python-asyncssh-2.21.0-bp160.1.1

- update to 2.21.0:
  * Added sparse file support for SFTP, allowing file copying
    which automatically skips over any "holes" in a source file,
    transferring only the data ranges which are actually present.
  * Added support for applications to request that session,
    connection, or TUN/TAP requests arriving on an
    SSHServerConnection be forwarded out some other established
    SSHClientConnection. Callback methods on SSHServer which
    decide how to handle these requests can now return an
    SSHClientConnection to set up this tunneling, instead of
    having to accept the request and implement their own
    forwarding logic.
  * Further hardened the SSH key exchange process to make
    AsyncSSH more strict when accepting messages during key
    exchange. Thanks go to Fabian Bäumer and Marcus Brinkmann for
    identifying potential issues here.
  * Added support for the auth_completed callback in SSHServer to
    be either a callable or a coroutine, allowing async
    operations to be performed when user authentication completes
    successfully, prior to accepting session requests.
  * Added support for the sftp_factory config argument be either
    a callable or a coroutine, allowing async operations to be
    performed when starting up a new SFTP server session.
  * Fixed a bug where the exit() method of SFTPServer didn't
    handle being declared as a coroutine. Thanks go to C. R.
    Oldham for reporting this issue.
  * Improved handling of exceptions in connection_lost()
    callbacks. Exceptions in connection_lost() will now be
    reported in the debug log, but other cleanup code in AsyncSSH
    will continue, ignoring those exceptions. Thanks go to Danil
    Slinchuk for reporting this issue.
  * Added support for specifying an explicit path when
    configuring agent forwarding. Thanks go to Aleksandr Ilin for
    pointing out that this options supports more than just a
    boolean value.
  * Added support for environment variable expansion in SSH
    config, for options which support percent expansion.
  * Added a new begin_auth callback in SSHClient, reporting the
    username being sent during SSH client authentication. This
    can be useful when the user is conditionally set via an SSH
    config file.
  * Improved strict-kex interoperability during re-keying. Thanks
    go to GitHub user emeryalden for reporting this issue and
    helping to track down the source of the problem.
  * Updated SFTP max_requests default to reduce memory usage when
    using large block sizes.
  * Updated testing to add Python 3.13 and drop Python 3.7,
    avoiding deprecation warnings from the cryptography package.
  * Fixed unit test issues under Windows, allowing unit tests to
    run on Windows on all supported versions of Python.
  * Fixed a couple of issues with Python 3.14. Thanks go to Georg
    Sauthoff for initially reporting this.
  * Added support for WebAuthN authentication with U2F security
    keys, allowing non-admin Windows users to use these keys for
    authentication. Previously, authentication with U2F keys
    worked on Windows, but only for admin users.
  * Added support for hostname canonicalization, compatible with
    the configuration parameters used in OpenSSH, as well as
    support for the "canonical" and "final" match keywords and
    negation support for match. Thanks go to GitHub user
    commonism who suggested this and provided a proposed
    implementation for negation.
  * Added client and server support for SFTP copy-data extension
    and a new SFTP remote_copy() function which allows data to be
    moved between two remote files without downloading and re-
    uploading the data. Thanks go to Ali Khosravi for suggesting
    this addition.
  * Moved project metadata from setup.py to pyproject.toml.
    Thanks go to Marc Mueller for contributing this.
  * Updated SSH connection to keep strong references to
    outstanding tasks, to avoid potential issues with the garbage
    collector while the connection is active. Thanks go to GitHub
    user Birnendampf for pointing out this potential issue and
    suggesting a simple fix.
  * Fixed some issues with block_size argument in SFTP copy
    functions. Thanks go to Krzysztof Kotlenga for finding and
    reporting these issues.
  * Fixed an import error when fido2 package wasn't available.
    Thanks go to GitHub user commonism for reporting this issue.

- Switch to pyproject macros.

- Update to 2.18.0
  * Added support for post-quantum ML-KEM key exchange algorithms,
    interoperable with OpenSSH 9.9.
  * Added support for the OpenSSH "limits" extension, allowing the
    client to query server limits such as the maximum supported read
    and write sizes. The client will automatically default to the reported
    maximum size on servers that support this extension.
  * Added more ways to specify environment variables via the `env` option.
    Sequences of either 'key=value' strings or (key, value) tuples are now
    supported, in addition to a dict.
  * Added support for getting/setting environment variables as byte strings
    on platforms which support it. Previously, only Unicode strings were
    accepted and they were always encoded on the wire using UTF-8.
  * Added support for non-TCP sockets (such as a socketpair) as the `sock`
    parameter in connect calls. Thanks go to Christian Wendt for reporting
    this problem and proposing a fix.
  * Changed compression to be disabled by default to avoid it becoming a
    performance bottleneck on high-bandwidth connections. This now also
    matches the OpenSSH default.
  * Improved speed of parallelized SFTP reads when read-ahead goes beyond
    the end of the file. Thanks go to Maximilian Knespel for reporting
    this issue and providing performance measurements on the code before
    and after the change.
  * Improved cancellation handling during SCP transfers.
  * Improved support for selecting the currently available security key
    when the application lists multiple keys to try. Thanks go to GitHub
    user zanda8893 for reporting the issue and helping to work out the
    details of the problem.
  * Improved handling of reverse DNS failures in host-based authentication.
    Thanks go to GitHub user xBiggs for suggesting this change.
  * Improved debug logging of byte strings with non-printable characters.
  * Switched to using an executor on GSSAPI calls to avoid blocking the
    event loop.
  * Fixed handling of "UserKnownHostsFile none" in config files. This
    previously caused it to use the default known hosts, rather than
    disabling known host checking.
  * Fixed a runtime warning about not awaiting a coroutine in unit tests.
  * Fixed a unit test failure on Windows when calling abort on a transport.
  * Fixed a problem where a "MAC verification failed" error was sometimes
    sent on connection close.
  * Fixed SSHClientProcess code to not raise a runtime exception when
    waiting more than once for a process to finish. Thanks go to GitHub
    user starflows for reporting this issue.
  * Handled an error when attempting to import older verions of pyOpenSSL.
    Thanks go to Maximilian Knespel for reporting this issue and testing
    the fix.
  * Updated simple_server example code to switch from crypt to bcrypt,
    since crypt has been removed in Python 3.13. Thanks go to Colin
    Watson for providing this update.

- update to 2.17.0:
  * Add support for specifying a per-connection credential store
    for GSSAPI authentication.
  * Fixed a regression introduced in AsyncSSH 2.15.0 which could
    cause connections to be closed with an uncaught exception when
    a session on the connection was closed.
  * Added a workaround where getaddrinfo() on some systems may
    return duplicate entries, causing bind() to fail when opening
    a listener.
  * Relaxed padding length check on OpenSSH private keys to
    provide better compatibility with keys generated by PuTTYgen.
  * Improved documentation on SSHClient and SSHServer classes to
    explain when they are created and their relationship to the
    SSHClientConnection and SSHServerConnection classes.
  * Updated examples to use Python 3.7 and made some minor
    improvements.
- update to 2.16.0:
  * Added client and server support for the OpenSSH "hostkeys"
    extension. When using known_hosts, clients can provide a
    handler which will be called with the changes between the
    keys currently trusted in the client's known hosts and those
    available on the server. On the server side, an application
    can choose whether or not to enable the sending of this host
    key information.
  * Related to the above, AsyncSSH now allows the configuration of
    multiple server host keys of the same type when the
    send_server_host_keys option is enabled. Only the first key of
    each type will be used in the SSH handshake, but the others can
    appear in the list of supported host keys for clients to begin
    trusting, allowing for smoother key rotation.
  * Fixed logging and typing issues in SFTP high-level copy
    functions. A mix of bytes, str, and PurePath entries are now
    supported in places where a list of file paths is allowed, and
    the type signatures have been updated to reflect that the
    functions accept either a single path or a list of paths.
  * Improved typing on SFTP listdir() function.
  * Reworked the config file parser to improve on a previous fix
    related to handling key/value pairs with an equals delimiter.
  * Improved handling of ciphers deprecated in cryptography 43.0.0.
  * Improved support for use of Windows pathnames in ProxyCommand.

- update to 2.15.0:
  * Added experimental support for tunneling of TUN/TAP network
    interfaces on Linux and macOS, allowing for either automatic
    packet forwarding or explicit reading and writing of packets
    sent through the tunnel by the application. Both callback and
    stream APIs are available.
  * Added support for forwarding terminal size and terminal size
    changes when stdin on an SSHServerProcess is redirected to a
    local TTY.
  * Added support for multiple tunnel/ProxyJump hosts. Thanks go
    to Adam Martin for suggesting this enhancement and proposing
    a solution.
  * Added support for OpenSSH lsetstat SFTP extension to set
    attributes on symbolic links on platforms which support that
    and use it to improve symlink handling in the SFTP get, put,
    and copy methods. In addition, a follow_symlinks option has
    been added on various SFTPClient methods which get and set
    these attributes. Thanks go to GitHub user eyalgolan1337 for
    reporting this issue.
  * Added support for password and passphrase arguments to be a
    callable or awaitable, called when performing authentication
    or loading encrypted private keys. Thanks go to GitHub user
    goblin for suggesting this enhancement.
  * Added support for proper flow control when using
    AsyncFileWriter or StreamWriter classes to do SSH process
    redirection. Thanks go to Benjy Wiener for reporting this
    issue and providing feedback on the fix.
  * Added is_closed() method
    SSHClientConnection/SSHServerConnection to return whether the
    associated network connection is closed or not.
  * Added support for setting and matching tags in OpenSSH config
    files.
  * Added an example of using "await" in addition to "async with"
    when opening a new SSHClientConnection. Thanks go to Michael
    Davis for suggesting this added documentation.
  * Improved handling CancelledError in SCP, avoiding an issue
    where AsyncSSH could sometimes get stuck waiting for the
    channel to close. Thanks go to Max Orlov for reporting the
    problem and providing code to reproduce it.
  * Fixed a regression from 2.14.1 related to rekeying an SSH
    connection when there's acitivty on the connection in the
    middle of rekeying. Thanks go to GitHub user eyalgolan1337
    for helping to narrow down this problem and test the fix.
  * Fixed a problem with process redirection when a close is
    received without a preceding EOF. Thanks go to GitHub user
    xuoguoto who helped to provide sample scripts and ran tests
    to help track this down.
  * Fixed the processing of paths in SFTP client symlink
    requests. Thanks go to André Glüpker for reporting the
    problem and providing test code to demonstrate it.
  * Fixed an OpenSSH config file parsing issue. Thanks go to
    Siddh Raman Pant for reporting this issue.
  * Worked around a bug in a user auth banner generated by the
    cryptlib library. Thanks go to GitHub user mmayomoar for
    reporting this issue and suggesting a fix.

- update to 2.14.2 (bsc#1218165, CVE-2023-48795):
  * Implemented "strict kex" support and other countermeasures to
  * protect against the Terrapin Attack described in
    CVE-2023-48795
  * Fixed config parser to properly an optional equals delimiter
    in all config arguments.
  * Fixed TCP send error handling to avoid race condition when
    receiving incoming disconnect message.
  * Improved type signature in SSHConnection async context
    manager.

- update to 2.14.1 (bsc#1217028, CVE-2023-46445):
  * Hardened AsyncSSH state machine against potential message
    injection attacks, described in more detail in
    `CVE-2023-46445 and CVE-2023-46446
  * Added support for passing in a regex in readuntil in
    SSHReader,
  * Added support for get_addresses() and get_port() methods on
  * SSHAcceptor.
  * Fixed an issue with AsyncFileWriter potentially writing data
  * out of order.
  * Updated testing to include Python 3.12.
  * Updated readthedocs integration to use YAML config file.

- update to 2.14.0:
  * Added support for a new accept_handler argument when setting
    up local port forwarding, allowing the client host and port to
    be validated and/or logged for each new forwarded connection.
  * Added an option to disable expensive RSA private key checks
    when using OpenSSL 3.x. Functions that read private keys have
    been modified to include a new unsafe_skip_rsa_key_validation
    argument which can be used to avoid these additional checks,
    if you are loading keys from a trusted source.
  * Added host information into AsyncSSH exceptions when host key
    validation fails, and a few other improvements related to
    X.509 certificate validation errors.
  * Fixed a regression which prevented keys loaded into an SSH
    agent with a certificate from working correctly beginning in
    AsyncSSH after version 2.5.0.
  * Fixed an issue which was triggering an internal exception
    when shutting down server sessions with the line editor enabled
    which could cause some output to be lost on exit, especially when
    running on Windows.
  * Fixed a documentation error in SSHClientConnectionOptions and
    SSHServerConnectionOptions.

- update to 2.13.2:
  * Fixed an issue with host-based authentication when using
    proxy_command, allowing it to be used if the caller
    explicitly specifies client_host.
  * Improved handling of signature algorithms for OpenSSH
    certificates so that RSA SHA-2 signatures will work with
    both older and newer versions of OpenSSH.
  * Worked around an issue with some Cisco SSH implementations
    generating invalid "ignore" packets.
  * Fixed unit tests to avoid errors when cryptography's version
    of * OpenSSL disables support for SHA-1 signatures.
  * Fixed unit tests to avoid errors when the filesystem enforces
    that filenames be valid UTF-8 strings.
  * Added documentation about which config options apply when
    passing a string as a tunnel argument.

- update to 2.13.1:
  * Updated type definitions for mypy 1.0.0, removing a
    dependency on implicit Optional types, and working around an
    issue that could trigger a mypy internal error.
  * Updated unit tests to avoid calculation of SHA-1 signatures,
    which are no longer allowed in cryptography 39.0.0.
- drop remove-sha1.patch (upstream)