Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Transport: fix the preferred KEX algorithms for gssapi-keyex (2.0) #1060

Merged
merged 1 commit into from Sep 12, 2017

Conversation

@akruis
Copy link
Contributor

@akruis akruis commented Sep 12, 2017

Add additional KEX algorithms for gssapi-keyex in front of the
default preferred KEX algorithms, if gssapi-keyex is enabled.

Before this change, Transport used a hard coded (and out-dated) list of
algorithms, if gssapi-keyex was enabled.

Add additional KEX algorithms for gssapi-keyex in front of the
default preferred KEX algorithms, if gssapi-keyex is enabled.

Before this change, Transport used a hard coded (and out-dated) list of
algorithms, if gssapi-keyex was enabled.
@ploxiln
Copy link
Contributor

@ploxiln ploxiln commented Sep 12, 2017

It's good to see gss get some testing and maintenance :)

@bitprophet
Copy link
Member

@bitprophet bitprophet commented Sep 12, 2017

Torn on whether this should be considered a bugfix or a "feature" (it's technically adding new functionality that did not previously exist.) What's the impact (functionality or security wise) on users if this only went out in 2.3?

@ploxiln
Copy link
Contributor

@ploxiln ploxiln commented Sep 12, 2017

I'd lean towards just considering this a bugfix for gss.
Note also that _preferred_kex was updated in 2.2

@ploxiln
Copy link
Contributor

@ploxiln ploxiln commented Sep 12, 2017

(for the 2.2.0 release, so consistent with your idea that kex preference changes should be in minor releases - I'm just noting it :)

@akruis
Copy link
Contributor Author

@akruis akruis commented Sep 12, 2017

It a bug fix. Without this fix you get an outdated set of non gss-kex algorithms, if you enable gss-kex.

bitprophet added a commit that referenced this pull request Sep 12, 2017
@bitprophet bitprophet merged commit 9ee7085 into paramiko:2.0 Sep 12, 2017
1 of 3 checks passed
1 of 3 checks passed
codecov/patch 50% of diff hit (target 74.58%)
Details
codecov/project 74.54% (-0.04%) compared to 853a37f
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants