| 
									
										
										
										
											2025-03-28 16:42:57 +01:00
										 |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Jan 30 01:28:29 UTC 2025 - Steve Kowalik <steven.kowalik@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Switch to pyproject macros. | 
					
						
							|  |  |  |  | - Add typing-extensions to Requires for 3.11 and 3.12. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Wed Jan 29 15:05:24 UTC 2025 - ecsos <ecsos@opensuse.org> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Update to 25.0.0 | 
					
						
							|  |  |  |  |   * Backward-incompatible changes: - | 
					
						
							|  |  |  |  |   * Deprecations: - | 
					
						
							|  |  |  |  |   * Changes: | 
					
						
							|  |  |  |  |     - Corrected type annotations on Context.set_alpn_select_callback, | 
					
						
							|  |  |  |  |       Context.set_session_cache_mode, Context.set_options, Context.set_mode, | 
					
						
							|  |  |  |  |       X509.subject_name_hash, and X509Store.load_locations. | 
					
						
							|  |  |  |  |     - Deprecated APIs are now marked using warnings.deprecated. mypy will emit deprecation notices | 
					
						
							|  |  |  |  |       for them when used with --enable-error-code deprecated. | 
					
						
							|  |  |  |  | - Changes from 24.3.0 | 
					
						
							|  |  |  |  |   * Backward-incompatible changes: | 
					
						
							|  |  |  |  |     - Removed the deprecated OpenSSL.crypto.CRL, OpenSSL.crypto.Revoked, OpenSSL.crypto.dump_crl, | 
					
						
							|  |  |  |  |       and OpenSSL.crypto.load_crl. cryptography.x509's CRL functionality should be used instead. | 
					
						
							|  |  |  |  |     - Removed the deprecated OpenSSL.crypto.sign and OpenSSL.crypto.verify. | 
					
						
							|  |  |  |  |       cryptography.hazmat.primitives.asymmetric's signature APIs should be used instead. | 
					
						
							|  |  |  |  |   * Deprecations: | 
					
						
							|  |  |  |  |     - Deprecated OpenSSL.rand - callers should use os.urandom() instead. | 
					
						
							|  |  |  |  |     - Deprecated add_extensions and get_extensions on OpenSSL.crypto.X509Req and OpenSSL.crypto.X509. | 
					
						
							|  |  |  |  |       These should have been deprecated at the same time X509Extension was. Users should use pyca/cryptography's X.509 APIs instead. | 
					
						
							|  |  |  |  |     - Deprecated OpenSSL.crypto.get_elliptic_curves and OpenSSL.crypto.get_elliptic_curve, | 
					
						
							|  |  |  |  |       as well as passing the reult of them to OpenSSL.SSL.Context.set_tmp_ecdh, | 
					
						
							|  |  |  |  |       users should instead pass curves from cryptography. | 
					
						
							|  |  |  |  |     - Deprecated passing X509 objects to OpenSSL.SSL.Context.use_certificate, OpenSSL.SSL.Connection.use_certificate, | 
					
						
							|  |  |  |  |       OpenSSL.SSL.Context.add_extra_chain_cert, and OpenSSL.SSL.Context.add_client_ca, users should instead | 
					
						
							|  |  |  |  |       pass cryptography.x509.Certificate instances. This is in preparation for deprecating pyOpenSSL's X509 entirely. | 
					
						
							|  |  |  |  |     - Deprecated passing PKey objects to OpenSSL.SSL.Context.use_privatekey and OpenSSL.SSL.Connection.use_privatekey, | 
					
						
							|  |  |  |  |       users should instead pass cryptography priate key instances. This is in preparation for deprecating pyOpenSSL's PKey entirely. | 
					
						
							|  |  |  |  |   * Changes: | 
					
						
							|  |  |  |  |     - cryptography maximum version has been increased to 44.0.x. | 
					
						
							|  |  |  |  |     - OpenSSL.SSL.Connection.get_certificate, OpenSSL.SSL.Connection.get_peer_certificate, | 
					
						
							|  |  |  |  |       OpenSSL.SSL.Connection.get_peer_cert_chain, and OpenSSL.SSL.Connection.get_verified_chain | 
					
						
							|  |  |  |  |       now take an as_cryptography keyword-argument. When True is passed then | 
					
						
							|  |  |  |  |       cryptography.x509.Certificate are returned, instead of OpenSSL.crypto.X509. | 
					
						
							|  |  |  |  |       In the future, passing False (the default) will be deprecated. | 
					
						
							|  |  |  |  | - Rebase skip-networked-test.patch. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Jan 13 22:33:05 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Do not build tests noarch: they refer to %__isa, which differs | 
					
						
							|  |  |  |  |   per architecture, invalidating the noarch option. | 
					
						
							|  |  |  |  |   Fixes build with rpm 4.20. | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-12-13 11:59:48 +01:00
										 |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Jul 23 11:39:23 UTC 2024 - Adrian Schröter <adrian@suse.de> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - 24.2.1: | 
					
						
							|  |  |  |  |   * Deprecated OpenSSL.crypto.X509Req, | 
					
						
							|  |  |  |  |                OpenSSL.crypto.load_certificate_request, | 
					
						
							|  |  |  |  |                OpenSSL.crypto.dump_certificate_request. | 
					
						
							|  |  |  |  |     Instead, cryptography.x509.CertificateSigningRequest,s | 
					
						
							|  |  |  |  |              cryptography.x509.CertificateSigningRequestBuilder,s | 
					
						
							|  |  |  |  |              cryptography.x509.load_der_x509_csr,s | 
					
						
							|  |  |  |  |              or cryptography.x509.load_pem_x509_csr should be used. | 
					
