Add sha2 support #596

Merged
merged 7 commits into from Nov 2, 2015

Projects

None yet

4 participants

@GuyShaanan

This adds SHA-256 support based on a fork of 'zamiam69:add_sha2_support'.
This commit fixes the problem with the fork where you can't connect using SHA1 anymore.
The fix changes the '_preferred_macs' and '_preferred_kex' order.

zamiam69 and others added some commits Jul 15, 2014
@zamiam69 zamiam69 Add support for sha256 based hmac and kexgex bd21af3
@zamiam69 zamiam69 Add support for sha256 based hmac and kexgex
- fix tab damage
f4cfd19
@zamiam69 zamiam69 Merge branch 'add_sha2_support' of github.com:zamiam69/paramiko into …
…add_sha2_support

Conflicts:
	paramiko/transport.py
f41cb94
@zamiam69 zamiam69 Fix transport test 26b11d0
@zamiam69 zamiam69 Include sha2 changes in tests
- let _compute_key default default to sha1 if local_mac is not set
  instead of setting local_mac explicitly in the unit test
- add tests for KexGexSHA256
47da193
@zamiam69 zamiam69 Merge upstream branch 'master' into add_sha2_support
Conflicts:
	paramiko/transport.py
	tests/test_transport.py
b3b0f2d
gshaanan This adds SHA-256 support based on a fork of 'zamiam69:add_sha2_suppo…
…rt'.

This commit fixes the problem with the fork where you can't connect using SHA1 anymore.
The fix changes the '_preferred_macs' and '_preferred_kex' order.
53e91cc
@bitprophet bitprophet added a commit that referenced this pull request Nov 2, 2015
@bitprophet bitprophet Changelog closes #356, closes #596.
Will expand to include SHA512 stuff if I merge that prior to release.
66ff4de
@bitprophet bitprophet merged commit 53e91cc into paramiko:master Nov 2, 2015

1 check failed

continuous-integration/travis-ci/pr The Travis CI build failed
Details
@mimecuvalo

shouldn't this try to preserve the relative order of sha1?
_preferred_macs = ('hmac-sha2-256', 'hmac-sha1', 'hmac-md5', 'hmac-sha1-96', 'hmac-md5-96')

such that hmac-sha1 is after hmac-sha2-256 - otherwise, you've changed the preferred order to now prefer md5 over sha (if the server doesn't support sha2-256)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment