diff options
| author | Sofian Brabez <sbz@FreeBSD.org> | 2017-08-11 21:48:57 +0000 |
|---|---|---|
| committer | Sofian Brabez <sbz@FreeBSD.org> | 2017-08-11 21:48:57 +0000 |
| commit | 55c0a57e71de58650fb18c10f84aad89ff924196 (patch) | |
| tree | fb913c70647156b1130c8bbb2e6a95ffc8be3192 /security/py-paramiko/files | |
| parent | Update to 3.5.0 (diff) | |
- Update to 2.2.1
PR: 216533
Submitted by: pi
Diffstat (limited to 'security/py-paramiko/files')
| -rw-r--r-- | security/py-paramiko/files/patch-paramiko_client.py | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/security/py-paramiko/files/patch-paramiko_client.py b/security/py-paramiko/files/patch-paramiko_client.py new file mode 100644 index 000000000000..5d0c0f116743 --- /dev/null +++ b/security/py-paramiko/files/patch-paramiko_client.py @@ -0,0 +1,44 @@ +--- paramiko/client.py.orig 2017-07-30 14:38:18 UTC ++++ paramiko/client.py +@@ -331,6 +331,30 @@ class SSHClient (ClosingContextManager): + t = self._transport = Transport( + sock, gss_kex=gss_kex, gss_deleg_creds=gss_deleg_creds) + t.use_compression(compress=compress) ++ ++ if port == SSH_PORT: ++ server_hostkey_name = hostname ++ else: ++ server_hostkey_name = "[%s]:%d" % (hostname, port) ++ ++ # if we already have a host key stored, change our key preference ++ known_host_keys = {} ++ known_host_keys.update( ++ self._system_host_keys.get(server_hostkey_name, {}) ++ ) ++ known_host_keys.update( ++ self.get_host_keys().get(server_hostkey_name, {}) ++ ) ++ ++ if known_host_keys: ++ # order the keys as follows: known keys in preferred-keys order, ++ # then unknown keys in preferred-keys order ++ valid_known_keys = [k for k in t._preferred_keys ++ if k in known_host_keys] ++ t._preferred_keys = (valid_known_keys ++ + [k for k in t._preferred_keys ++ if k not in valid_known_keys]) ++ + if gss_kex and gss_host is None: + t.set_gss_host(hostname) + elif gss_kex and gss_host is not None: +@@ -344,10 +368,6 @@ class SSHClient (ClosingContextManager): + if auth_timeout is not None: + t.auth_timeout = auth_timeout + +- if port == SSH_PORT: +- server_hostkey_name = hostname +- else: +- server_hostkey_name = "[%s]:%d" % (hostname, port) + our_server_keys = None + + # If GSS-API Key Exchange is performed we are not required to check the |