						
							|  |  |  |  |   * Added type hints for the SSL module. #1308. | 
					
						
							|  |  |  |  |   * Changed OpenSSL.crypto.PKey.from_cryptography_key to accept public and private EC, ED25519, ED448 keys | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Sat Mar 16 13:04:43 UTC 2024 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 24.1.0: | 
					
						
							|  |  |  |  |   * Removed the deprecated OpenSSL.crypto.PKCS12 and | 
					
						
							|  |  |  |  |     OpenSSL.crypto.NetscapeSPKI. OpenSSL.crypto.PKCS12 may be | 
					
						
							|  |  |  |  |     replaced by the PKCS#12 APIs in the cryptography package. | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-05-03 22:00:38 +02:00
										 |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Jan 29 21:16:31 UTC 2024 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 24.0.0: | 
					
						
							|  |  |  |  |   * Added OpenSSL.SSL.Connection.get_selected_srtp_profile to | 
					
						
							|  |  |  |  |     determine which SRTP profile was negotiated. #1279. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Nov 27 08:52:41 UTC 2023 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 23.3.0: | 
					
						
							|  |  |  |  |   * Dropped support for Python 3.6. | 
					
						
							|  |  |  |  |   * The minimum ``cryptography`` version is now 41.0.5. | 
					
						
							|  |  |  |  |   * Removed ``OpenSSL.crypto.loads_pkcs7`` and | 
					
						
							|  |  |  |  |     ``OpenSSL.crypto.loads_pkcs12`` which had been deprecated for | 
					
						
							|  |  |  |  |     3 years. | 
					
						
							|  |  |  |  |   * Added ``OpenSSL.SSL.OP_LEGACY_SERVER_CONNECT`` to allow | 
					
						
							|  |  |  |  |     legacy insecure renegotiation between OpenSSL and unpatched | 
					
						
							|  |  |  |  |     servers. | 
					
						
							|  |  |  |  |   * Deprecated ``OpenSSL.crypto.PKCS12`` (which was intended to | 
					
						
							|  |  |  |  |     have been deprecated at the same time as | 
					
						
							|  |  |  |  |     ``OpenSSL.crypto.load_pkcs12``). | 
					
						
							|  |  |  |  |   * Deprecated ``OpenSSL.crypto.NetscapeSPKI``. | 
					
						
							|  |  |  |  |   * Deprecated ``OpenSSL.crypto.CRL`` | 
					
						
							|  |  |  |  |   * Deprecated ``OpenSSL.crypto.Revoked`` | 
					
						
							|  |  |  |  |   * Deprecated ``OpenSSL.crypto.load_crl`` and | 
					
						
							|  |  |  |  |     ``OpenSSL.crypto.dump_crl`` | 
					
						
							|  |  |  |  |   * Deprecated ``OpenSSL.crypto.sign`` and | 
					
						
							|  |  |  |  |     ``OpenSSL.crypto.verify`` | 
					
						
							|  |  |  |  |   * Deprecated ``OpenSSL.crypto.X509Extension`` | 
					
						
							|  |  |  |  |   * Changed ``OpenSSL.crypto.X509Store.add_crl`` to also accept | 
					
						
							|  |  |  |  |   * ``cryptography``'s ``x509.CertificateRevocationList`` | 
					
						
							|  |  |  |  |     arguments in addition | 
					
						
							|  |  |  |  |   * to the now deprecated ``OpenSSL.crypto.CRL`` arguments. | 
					
						
							|  |  |  |  |   * Fixed ``test_set_default_verify_paths`` test so that it is | 
					
						
							|  |  |  |  |     skipped if no network connection is available. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Jun 19 20:25:32 UTC 2023 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 23.2.0: | 
					
						
							|  |  |  |  |   * Removed ``X509StoreFlags.NOTIFY_POLICY``. | 
					
						
							|  |  |  |  |   * ``cryptography`` maximum version has been increased to | 
					
						
							|  |  |  |  |     41.0.x. | 
					
						
							|  |  |  |  |   * Invalid versions are now rejected in | 
					
						
							|  |  |  |  |     ``OpenSSL.crypto.X509Req.set_version``. | 
					
						
							|  |  |  |  |   * Added ``X509VerificationCodes`` to ``OpenSSL.SSL``. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri Apr 21 12:30:17 UTC 2023 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - add sle15_python_module_pythons (jsc#PED-68) | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Apr 13 22:43:49 UTC 2023 - Matej Cepl <mcepl@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Make calling of %{sle15modernpython} optional. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Mar 28 15:40:13 UTC 2023 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 23.1.1: | 
					
						
							|  |  |  |  |   * Worked around an issue in OpenSSL 3.1.0 which caused | 
					
						
							|  |  |  |  |     `X509Extension.get_short_name` to raise an exception when no | 
					
						
							|  |  |  |  |     short name was known to OpenSSL. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Mar 27 07:54:16 UTC 2023 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 23.1.0: | 
					
						
							|  |  |  |  |   * ``cryptography`` maximum version has been increased to | 
					
						
							|  |  |  |  |     40.0.x. | 
					
						
							|  |  |  |  |   * Add ``OpenSSL.SSL.Connection.DTLSv1_get_timeout`` and | 
					
						
							|  |  |  |  |     ``OpenSSL.SSL.Connection.DTLSv1_handle_timeout`` | 
					
						
							|  |  |  |  |     to support DTLS timeouts `#1180 | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Jan  2 18:47:06 UTC 2023 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 23.0.0: | 
					
