Permalink
Commits on Sep 8, 2018
  1. Bump version number up to 1.14.0 and update change log

    ronf committed Sep 8, 2018
Commits on Sep 2, 2018
  1. Update license to EPL 2.0

    ronf committed Sep 2, 2018
    This commit updates the AsyncSSH license to EPL 2.0, with an optional
    secondary license of GPL 2.0 or laster.
  2. Update prior fix to SFTP exception handling

    ronf committed Sep 2, 2018
    This commit updates the previous fix to SFTP exception handling to avoid
    showing a "Connection lost" message in log output  when the SFTP connection
    is cleanly closed. The updated code still delivers an exception to all
    outstanding requests in this case, but the logs now properly report the
    clean close in the "exited" messages.
  3. Add support for parallel read and write requests in SFTPClientFile

    ronf committed Sep 2, 2018
    This commit adds support in SFTPClientFile to automatically break up
    large read or write requests into multiple smaller requests issued in
    parallel to the SFTP server, similar to what was already supported for
    the higher-level get, put, and copy methods.
    
    This allows very large I/O operations to be performed directly on files
    on the SFTP server without having to first put the content in a local
    file, and it gets around limitations on some SFTP servers on the maximum
    SFTP message size when writing and on the maximum data they'll return in
    a single read response.
    
    This feature can be controlled using new block_size and max_requests
    arguments in the SFTPClient open() call. If block_size is set to None,
    the prior behavior of issuing only a single read or write request is
    used, but by default any read or write larger than 16 KB will be
    parallelized, with up to 128 simultaneous outstanding read or write
    requests.
    
    As part of this change, calls to read() with no size will now query the
    remote file size and trigger this same parallel read behavior if it is
    enabled. Previously, such read() calls did break the read into multiple
    requests, but the requests were issued serially. This should provide
    a significant speed improvement when there's a long latency between the
    SFTP client and server.
    
    The new max_requests argument is now also available on the SFTPClient
    get, put, copy, mget, mput, and mcopy methods.
Commits on Sep 1, 2018
  1. Improve error handling in SFTP

    ronf committed Sep 1, 2018
    This commit improves the handling in the AsyncSSH SFTP client of a
    connection close from the server. It also adds checks during
    connection close to prevent a second exception from being raised
    during cleanup, and removes unnecessary assignment operations in a
    few places for return values that are never actually returned.
    
    Unit tests have also been added to validate these new code paths.
Commits on Aug 28, 2018
  1. Avoid overflow on systems with 32-bit time_t value

    ronf committed Aug 28, 2018
    This commit updates the handling of time values in X.509 certificates to
    avoid overflow on systems with a 32-bit time_t. While X.509 certificates
    should allow dates up to 9999-12-31, systems with a small time_t have
    problems with this.
    
    In addition to artificially limiting time values to avoid a time_t
    overflow in calls made directly by asyncssh, this commit also avoids a
    similar problem seen in calls made from within the cryptography library
    on datetime values passed into it.
Commits on Aug 23, 2018
Commits on Jul 31, 2018
  1. Fix race when closing sockets associated with forwarded connections

    ronf committed Jul 31, 2018
    This commit fixes a race condition which could occur when attempting to
    call shutdown() to half-close a forwarded connection when the remote
    system had already closed its end of the socket. This error is now
    ignored, allowing the rest of the cleanup of the socket to proceed
    normally.
  2. Add get_extra_info method to SSH process classes

    ronf committed Jul 31, 2018
    This commit adds a get_extra_info() method on the SSHClientProcess and
    SSHServerProcess classes, allowing information associated with the
    channel the process is associated with to be retrieved from the process
    class directly, rather than having to access it through the "channel"
    property.
    
    This commit also updates the examples to show this more direct access.
  3. Add set_extra_info method on SSH connections and channels

    ronf committed Jul 31, 2018
    This commit adds a set_extra_info method on the connection and channel
    subclasses, allowing applications to store additional information on
    these objects which can be retrieved just like the other information
    available through get_extra_info. As with existing information, anything
    set on the connection is inherited by all channels on that connection,
    and channel information is also available via the stream reader & writer
    classes.
Commits on Jul 25, 2018
  1. Change debug level for reporting PTY modes from 1 to 2 to reduce noise

    ronf committed Jul 25, 2018
Commits on Jul 24, 2018
  1. Add explicit handlers for OpenSSH keepalive global & channel requests

    ronf committed Jul 24, 2018
    This commit adds explicit handlers for OpenSSH keepalive global and
    channel request messages, to avoid reporting an unknown request debug
    message. These requests are still logged, but they are no longer labeled
    as unknown and they are logged at debug level 2 instead of level 1, so
    by default they will not pollute the log output.
    
    This commit also fixes a missing "return" in one of the test functions.
    It was harmless before, but the new test needed a proper return value to
    be passed through.
  2. Bump version number up to 1.13.3 and update change log

    ronf committed Jul 24, 2018
  3. Revert logging change in favor of switching from egg to wheel

    ronf committed Jul 24, 2018
    Rather than trying to work around the problem with the use of
    __package__ when distributing AsyncSSH as an egg, I'm going to switch
    future releases over to distributing AsyncSSH as a wheel, which should
    avoid this issue.
Commits on Jul 22, 2018
  1. Update creation of AsyncSSH logger to work around issue with __package__

    ronf committed Jul 22, 2018
    This commit avoids using "__package__" when creating the AsyncSSH
    logger, as there appears to be a bug where "__package__" ends up with
    the value None when asyncssh is installed as an egg.
    
