHv2 Diffie-Hellman Key Exchange and user
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_message.py
new/paramiko-2.11.0/tests/test_message.py
--- old/paramiko-2.10.4/tests/test_message.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_message.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for ssh protocol message blocks.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_packetizer.py
new/paramiko-2.11.0/tests/test_packetizer.py
--- old/paramiko-2.10.4/tests/test_packetizer.py 2022-04-25
18:22:40.000000000 +0200
+++ new/paramiko-2.11.0/tests/test_packetizer.py 2022-05-17
03:04:13.000000000 +0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for the ssh2 protocol in Transport.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_pkey.py
new/paramiko-2.11.0/tests/test_pkey.py
--- old/paramiko-2.10.4/tests/test_pkey.py 2022-04-25 18:25:27.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_pkey.py 2022-05-17 03:04:13.000000000
+0200
@@ -15,7 +15,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for public/private key objects.
@@ -44,7 +44,7 @@
from mock import patch, Mock
import pytest
-from .util import _support, is_low_entropy
+from .util import _support, is_low_entropy, requires_sha1_signing
# from openssh's ssh-keygen
@@ -256,6 +256,7 @@
pub = RSAKey(data=key.asbytes())
self.assertTrue(pub.verify_ssh_sig(b"ice weasels", msg))
+ @requires_sha1_signing
def test_sign_and_verify_ssh_rsa(self):
self._sign_and_verify_rsa("ssh-rsa", SIGNED_RSA)
@@ -280,6 +281,7 @@
pub = DSSKey(data=key.asbytes())
self.assertTrue(pub.verify_ssh_sig(b"ice weasels", msg))
+ @requires_sha1_signing
def test_generate_rsa(self):
key = RSAKey.generate(1024)
msg = key.sign_ssh_data(b"jerri blank")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_sftp.py
new/paramiko-2.11.0/tests/test_sftp.py
--- old/paramiko-2.10.4/tests/test_sftp.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_sftp.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
some unit tests to make sure sftp works.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_sftp_big.py
new/paramiko-2.11.0/tests/test_sftp_big.py
--- old/paramiko-2.10.4/tests/test_sftp_big.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_sftp_big.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
some unit tests to make sure sftp works well with large files.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_ssh_gss.py
new/paramiko-2.11.0/tests/test_ssh_gss.py
--- old/paramiko-2.10.4/tests/test_ssh_gss.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_ssh_gss.py 2022-05-17 03:04:13.000000000
+0200
@@ -17,7 +17,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Unit Tests for the GSS-API / SSPI SSHv2 Authentication (gssapi-with-mic)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_transport.py
new/paramiko-2.11.0/tests/test_transport.py
--- old/paramiko-2.10.4/tests/test_transport.py 2022-04-25 18:25:27.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_transport.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for the ssh2 protocol in Transport.
@@ -61,7 +61,7 @@
from paramiko.py3compat import bytes, byte_chr
from paramiko.message import Message
-from .util import needs_builtin, _support, slow
+from .util import needs_builtin, _support, requires_sha1_signing, slow
from .loop import LoopSocket
@@ -196,9 +196,9 @@
def test_security_options(self):
o = self.tc.get_security_options()
self.assertEqual(type(o), SecurityOptions)
- self.assertTrue(("aes256-cbc", "blowfish-cbc") != o.ciphers)
- o.ciphers = ("aes256-cbc", "blowfish-cbc")
- self.assertEqual(("aes256-cbc", "blowfish-cbc"), o.ciphers)
+ self.assertTrue(("aes256-cbc", "aes192-cbc") != o.ciphers)
+ o.ciphers = ("aes256-cbc", "aes192-cbc")
+ self.assertEqual(("aes256-cbc", "aes192-cbc"), o.ciphers)
try:
o.ciphers = ("aes256-cbc", "made-up-cipher")
self.assertTrue(False)