						
							|  |  |  |  |   * Add ``OpenSSL.SSL.X509StoreFlags.PARTIAL_CHAIN`` constant to allow for | 
					
						
							|  |  |  |  |     users | 
					
						
							|  |  |  |  |   to perform certificate verification on partial certificate chains. | 
					
						
							|  |  |  |  |   * ``cryptography`` maximum version has been increased to 39.0.x. | 
					
						
							|  |  |  |  | - drop pyOpenSSL-pr1158-conditional-__all__.patch (upstream) | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri Oct 21 14:20:05 UTC 2022 - Ben Greiner <code@bnavigator.de> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Upstream post-release doc fix (gh#pyca/pyopenssl#1150) | 
					
						
							|  |  |  |  |   * The minimum cryptography version is now 38.0.x (and we now pin | 
					
						
							|  |  |  |  |     releases  against cryptography major versions to prevent future | 
					
						
							|  |  |  |  |     breakage) | 
					
						
							|  |  |  |  | - Add pyOpenSSL-pr1158-conditional-__all__.patch | 
					
						
							|  |  |  |  |   gh#pyca/pyopenssl#1158 | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Sep 29 19:33:29 UTC 2022 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 22.1.0: | 
					
						
							|  |  |  |  |   * Remove support for SSLv2 and SSLv3. | 
					
						
							|  |  |  |  |   * The minimum ``cryptography`` version is now 37.0.2. | 
					
						
							|  |  |  |  |   * The ``OpenSSL.crypto.X509StoreContextError`` exception has been refactored, | 
					
						
							|  |  |  |  |     changing its internal attributes. | 
					
						
							|  |  |  |  |   * Add ``OpenSSL.SSL.Connection.set_verify`` and ``OpenSSL.SSL.Connection.get_verify_mode`` | 
					
						
							|  |  |  |  |     to override the context object's verification flags. | 
					
						
							|  |  |  |  |   * Add ``OpenSSL.SSL.Connection.use_certificate`` and | 
					
						
							|  |  |  |  |     ``OpenSSL.SSL.Connection.use_privatekey`` | 
					
						
							|  |  |  |  |     to set a certificate per connection (and not just per context) | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Wed Jun  1 08:25:21 UTC 2022 - Steve Kowalik <steven.kowalik@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Shift BuildRequires on openssl, it's only required for tests. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri Feb  4 23:21:43 UTC 2022 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 22.0.0: | 
					
						
							|  |  |  |  |   - Drop support for Python 2.7. | 
					
						
							|  |  |  |  |   - The minimum ``cryptography`` version is now 35.0. | 
					
						
							|  |  |  |  |   - Expose wrappers for some `DTLS | 
					
						
							|  |  |  |  |     <https://en.wikipedia.org/wiki/Datagram_Transport_Layer_Security>`_ | 
					
						
							|  |  |  |  |     primitives. | 
					
						
							|  |  |  |  | - drop check_inv_ALPN_lists.patch: upstream | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Dec  9 05:55:51 UTC 2021 - Steve Kowalik <steven.kowalik@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Inject multibuild to avoid a build loop. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Sat Oct 30 19:08:35 UTC 2021 - Matej Cepl <mcepl@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Add check_inv_ALPN_lists.patch checks for invalid ALPN lists | 
					
						
							|  |  |  |  |   before calling OpenSSL (gh#pyca/pyopenssl#1056). | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Oct 26 20:27:12 UTC 2021 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 21.0.0 (bsc#1200771, jsc#SLE-24519): | 
					
						
							|  |  |  |  |   - The minimum ``cryptography`` version is now 3.3. | 
					
						
							|  |  |  |  |   - Drop support for Python 3.5 | 
					
						
							|  |  |  |  |   - Raise an error when an invalid ALPN value is set. | 
					
						
							|  |  |  |  |   - Added ``OpenSSL.SSL.Context.set_min_proto_version`` and ``OpenSSL.SSL.Context.set_max_proto_version`` | 
					
						
							|  |  |  |  |   - Updated ``to_cryptography`` and ``from_cryptography`` methods to support an | 
					
						
							|  |  |  |  |     upcoming release of ``cryptography`` without raising deprecation warnings. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Feb  1 18:07:21 UTC 2021 - Dirk Müller <dmueller@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 20.0.1: | 
					
						
							|  |  |  |  |   - Fixed compatibility with OpenSSL 1.1.0. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Dec 22 22:28:30 UTC 2020 - Matej Cepl <mcepl@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Adjust metadata for skip-networked-test.patch and refer to the proper | 
					
						
							|  |  |  |  |   upstream ticket gh#pyca/pyopenssl#68. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri Dec 11 13:21:19 UTC 2020 - Matej Cepl <mcepl@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - According to gh#pyca/pyopenssl#684 tests must run with TZ=UTC, also | 
					
						
							|  |  |  |  |   skip test_verify_with_time on %ix86. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Wed Dec  9 16:41:15 UTC 2020 - Marcus Rueckert <mrueckert@suse.de> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Update to v20.0.0 | 
					
