Sync from SUSE:SLFO:1.1 python-pyOpenSSL revision 469e827b3d3221737fde36b4f6876194

python-pyOpenSSL.changes

@@ -1,77 +1,3 @@
--------------------------------------------------------------------
-Thu Jan 30 01:28:29 UTC 2025 - Steve Kowalik <steven.kowalik@suse.com>
-
-- Switch to pyproject macros.
-- Add typing-extensions to Requires for 3.11 and 3.12.
-
--------------------------------------------------------------------
-Wed Jan 29 15:05:24 UTC 2025 - ecsos <ecsos@opensuse.org>
-
-- Update to 25.0.0
-  * Backward-incompatible changes: -
-  * Deprecations: -
-  * Changes:
-    - Corrected type annotations on Context.set_alpn_select_callback,
-      Context.set_session_cache_mode, Context.set_options, Context.set_mode,
-      X509.subject_name_hash, and X509Store.load_locations.
-    - Deprecated APIs are now marked using warnings.deprecated. mypy will emit deprecation notices
-      for them when used with --enable-error-code deprecated.
-- Changes from 24.3.0
-  * Backward-incompatible changes:
-    - Removed the deprecated OpenSSL.crypto.CRL, OpenSSL.crypto.Revoked, OpenSSL.crypto.dump_crl,
-      and OpenSSL.crypto.load_crl. cryptography.x509's CRL functionality should be used instead.
-    - Removed the deprecated OpenSSL.crypto.sign and OpenSSL.crypto.verify.
-      cryptography.hazmat.primitives.asymmetric's signature APIs should be used instead.
-  * Deprecations:
-    - Deprecated OpenSSL.rand - callers should use os.urandom() instead.
-    - Deprecated add_extensions and get_extensions on OpenSSL.crypto.X509Req and OpenSSL.crypto.X509.
-      These should have been deprecated at the same time X509Extension was. Users should use pyca/cryptography's X.509 APIs instead.
-    - Deprecated OpenSSL.crypto.get_elliptic_curves and OpenSSL.crypto.get_elliptic_curve,
-      as well as passing the reult of them to OpenSSL.SSL.Context.set_tmp_ecdh,
-      users should instead pass curves from cryptography.
-    - Deprecated passing X509 objects to OpenSSL.SSL.Context.use_certificate, OpenSSL.SSL.Connection.use_certificate,
-      OpenSSL.SSL.Context.add_extra_chain_cert, and OpenSSL.SSL.Context.add_client_ca, users should instead
-      pass cryptography.x509.Certificate instances. This is in preparation for deprecating pyOpenSSL's X509 entirely.
-    - Deprecated passing PKey objects to OpenSSL.SSL.Context.use_privatekey and OpenSSL.SSL.Connection.use_privatekey,
-      users should instead pass cryptography priate key instances. This is in preparation for deprecating pyOpenSSL's PKey entirely.
-  * Changes:
-    - cryptography maximum version has been increased to 44.0.x.
-    - OpenSSL.SSL.Connection.get_certificate, OpenSSL.SSL.Connection.get_peer_certificate,
-      OpenSSL.SSL.Connection.get_peer_cert_chain, and OpenSSL.SSL.Connection.get_verified_chain
-      now take an as_cryptography keyword-argument. When True is passed then
-      cryptography.x509.Certificate are returned, instead of OpenSSL.crypto.X509.
-      In the future, passing False (the default) will be deprecated.
-- Rebase skip-networked-test.patch.
-
--------------------------------------------------------------------
-Mon Jan 13 22:33:05 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
-
-- Do not build tests noarch: they refer to %__isa, which differs
-  per architecture, invalidating the noarch option.
-  Fixes build with rpm 4.20.
-
--------------------------------------------------------------------
-Tue Jul 23 11:39:23 UTC 2024 - Adrian Schröter <adrian@suse.de>
-
-- 24.2.1:
-  * Deprecated OpenSSL.crypto.X509Req,
-               OpenSSL.crypto.load_certificate_request,
-               OpenSSL.crypto.dump_certificate_request.
-    Instead, cryptography.x509.CertificateSigningRequest,s
-             cryptography.x509.CertificateSigningRequestBuilder,s
-             cryptography.x509.load_der_x509_csr,s
-             or cryptography.x509.load_pem_x509_csr should be used.
-  * Added type hints for the SSL module. #1308.
-  * Changed OpenSSL.crypto.PKey.from_cryptography_key to accept public and private EC, ED25519, ED448 keys
-
--------------------------------------------------------------------
-Sat Mar 16 13:04:43 UTC 2024 - Dirk Müller <dmueller@suse.com>
-
-- update to 24.1.0:
-  * Removed the deprecated OpenSSL.crypto.PKCS12 and
-    OpenSSL.crypto.NetscapeSPKI. OpenSSL.crypto.PKCS12 may be
-    replaced by the PKCS#12 APIs in the cryptography package.
-
 -------------------------------------------------------------------
 Mon Jan 29 21:16:31 UTC 2024 - Dirk Müller <dmueller@suse.com>
 