@@ -1289,6 +1289,7 @@
# are new tests in test_pkey.py which use known signature blobs to prove
# the SHA2 family was in fact used!
+ @requires_sha1_signing
def test_base_case_ssh_rsa_still_used_as_fallback(self):
# Prove that ssh-rsa is used if either, or both, participants have SHA2
# algorithms disabled
@@ -1411,6 +1412,7 @@
) as (tc, ts, err):
assert isinstance(err, AuthenticationException)
+ @requires_sha1_signing
def test_ssh_rsa_still_used_when_sha2_disabled(self):
privkey = RSAKey.from_private_key_file(_support("test_rsa.key"))
# NOTE: this works because key obj comparison uses public bytes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/test_util.py
new/paramiko-2.11.0/tests/test_util.py
--- old/paramiko-2.10.4/tests/test_util.py 2022-04-25 18:22:40.000000000
+0200
+++ new/paramiko-2.11.0/tests/test_util.py 2022-05-17 03:04:13.000000000
+0200
@@ -14,7 +14,7 @@
#
# You should have received a copy of the GNU Lesser General Public License
# along with Paramiko; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Some unit tests for utility functions.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/paramiko-2.10.4/tests/util.py
new/paramiko-2.11.0/tests/util.py
--- old/paramiko-2.10.4/tests/util.py 2022-04-25 18:22:40.000000000 +0200
+++ new/paramiko-2.11.0/tests/util.py 2022-05-17 03:04:13.000000000 +0200
@@ -9,6 +9,10 @@
from paramiko.py3compat import builtins, PY2
from paramiko.ssh_gss import GSS_AUTH_AVAILABLE
+from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.asymmetric import padding, rsa
tests_dir = dirname(realpath(__file__))
@@ -144,3 +148,31 @@
# I don't see a way to tell internally if the hash seed was set this
# way, but env should be plenty sufficient, this is only for testing.
return is_32bit and os.environ.get("PYTHONHASHSEED", None) == "0"
+
+
+def sha1_signing_unsupported():
+ """
+ This is used to skip tests in environments where SHA-1 signing is
+ not supported by the backend.
+ """
+ private_key = rsa.generate_private_key(
+ public_exponent=65537, key_size=2048, backend=default_backend()
+ )
+ message = b"Some dummy text"
+ try:
+ private_key.sign(
+ message,
+ padding.PSS(
+ mgf=padding.MGF1(hashes.SHA1()),
+ salt_length=padding.PSS.MAX_LENGTH,
+ ),
+ hashes.SHA1(),
+ )
+ return False
+ except UnsupportedAlgorithm as e:
+ return e._reason is _Reasons.UNSUPPORTED_HASH
+
+
+requires_sha1_signing = unittest.skipIf(
+ sha1_signing_unsupported(), "SHA-1 signing not supported"
+)
++++++ paramiko-pr1655-remove-pytest-relaxed.patch ++++++
--- /var/tmp/diff_new_pack.3dlrsJ/_old 2022-05-30 12:43:20.568342013 +0200
+++ /var/tmp/diff_new_pack.3dlrsJ/_new 2022-05-30 12:43:20.572342018 +0200
@@ -15,11 +15,11 @@
tests/test_client.py | 20 ++++++++++----------
3 files changed, 10 insertions(+), 14 deletions(-)
-Index: paramiko-2.8.0/tests/test_client.py
+Index: paramiko-2.11.0/tests/test_client.py
===================================================================
---- paramiko-2.8.0.orig/tests/test_client.py
-+++ paramiko-2.8.0/tests/test_client.py
-@@ -33,7 +33,7 @@ import warnings
+--- paramiko-2.11.0.orig/tests/test_client.py 2022-05-17 03:04:13.000000000
+0200
++++ paramiko-2.11.0/tests/test_client.py 2022-05-26 22:57:20.216831045
+0200
+@@ -33,7 +33,7 @@
import weakref
from tempfile import mkstemp
@@ -28,11 +28,12 @@
from mock import patch, Mock
import paramiko
-@@ -687,10 +687,10 @@ class PasswordPassphraseTests(ClientTest
+@@ -733,11 +733,11 @@
# TODO: more granular exception pending #387; should be signaling "no auth
# methods available" because no key and no password
- @raises(SSHException)
+ @requires_sha1_signing
def test_passphrase_kwarg_not_used_for_password_auth(self):
- # Using the "right" password in the "wrong" field shouldn't work.
- self._test_connection(passphrase="pygmalion")
@@ -40,13 +41,14 @@
+ # Using the "right" password in the "wrong" field shouldn't work.
+ self._test_connection(passphrase="pygmalion")
+ @requires_sha1_signing
def test_passphrase_kwarg_used_for_key_passphrase(self):
- # Straightforward again, with new passphrase kwarg.
-@@ -708,14 +708,14 @@ class PasswordPassphraseTests(ClientTest
+@@ -757,15 +757,15 @@
password="television",
)
- @raises(AuthenticationException) # TODO: more granular
+ @requires_sha1_signing
def
test_password_kwarg_not_used_for_passphrase_when_passphrase_kwarg_given( # noqa
self
):