						
							|  |  |  |  |   - Backward-incompatible changes: | 
					
						
							|  |  |  |  |     - The minimum cryptography version is now 3.2. | 
					
						
							|  |  |  |  |     - Remove deprecated OpenSSL.tsafe module. | 
					
						
							|  |  |  |  |     - Removed deprecated | 
					
						
							|  |  |  |  |       OpenSSL.SSL.Context.set_npn_advertise_callback, | 
					
						
							|  |  |  |  |       OpenSSL.SSL.Context.set_npn_select_callback, and | 
					
						
							|  |  |  |  |       OpenSSL.SSL.Connection.get_next_proto_negotiated. | 
					
						
							|  |  |  |  |     - Drop support for Python 3.4 | 
					
						
							|  |  |  |  |     - Drop support for OpenSSL 1.0.1 and 1.0.2 | 
					
						
							|  |  |  |  |   - Deprecations: | 
					
						
							|  |  |  |  |     - Deprecated OpenSSL.crypto.loads_pkcs7 and | 
					
						
							|  |  |  |  |       OpenSSL.crypto.loads_pkcs12. | 
					
						
							|  |  |  |  |   - Changes: | 
					
						
							|  |  |  |  |     - Added a new optional chain parameter to | 
					
						
							|  |  |  |  |       OpenSSL.crypto.X509StoreContext() where additional untrusted | 
					
						
							|  |  |  |  |       certificates can be specified to help chain building. #948 | 
					
						
							|  |  |  |  |     - Added OpenSSL.crypto.X509Store.load_locations to set trusted | 
					
						
							|  |  |  |  |       certificate file bundles and/or directories for verification. | 
					
						
							|  |  |  |  |       #943 | 
					
						
							|  |  |  |  |     - Added Context.set_keylog_callback to log key material. #910 | 
					
						
							|  |  |  |  |     - Added OpenSSL.SSL.Connection.get_verified_chain to retrieve | 
					
						
							|  |  |  |  |       the verified certificate chain of the peer. #894. | 
					
						
							|  |  |  |  |     - Make verification callback optional in Context.set_verify. If | 
					
						
							|  |  |  |  |       omitted, OpenSSL’s default verification is used. #933 | 
					
						
							|  |  |  |  |     - Fixed a bug that could truncate or cause a zero-length key | 
					
						
							|  |  |  |  |       error due to a null byte in private key passphrase in | 
					
						
							|  |  |  |  |       OpenSSL.crypto.load_privatekey and | 
					
						
							|  |  |  |  |       OpenSSL.crypto.dump_privatekey. #947 | 
					
						
							|  |  |  |  | - drop patch fix-compilation-2020.patch: no longer needed | 
					
						
							|  |  |  |  | - refreshed patch skip-networked-test.patch | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Feb 18 16:49:55 UTC 2020 - John Vandenberg <jayvdb@gmail.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Update to v19.1 | 
					
						
							|  |  |  |  |   * Removed deprecated aliases ContextType, ConnectionType, PKeyType, X509NameType, | 
					
						
							|  |  |  |  |     X509ReqType, X509Type, X509StoreType, CRLType, PKCS7Type, PKCS12Type, and NetscapeSPKIType. | 
					
						
							|  |  |  |  |     Use the classes without the ``Type`` suffix instead. | 
					
						
							|  |  |  |  |   * The minimum ``cryptography`` version is now 2.8 | 
					
						
							|  |  |  |  |   * Deprecated ``OpenSSL.SSL.Context.set_npn_advertise_callback, | 
					
						
							|  |  |  |  |     OpenSSL.SSL.Context.set_npn_select_callback, and | 
					
						
							|  |  |  |  |     OpenSSL.SSL.Connection.get_next_proto_negotiated | 
					
						
							|  |  |  |  |     ALPN should be used instead. | 
					
						
							|  |  |  |  |   * Support bytearray in SSL.Connection.send() by using cffi's from_buffer | 
					
						
							|  |  |  |  |   * The OpenSSL.SSL.Context.set_alpn_select_callback can return a new | 
					
						
							|  |  |  |  |     NO_OVERLAPPING_PROTOCOLS sentinel value to allow a TLS handshake | 
					
						
							|  |  |  |  |     to complete without an application protocol. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Aug 22 12:02:59 UTC 2019 - Bernhard Wiedemann <bwiedemann@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Add fix-compilation-2020.patch to fix tests after 2020 | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Mar  7 15:53:31 UTC 2019 - John Vandenberg <jayvdb@gmail.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Remove no longer necessary pytest argument -k "not test_export_text" | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Sat Mar  2 16:29:39 UTC 2019 - Ondřej Súkup <mimi.vx@gmail.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 19.0 | 
					
						
							|  |  |  |  | - fixed build deps. | 
					
						
							|  |  |  |  | - drop patches: openssl-1.1.0i.patch | 
					
						
							|  |  |  |  |                 openssl-1.1.1.patch | 
					
						
							|  |  |  |  |                 opensuse_ca.patch | 
					
						
							|  |  |  |  |                 tls13-renegotiation.patch | 
					
						
							|  |  |  |  |  * X509Store.add_cert no longer raises an error if you add a duplicate cert. | 
					
						
							|  |  |  |  |  * pyOpenSSL now works with OpenSSL 1.1.1. | 
					
						
							|  |  |  |  |  * pyOpenSSL now handles NUL bytes in X509Name.get_components() | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri Mar  1 18:06:10 UTC 2019 - Hans-Peter Jansen <hpj@urpla.net> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - remove everything to build docs: | 
					
						
							|  |  |  |  |   - local-intersphinx-inventories.patch | 
					
						
							|  |  |  |  |   - fetch-intersphinx-inventories.sh | 
					
						
							|  |  |  |  |   - python3.inv | 
					
						
							|  |  |  |  |   - crypto.inv | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Feb 25 19:56:35 UTC 2019 - Todd R <toddrme2178@gmail.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Add fetch-intersphinx-inventories.sh to sources | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Sat Feb  2 18:56:14 UTC 2019 - Hans-Peter Jansen <hpj@urpla.net> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - add local-intersphinx-inventories.patch for generating the docs | 
					
