Asyncssh

---------------------------

* Added support for Ed448 host/client keys and certificates and
rewrote Ed25519 support to use the PyCA implementation, reducing
the dependency on libnacl and libsodium to only be needed to
support the chacha20-poly1305 cipher.

* Added support for PKCS8 format Ed25519 and Ed448 private and
public keys (in addition to the OpenSSH format previously
supported).

* Added support for multiple delimiters in SSHReader's readuntil()
function, causing it to return data as soon as any of the
specified delimiters are matched.

* Added the ability to register custom key handlers in the line
editor which can modify the input line, extending the built-in
editing functionality.

* Added SSHSubprocessProtocol and SSHSubprocessTransport classes
to provide compatibility with asyncio.SubprocessProtocol and
asyncio.SubprocessTransport. Code which is designed to call
BaseEventLoop.subprocess_shell() or BaseEventLoop.subprocess_exec()
can be easily adapted to work against a remote process by calling
SSHClientConnection.create_subprocess().

* Added support for sending keepalive messages when the SSH
connection is idle, with an option to automatically disconnect
the connection if the remote system doesn't respond to these
keepalives.

* Changed AsyncSSH to ignore errors when loading unsupported key
types from the default file locations.

* Changed the reuse_port option to only be available on Python
releases which support it (3.4.4 and later).

* Fixed an issue where MSG_IGNORE packets could sometimes be sent
between MSG_NEWKEYS and MSG_EXT_INFO, which caused some SSH
implementations to fail to properly parse the MSG_EXT_INFO.

* Fixed a couple of errors in the handling of disconnects occurring
prior to authentication completing.

* Renamed "session_encoding" and "session_errors" arguments in
asyncssh.create_server() to "encoding" and "errors", to match
the names used for these arguments in other AsyncSSH APIs. The
old names are still supported for now, but they are marked as
deprecated and will be removed in a future release.

----------------------------

* Added callback-based host validation in SSHClient, allowing callers
to decide programmatically whether to trust server host keys and
certificates rather than having to provide a list of trusted values
in advance.

* Changed SSH client code to only load the default known hosts file if
if exists. Previously an error was returned if a known_hosts value
wasn't specified and the default known_hosts file didn't exist. For
host validate to work in this case, verification callbacks must be
implemented or other forms of validation such as X.509 trusted CAs
or GSS-based key exchange must be used.

* Fixed known hosts validation to completely disable certificate checks
when known_hosts is set to None. Previously, key checking was disabled
in this case but other checks for certificate expiration and hostname
mismatch were still performed, causing connections to fail even when
checking was supposed to be disabled.

* Switched curve25519 key exchange to use the PyCA implementation,
avoiding a dependency on libnacl/libsodium. For now, support for
Ed25519 keys still requires these libraries.

* Added get_fingerprint() method to return a fingerprint of an SSHKey.

----------------------------

* Added the ability to pass keyword arguments provided in the scp()
command through to asyncssh.connect() calls it makes, allowing
things like custom credentials to be specified.

* Added support for a reuse_port argument in create_server(). If
set, this will be passed to the asyncio loop.create_server() call
which creates listening sockets.

* Added support for "soft" EOF when line editing in enabled so that
EOF can be signalled multiple times on a channel. When Ctrl-D is
received on a channel with line editing enabled, EOF is returned
to the application but the channel remains open and capable of
accepting more input, allowing an interactive shell to process
the EOF for one command but still accept input for subsequent
commands.

* Added support for the Windows 10 OpenSSH ssh-agent. Thanks go to
SamP20 for providing an initial proof of concept and a suggested
implementation.

* Reworked scoped link-local IPv6 address normalization to work
better on Linux systems.

* Fixed a problem preserving directory structure in recursive scp().

* Fixed SFTP chmod tests to avoid attempting to set the sticky bit on
a plain file, as this caused test failures on FreeBSD.

* Updated note in SSHClientChannel's send_signal() documentation to
reflect that OpenSSH 7.9 and later should now support processing
of signal messages.

---------------------------

* Changed license from EPL 1.0 to EPL 2.0 with GPL 2.0 or later as an
available secondary license.

* Added support for automatically parallelizing large reads and write
made using the SFTPClientFile class, similar to what was already
available in the get/put/copy methods of SFTPClient.

* Added support for get_extra_info() in SSH process classes, returning
information associated with the channel the process is tied to.

* Added new set_extra_info() method on SSH connection and channel
classes, allowing applications to store additional information on
these objects.

* Added handlers for OpenSSH keepalive global & channel requests to
avoid messages about unknown requests in the debug log. These requests
are still logged, but at debug level 2 instead of 1 and they are not
labeled as unknown.

* Fixed race condition when closing sockets associated with forwarded
connections.

* Improved error handling during connection close in SFTPClient.

* Worked around issues with integer overflow on systems with a
32-bit time_t value when dates beyond 2038 are used in X.509
certificates.

* Added guards around some imports and tests which were causing
problems on Fedora 27.

* Changed debug level for reporting PTY modes from 1 to 2 to reduce
noise in the logs.

* Improved SFTP debug log output when sending EOF responses.

----------------------------

* Added support for setting the Unicode error handling strategy in
conjunction with setting an encoding when creating new SSH sessions,
streams, and processes. This strategy can also be set when specifying
a session encoding in create_server(), and when providing an encoding
in the get_comment() and set_comment() functions on private/public
keys and certificates.

* Changed handling of Unicode in channels to use incrmeental codec,
similar to what was previously done in process redirection.

* Added Python 3.7 to the list of classifiers in setup.py, now that it
has been released.

* Updated Travis CI configuration to add Python 3.7 builds, and moved
Linux builds on never versions of Python up to xenial.

* Added missing coroutine decorator in test_channel.

---------------------------

* Added support for accessing client host keys via the OpenSSH
ssh-keysign program when doing host-based authentication. If
ssh-keysign is present and enabled on the system, an AsyncSSH
based SSH client can use host-based authentication without
access to the host private keys.

* Added support for using pathlib path objects when reading and
writing private and public keys and certificates.

* Added support for auth_completed() callback in the SSHServer
class which runs when authentication completes successfully
on each new connection.

* Fixed host-based authentication unit tests to mock out calls
to getnameinfo() to avoid failures on systems with restricted
network functionality.