    Thanks go out to Janne Rönkkö for finding this issue and offering a
    suggested fix!
Commits on Jul 14, 2018
  1. Add missing coroutine decorator in test_channel

    ronf committed Jul 14, 2018
  2. Update CI configs to reflect release of Python 3.7

    ronf committed Jul 14, 2018
Commits on Jul 10, 2018
  1. Add support for setting Unicode error handling strategy

    ronf committed Jul 10, 2018
    This commit adds support for an "errors" argument in conjunction with
    "encoding" when creating new SSH sessions/streams/processes. This error
    handling will be applied on any data exchanged on the SSH channels
    associated with these objects.
    
    In addition, the session_encoding argument in create_server() now has a
    corresponding session_error argument which will be used as the error
    handling strategy for all newly created sesions on that server.
    
    When working with SSH processes, the error handling strategy set on the
    process will also automatically be used when doing I/O redirection on
    that process.
    
    Finally, the get_comment() and set_comment() functions on private/public
    keys and certificates now support an "errors" argument along with
    "encoding" when getting/setting comments using Unicode strings.
Commits on Jul 8, 2018
  1. Minor cleanup which should have been part of the last checkin

    ronf committed Jul 8, 2018
  2. Change channel Unicode handling to use incremental codec

    ronf committed Jul 8, 2018
    This commit changes the AsyncSSH channel code to use the incremental
    encoder and decoder classes in the codecs module rather than doing
    its own buffering of partial Unicode data.
    
    This commit also improves the information returned when a Unicode
    decode error occurs, and avoids the caller seeing both the original
    UnicodeDecodeError and a DisconnectError when this occurs. As part of
    the better error handling, this commit also simplifies the way cleanup
    is done when a disconnect error is raised.
    
    In addition, this commit delays processing of incoming data on a channel
    until after the channel and session objects are returned to the
    application opening the channel. Previously, it was possible for some
    incoming data to be delivered to the session object even before the
    channel open call returned.
    
    Unit tests have also been adjusted to take into account these changes,
    and some general cleanup was done there.
Commits on Jul 4, 2018
  1. Bump version number up to 1.13.2 and update change log

    ronf committed Jul 4, 2018
Commits on Jul 2, 2018
  1. Add support for auth_completed callback in SSHServer

    ronf committed Jul 2, 2018
    This commit adds support for a new auth_completed callback in the
    SSHServer class which is called as soon as authentication is completed
    successfully on each new connection. This can be used to set up state
    based on the username or on options in the authorized_keys list or
    certificate associated with the user before any requests are processed
    on the connection.
  2. Fix error in running updated host-based auth unit tests on Windows

    ronf committed Jul 2, 2018
  3. Mock getnameinfo in host-based authentication unit tests

    ronf committed Jul 2, 2018
    This commit migrates code in test_auth_keys which mocks out
    socket.getnameinfo into a common function that can be used in both
    test_auth_keys and test_connection_auth, so that calls to getnameinfo()
    during host-based auth unit tests don't fail on systems that can't
    properly reverse map 127.0.0.1 to "localhost".
Commits on Jun 24, 2018
  1. Add support for ssh-keysign in host-based authentication

    ronf committed Jun 24, 2018
    This commit adds support for accessing client host keys via the OpenSSH
    ssh-keysign program when doing host-based authentication. If ssh-keysign
    is present and enabled on the system, AsyncSSH can use it instead of
    signing the authentication request itself, avoiding the need to have
    access to the host private key.
    
    This commit also adds support for using pathlib path objects in calls to
    read and write public keys and certificates.
Commits on Jun 17, 2018
  1. Update doc to add missing key exchange and certificate algorithms

    ronf committed Jun 17, 2018
  2. Bump version number up to 1.13.1 and update change log

    ronf committed Jun 17, 2018
  3. Add support for host-based authentication

    ronf committed Jun 17, 2018
    This commit adds client and server side support for host-based SSH
    authentication. The server-side support is probably more interesting
    here, allowing AsyncSSH to authenticate connections from all users on
    a host without each user needing to have their own keys. If AsyncSSH
    is given access to a trusted key for a client host, though, this
    support can be used to allow AsyncSSH to connect as any user on that
    client.
    
    Potential future work could include supporting ssh-keysign on systems
    which have it enabled, to avoid AsyncSSH needing to have direct access
    to the host key when acting as a client.
    In addition to the above, this commit fixes a minor issue with
    enforcing the source-address option in OpenSSH user certificates and
    with error handling when canonicalizing usernames with SASLPrep. It
    also fixes a couple of doc string issues.
Commits on Jun 8, 2018
  1. Change Unicode reader/writer classes to use incremental codec

    ronf committed Jun 8, 2018
    This commit changes the Unicode reader & writer classes involved in
    SSHProcess I/O redirection to use the incremental encoder and decoder
    classes available in the codecs module, rather than doing their own
    buffering of partial Unicode data. Thanks go to Jonathan Slenders
    for pointing these classes out!
Commits on Jun 6, 2018
  1. Update documentation to list support for RSA key exchange algorithms

    ronf committed Jun 6, 2018
  2. Update documentation to list support for SECP256K1 elliptic curve

    ronf committed Jun 6, 2018
  3. Add RSA key exchange support

    ronf committed Jun 6, 2018
    This commit adds support for the rsa1024-sha1 and rsa2048-sha256 key
    exchange algorithms described in RFC 4432.
Commits on Jun 1, 2018
  1. Add debugging output which shows received kexinit algorithms

    ronf committed Jun 1, 2018
    This commit adds debug logging to show the algorithms listed in a
    received kexinit message. Previously, the debug logging showed the
    algorithms requested in the sent kexinit and the algorithms that were
    actually negotiated, but it did not show the algorithms advertised in
    the received kexinit. Now it does, when the debug level is 2 or higher.