						
							|  |  |  |  |   correctly | 
					
						
							|  |  |  |  | - add fetch-intersphinx-inventories.sh to fetch the inventories | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Oct 30 13:41:43 UTC 2018 - Vítězslav Čížek <vcizek@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - handle that renegotiation is forbidden in TLS 1.3 | 
					
						
							|  |  |  |  |   * add tls13-renegotiation.patch | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Oct 30 11:21:30 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Add patch to fix issues with openssl 1.1.1: | 
					
						
							|  |  |  |  |   * openssl-1.1.1.patch | 
					
						
							|  |  |  |  | - Drop the downstream fix_test_suite.patch | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Oct 30 01:06:28 CET 2018 - mcepl@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Add patch fix_test_suite.patch to allow test suite to pass with | 
					
						
							|  |  |  |  |   OpenSSL 1.1.1. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri Oct  5 14:31:59 UTC 2018 - Vítězslav Čížek <vcizek@suse.com> | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - OpenSSL changed X509_STORE_add_cert in 1.1.0i such that it no longer | 
					
						
							|  |  |  |  |   raises an error if a duplicate cert is added (bsc#1110435) | 
					
						
							|  |  |  |  |   * https://github.com/pyca/pyopenssl/pull/787 | 
					
						
							|  |  |  |  |   * add X509_STORE_add_cert.patch | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri Aug 24 09:08:36 UTC 2018 - tchvatal@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Add patch to work with openssl 1.1.0i+: | 
					
						
							|  |  |  |  |   * openssl-1.1.0i.patch | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Aug 16 15:48:21 UTC 2018 - tchvatal@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Update to 18.0.0: | 
					
						
							|  |  |  |  |   * Update for new openssl 1.1.1 | 
					
						
							|  |  |  |  | - Remove not needed patches: | 
					
						
							|  |  |  |  |   * bug-lp-1265482.diff | 
					
						
							|  |  |  |  |   * rsa128-i586.patch | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Jun 14 14:41:50 UTC 2018 - hpj@urpla.net | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - add missing python-cffi dependency | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Feb 27 19:20:19 UTC 2018 - aplanas@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Use %__python3 macro to call Python 3 binary | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri Feb  2 11:36:18 UTC 2018 - tchvatal@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Update to 17.5.0: | 
					
						
							|  |  |  |  |   * The minimum cryptography version is now 2.1.4. | 
					
						
							|  |  |  |  |   * Fixed various memory leaks | 
					
						
							|  |  |  |  |   * Various fuzz fixes | 
					
						
							|  |  |  |  |   * See CHANGELOG.rst | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Wed Aug 23 05:26:31 UTC 2017 - tbechtold@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 17.2.0: | 
					
						
							|  |  |  |  |   - Deprecated ``OpenSSL.rand`` - callers should use ``os.urandom()`` instead. | 
					
						
							|  |  |  |  |   - Fixed a bug causing ``Context.set_default_verify_paths()`` to not work with | 
					
						
							|  |  |  |  |     cryptography ``manylinux1`` wheels on Python 3.x. | 
					
						
							|  |  |  |  |   - Fixed a crash with (EC)DSA signatures in some cases. | 
					
						
							|  |  |  |  |   - Removed the deprecated ``OpenSSL.rand.egd()`` function. | 
					
						
							|  |  |  |  |     Applications should prefer ``os.urandom()`` for random number generation. | 
					
						
							|  |  |  |  |   - Removed the deprecated default ``digest`` argument to ``OpenSSL.crypto.CRL.export()``. | 
					
						
							|  |  |  |  |     Callers must now always pass an explicit ``digest``. | 
					
						
							|  |  |  |  |   - Fixed a bug with ``ASN1_TIME`` casting in ``X509.set_notBefore()``, | 
					
						
							|  |  |  |  |     ``X509.set_notAfter()``, ``Revoked.set_rev_date()``, ``Revoked.set_nextUpdate()``, | 
					
						
							|  |  |  |  |     and ``Revoked.set_lastUpdate()``. You must now pass times in the form | 
					
						
							|  |  |  |  |     ``YYYYMMDDhhmmssZ``. ``YYYYMMDDhhmmss+hhmm`` and ``YYYYMMDDhhmmss-hhmm`` | 
					
						
							|  |  |  |  |     will no longer work. `#612 <https://github.com/pyca/pyopenssl/pull/612>`_ | 
					
						
							|  |  |  |  |   - Deprecated the legacy "Type" aliases: ``ContextType``, ``ConnectionType``, | 
					
						
							|  |  |  |  |     ``PKeyType``, ``X509NameType``, ``X509ExtensionType``, ``X509ReqType``, | 
					
						
							|  |  |  |  |     ``X509Type``, ``X509StoreType``, ``CRLType``, ``PKCS7Type``, ``PKCS12Type``, | 
					
						
							|  |  |  |  |     ``NetscapeSPKIType``. | 
					
						
							|  |  |  |  |     The names without the "Type"-suffix should be used instead. | 
					
						
							|  |  |  |  |   - Added ``OpenSSL.crypto.X509.from_cryptography()`` and ``OpenSSL.crypto.X509.to_cryptography()`` | 
					
						
							|  |  |  |  |     for converting X.509 certificate to and from pyca/cryptography objects. | 
					
						
							|  |  |  |  |   - Added ``OpenSSL.crypto.X509Req.from_cryptography()``, ``OpenSSL.crypto.X509Req.to_cryptography()``, | 
					
						
							|  |  |  |  |     ``OpenSSL.crypto.CRL.from_cryptography()``, and ``OpenSSL.crypto.CRL.to_cryptography()`` | 
					
						
							|  |  |  |  |     for converting X.509 CSRs and CRLs to and from pyca/cryptography objects. | 
					
						
							|  |  |  |  |   - Added ``OpenSSL.debug`` that allows to get an overview of used library versions | 
					
						
							|  |  |  |  |     (including linked OpenSSL) and other useful runtime information using | 
					
						
							|  |  |  |  |     ``python -m OpenSSL.debug``. | 
					
						
							|  |  |  |  |   - Added a fallback path to ``Context.set_default_verify_paths()`` to accommodate | 
					
						
							|  |  |  |  |     the upcoming release of ``cryptography`` ``manylinux1`` wheels. | 
					
						
							|  |  |  |  | - Drop python-pyOpenSSL=replace-expired-cert.patch . Applied upstream. | 
					
						
							|  |  |  |  | - Drop python-pyOpenSSL-always-overflow.patch. Applied upstream. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Aug 10 11:38:17 CEST 2017 - ro@suse.de | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - add patch to always trigger overflow in the testsuite | 
					
						
							|  |  |  |  |   (gh#pyca/pyopenssl#657) b3460c6a9a45a016d1ab65c149c606fa3f07096d | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |   python-pyOpenSSL-always-overflow.patch | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Jun 13 07:05:41 UTC 2017 - dimstar@opensuse.org | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Add python-pyOpenSSL=replace-expired-cert.patch: the root cert | 
					
						
							|  |  |  |  |   expired, mking the test suite fail. Replace the certificate with | 
					
						
							|  |  |  |  |   a new one, valid for 20 years (gh#pyca/pyopenssl#637). | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri May  5 21:32:55 UTC 2017 - toddrme2178@gmail.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Fix Provides/Obsoletes. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Wed Apr 26 14:20:27 UTC 2017 - toddrme2178@gmail.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Implement single-spec version | 
					
						
							|  |  |  |  | - Fix source URL | 
					
						
							|  |  |  |  | - Update to 17.0.0 | 
					
						
							|  |  |  |  |   * Added ``OpenSSL.X509Store.set_time()`` to set a custom | 
					
						
							|  |  |  |  |     verification time when verifying certificate chains. | 
					
						
							|  |  |  |  |   * Added a collection of functions for working with OCSP stapling. | 
					
						
							|  |  |  |  |     None of these functions make it possible to validate OCSP | 
					
						
							|  |  |  |  |     assertions, only to staple them into the handshake and to | 
					
						
							|  |  |  |  |     retrieve the stapled assertion if provided. | 
					
						
							|  |  |  |  |     Users will need to write their own code to handle OCSP | 
					
						
							|  |  |  |  |     assertions. | 
					
						
							|  |  |  |  |     We specifically added: ``Context.set_ocsp_server_callback``, | 
					
						
							|  |  |  |  |     ``Context.set_ocsp_client_callback``, and | 
					
						
							|  |  |  |  |     ``Connection.request_ocsp``. | 
					
						
							|  |  |  |  |   * Changed the ``SSL`` module's memory allocation policy to | 
					
						
							|  |  |  |  |     avoid zeroing memory it allocates when unnecessary. | 
					
						
							|  |  |  |  |     This reduces CPU usage and memory allocation time by an amount | 
					
						
							|  |  |  |  |     proportional to the size of the allocation. | 
					
						
							|  |  |  |  |     For applications that process a lot of TLS data or that use | 
					
						
							|  |  |  |  |     very lage allocations this can provide considerable performance | 
					
						
							|  |  |  |  |     improvements. | 
					
						
							|  |  |  |  |   * Automatically set ``SSL_CTX_set_ecdh_auto()`` on | 
					
						
							|  |  |  |  |     ``OpenSSL.SSL.Context``. | 
					
						
							|  |  |  |  |   - Fix empty exceptions from ``OpenSSL.crypto.load_privatekey()``. | 
					
						
							|  |  |  |  | - Rebase bug-lp-1265482.diff | 
					
						
							|  |  |  |  | - Rebase rsa128-i586.patch | 
					
						
							|  |  |  |  | - Rebase skip-networked-test.patch | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Wed Nov 16 07:46:25 UTC 2016 - dmueller@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - fix source url | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Nov 15 09:39:09 UTC 2016 - mlin@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Change source url to pypi.io | 
					
						
							|  |  |  |  |   * version 16.2.0 source tarball failed to download from pypi.python.org | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Nov 14 08:46:18 UTC 2016 - mlin@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Update to 16.2.0 | 
					
						
							|  |  |  |  |   * Deprecations | 
					
						
							|  |  |  |  |   ** Dropped support for OpenSSL 0.9.8. | 
					
						
							|  |  |  |  |   * Changes | 
					
						
							|  |  |  |  |   ** Fix memory leak in OpenSSL.crypto.dump_privatekey() with FILETYPE_TEXT. #496 | 
					
						
							|  |  |  |  |   ** Enable use of CRL (and more) in verify context. #483 | 
					
						
							|  |  |  |  |   ** OpenSSL.crypto.PKey can now be constructed from cryptography objects and also | 
					
						
							|  |  |  |  |      exported as such. #439 | 
					
						
							|  |  |  |  |   ** Support newer versions of cryptography which use opaque structs for OpenSSL | 
					
						
							|  |  |  |  |      1.1.0 compatibility. | 
					
						
							|  |  |  |  |   ** Fixed compatibility errors with OpenSSL 1.1.0. | 
					
						
							|  |  |  |  |   ** Fixed an issue that caused failures with subinterpreters and embedded Pythons. | 
					
						
							|  |  |  |  |      #552 | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon May 16 15:29:16 UTC 2016 - jmatejek@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - added %check section with testsuite | 
					
						
							|  |  |  |  | - skip-networked-test.patch - mark a test as networked so that we can | 
					
						
							|  |  |  |  |   specify non-network test run | 
					
						
							|  |  |  |  | - rsa128-i586.patch - sidestep a crasher bug on 32bit platforms | 
					
						
							|  |  |  |  |   by generating reasonably-sized RSA keys instead of small 128bit ones | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon May  9 09:54:12 UTC 2016 - hpj@urpla.net | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 16.0.0 | 
					
						
							|  |  |  |  |   Backward-incompatible changes: | 
					
						
							|  |  |  |  |   * Python 3.2 support has been dropped. It never had significant real world | 
					
						
							|  |  |  |  |     usage and has been dropped by our main dependency cryptography. Affected | 
					
						
							|  |  |  |  |     users should upgrade to Python 3.3 or later. | 
					
						
							|  |  |  |  |   Deprecations: | 
					
						
							|  |  |  |  |   * The support for EGD has been removed. The only affected function | 
					
						
							|  |  |  |  |     OpenSSL.rand.egd() now uses os.urandom() to seed the internal PRNG instead. | 
					
						
							|  |  |  |  |     Please see pyca/cryptography#1636 for more background information on this | 
					
						
							|  |  |  |  |     decision. In accordance with our backward compatibility policy | 
					
						
							|  |  |  |  |     OpenSSL.rand.egd() will be removed no sooner than a year from the release of | 
					
						
							|  |  |  |  |     16.0.0. | 
					
						
							|  |  |  |  |   * Please note that you should use urandom for all your secure random number | 
					
						
							|  |  |  |  |     needs. | 
					
						
							|  |  |  |  |   * Python 2.6 support has been deprecated. Our main dependency cryptography | 
					
						
							|  |  |  |  |     deprecated 2.6 in version 0.9 (2015-05-14) with no time table for actually | 
					
						
							|  |  |  |  |     dropping it. pyOpenSSL will drop Python 2.6 support once cryptography does. | 
					
						
							|  |  |  |  |   Changes: | 
					
						
							|  |  |  |  |   * Fixed OpenSSL.SSL.Context.set_session_id, OpenSSL.SSL.Connection.renegotiate, | 
					
						
							|  |  |  |  |     OpenSSL.SSL.Connection.renegotiate_pending, and | 
					
						
							|  |  |  |  |     OpenSSL.SSL.Context.load_client_ca. They were lacking an implementation since | 
					
						
							|  |  |  |  |     0.14. #422 | 
					
						
							|  |  |  |  |   * Fixed segmentation fault when using keys larger than 4096-bit to sign data. | 
					
						
							|  |  |  |  |     #428 | 
					
						
							|  |  |  |  |   * Fixed AttributeError when OpenSSL.SSL.Connection.get_app_data() was called | 
					
						
							|  |  |  |  |     before setting any app data. #304 | 
					
						
							|  |  |  |  |   * Added OpenSSL.crypto.dump_publickey() to dump OpenSSL.crypto.PKey objects | 
					
						
							|  |  |  |  |     that represent public keys, and OpenSSL.crypto.load_publickey() to load such | 
					
						
							|  |  |  |  |     objects from serialized representations. #382 | 
					
						
							|  |  |  |  |   * Added OpenSSL.crypto.dump_crl() to dump a certificate revocation list out to | 
					
						
							|  |  |  |  |     a string buffer. #368 | 
					
						
							|  |  |  |  |   * Added OpenSSL.SSL.Connection.get_state_string() using the OpenSSL binding | 
					
						
							|  |  |  |  |     state_string_long. #358 | 
					
						
							|  |  |  |  |   * Added support for the socket.MSG_PEEK flag to OpenSSL.SSL.Connection.recv() | 
					
						
							|  |  |  |  |     and OpenSSL.SSL.Connection.recv_into(). #294 | 
					
						
							|  |  |  |  |   * Added OpenSSL.SSL.Connection.get_protocol_version() and | 
					
						
							|  |  |  |  |     OpenSSL.SSL.Connection.get_protocol_version_name(). #244 | 
					
						
							|  |  |  |  |   * Switched to utf8string mask by default. OpenSSL formerly defaulted to a | 
					
						
							|  |  |  |  |     T61String if there were UTF-8 characters present. This was changed to | 
					
						
							|  |  |  |  |     default to UTF8String in the config around 2005, but the actual code didn’t | 
					
						
							|  |  |  |  |     change it until late last year. This will default us to the setting that | 
					
						
							|  |  |  |  |     actually works. To revert this you can call | 
					
						
							|  |  |  |  |     OpenSSL.crypto._lib.ASN1_STRING_set_default_mask_asc(b"default"). #234 | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - fixed paths in bug-lp-1265482.diff | 
					
						
							|  |  |  |  | - fixed doc generation | 
					
						
							|  |  |  |  | - spec clean up | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Tue Jul 14 13:07:00 UTC 2015 - toddrme2178@gmail.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Fix building on SLES 11 | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Wed Apr 22 09:50:09 UTC 2015 - mcihar@suse.cz | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Do not hardcode version in file list | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Wed Apr 22 09:42:53 UTC 2015 - mcihar@suse.cz | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - udapte to 0.15.1 | 
					
						
							|  |  |  |  | 	* OpenSSL/SSL.py, OpenSSL/test/test_ssl.py: Fix a regression | 
					
						
							|  |  |  |  | 	  present in 0.15, where when an error occurs and no errno() is set, | 
					
						
							|  |  |  |  | 	  a KeyError is raised.  This happens, for example, if | 
					
						
							|  |  |  |  | 	  Connection.shutdown() is called when the underlying transport has | 
					
						
							|  |  |  |  | 	  gone away. | 
					
						
							|  |  |  |  | 	* OpenSSL/rand.py, OpenSSL/SSL.py: APIs which previously accepted | 
					
						
							|  |  |  |  | 	  filenames only as bytes now accept them as either bytes or | 
					
						
							|  |  |  |  | 	  unicode (and respect sys.getfilesystemencoding()). | 
					
						
							|  |  |  |  | 	* OpenSSL/SSL.py: Add Cory Benfield's next-protocol-negotiation | 
					
						
							|  |  |  |  | 	  (NPN) bindings. | 
					
						
							|  |  |  |  | 	* OpenSSL/SSL.py: Add ``Connection.recv_into``, mirroring the | 
					
						
							|  |  |  |  | 	  builtin ``socket.recv_into``.  Based on work from Cory Benfield. | 
					
						
							|  |  |  |  | 	* OpenSSL/test/test_ssl.py: Add tests for ``recv_into``. | 
					
						
							|  |  |  |  | 	* OpenSSL/crypto.py: Expose ``X509StoreContext`` for verifying certificates. | 
					
						
							|  |  |  |  | 	* OpenSSL/test/test_crypto.py: Add intermediate certificates for | 
					
						
							|  |  |  |  | 	* OpenSSL/SSL.py: ``Connection.shutdown`` now propagates errors from the | 
					
						
							|  |  |  |  | 	  underlying socket. | 
					
						
							|  |  |  |  | 	* OpenSSL/SSL.py: Fixed a regression ``Context.check_privatekey`` | 
					
						
							|  |  |  |  | 	  causing it to always succeed - even if it should fail. | 
					
						
							|  |  |  |  | 	* OpenSSL/crypto.py: Fixed a regression where calling ``load_pkcs7_data`` | 
					
						
							|  |  |  |  | 	  with ``FILETYPE_ASN1`` would fail with a ``NameError``. | 
					
						
							|  |  |  |  | 	* OpenSSL/SSL.py: Fix a regression in which the first argument of | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Feb 24 12:58:58 UTC 2014 - mvyskocil@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 0.14 | 
					
						
							|  |  |  |  |   * Support for TLSv1.1 and TLSv1.2 | 
					
						
							|  |  |  |  |   * First-class support for PyPy | 
					
						
							|  |  |  |  |   * New flags, such as MODE_RELEASE_BUFFERS and OP_NO_COMPRESSION | 
					
						
							|  |  |  |  |   * Some APIs to access to the SSL session cache | 
					
						
							|  |  |  |  |   * A variety of bug fixes for error handling cases | 
					
						
							|  |  |  |  |   * Documentation has been converted from LaTeX | 
					
						
							|  |  |  |  |     + python-pyOpenSSL-doc is now build from single spec file | 
					
						
							|  |  |  |  |   * pyOpenSSL now depends on cryptography, so it became pure-python | 
					
						
							|  |  |  |  |     module | 
					
						
							|  |  |  |  |     + changed to noarch package, add proper dependencies | 
					
						
							|  |  |  |  |   * Development moved to github | 
					
						
							|  |  |  |  |     + changed Url tag respectivelly | 
					
						
							|  |  |  |  | - refreshed bug-lp-1265482.diff | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Jan  2 11:17:23 UTC 2014 - dmueller@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | -Add bug-lp-1265482.diff; fix testsuite for SLE11 (bnc#855666) | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri Sep 13 14:02:43 UTC 2013 - jmatejek@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - update to 0.13.1 | 
					
						
							|  |  |  |  |   * fixes NUL byte handling in subjectAltName (bnc#839107, CVE-2013-4314) | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Fri Apr  5 07:54:12 UTC 2013 - speilicke@suse.com | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Package LICENSE | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Mon Jul  9 18:34:08 PDT 2012 - msuman@opensuse.org | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Update to version 0.13 | 
					
						
							|  |  |  |  |   * Add OPENSSL_VERSION_NUMBER, SSLeay_version and related | 
					
						
							|  |  |  |  |     constants for retrieving version information about the | 
					
						
							|  |  |  |  |     underlying OpenSSL library. | 
					
						
							|  |  |  |  |   * Support OpenSSL 1.0.0a and related changes. | 
					
						
							|  |  |  |  |   * Remove SSLv2 support if the underlying OpenSSL library does | 
					
						
							|  |  |  |  |     not provide it. | 
					
						
							|  |  |  |  |   * Add a new method to the X509 type, get_signature_algorithm. | 
					
						
							|  |  |  |  |   * Add a new method to the Connection type, get_peer_cert_chain. | 
					
						
							|  |  |  |  |   * Add the PKey.check method to verify the internal consistency | 
					
						
							|  |  |  |  |     of a PKey instance. | 
					
						
							|  |  |  |  |   * Bug fixes. | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Thu Sep  1 08:48:23 UTC 2011 - saschpe@suse.de | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Changed license to Apache-2.0, to fix bnc#715423 | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | ------------------------------------------------------------------- | 
					
						
							|  |  |  |  | Wed Aug 31 14:21:58 UTC 2011 - saschpe@suse.de | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | - Initial version, obsoletes 'python-openssl': | 
					
						
							|  |  |  |  |   * Builds properly on all SUSE version | 
					
						
							|  |  |  |  |   * Has real HTML documentation | 
					
						
							|  |  |  |  | 
 |