python-pyOpenSSL.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python-pyOpenSSL
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -26,36 +26,29 @@
 %endif
 %{?sle15_python_module_pythons}
 Name:           python-pyOpenSSL%{psuffix}
-Version:        25.0.0
+Version:        24.0.0
 Release:        0
 Summary:        Python wrapper module around the OpenSSL library
 License:        Apache-2.0
 URL:            https://github.com/pyca/pyopenssl
-Source:         https://files.pythonhosted.org/packages/source/p/pyopenssl/pyopenssl-%{version}.tar.gz
+Source:         https://files.pythonhosted.org/packages/source/p/pyOpenSSL/pyOpenSSL-%{version}.tar.gz
 # PATCH-FIX-UPSTREAM skip-networked-test.patch gh#pyca/pyopenssl#68 mcepl@suse.com
 # Mark tests requiring network access
 Patch0:         skip-networked-test.patch
-BuildRequires:  %{python_module base >= 3.7}
 BuildRequires:  %{python_module cffi}
-BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module setuptools}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
 Requires:       python-cffi
-Requires:       (python-cryptography >= 41.0.5 with python-cryptography < 45)
+Requires:       (python-cryptography >= 41.0.5 with python-cryptography < 43)
-%if %{python_version_nodots} < 313
-Requires:       python-typing-extensions >= 4.9
-%endif
 Provides:       pyOpenSSL = %{version}
-Provides:       pyopenssl = %{version}-%release
-%if %{without test}
 BuildArch:      noarch
-%else
+%if %{with test}
-BuildRequires:  %{python_module cryptography >= 41.0.5 with %python-cryptography < 45}
+BuildRequires:  %{python_module cryptography >= 41.0.5 with %python-cryptography < 43}
+BuildRequires:  %{python_module flaky}
 BuildRequires:  %{python_module pretend}
 BuildRequires:  %{python_module pyOpenSSL >= %version}
 BuildRequires:  %{python_module pytest >= 3.0.1}
-BuildRequires:  %{python_module pytest-rerunfailures}
 BuildRequires:  ca-certificates-mozilla
 BuildRequires:  openssl
 %endif
@@ -71,22 +64,22 @@ cryptography (<https://github.com/pyca/cryptography>), which provides (among
 other things) a cffi-based interface to OpenSSL.
 
 %prep
-%autosetup -p1 -n pyopenssl-%{version}
+%autosetup -p1 -n pyOpenSSL-%{version}
 
 %build
-%pyproject_wheel
+%python_build
 
 %install
 %if !%{with test}
-%pyproject_install
+%python_install
 %python_expand %fdupes %{buildroot}%{$python_sitelib}
 %endif
 
 %check
 %if %{with test}
-SKIPPED_TESTS="(network or test_set_tmp_ecdh)"
+SKIPPED_TESTS="network"
 %if %{__isa_bits} == 32
-SKIPPED_TESTS="(network or test_verify_with_time or test_set_tmp_ecdh)"
+SKIPPED_TESTS="(network or test_verify_with_time)"
 %endif
 export LC_ALL=en_US.UTF-8
 %pytest -k "not $SKIPPED_TESTS"
@@ -97,7 +90,7 @@ export LC_ALL=en_US.UTF-8
 %license LICENSE
 %doc *.rst
 %{python_sitelib}/OpenSSL/
-%{python_sitelib}/pyOpenSSL-%{version}.dist-info
+%{python_sitelib}/pyOpenSSL-%{version}*-info
 %endif
 
 %changelog

skip-networked-test.patch

@@ -1,29 +1,29 @@
-Index: pyopenssl-25.0.0/tests/test_ssl.py
+Index: pyOpenSSL-24.0.0/tests/test_ssl.py
 ===================================================================
---- pyopenssl-25.0.0.orig/tests/test_ssl.py
+--- pyOpenSSL-24.0.0.orig/tests/test_ssl.py
-+++ pyopenssl-25.0.0/tests/test_ssl.py
++++ pyOpenSSL-24.0.0/tests/test_ssl.py
-@@ -1303,6 +1303,7 @@ class TestContext:
+@@ -1250,6 +1250,7 @@ class TestContext:
          reason="set_default_verify_paths appears not to work on Windows.  "
          "See LP#404343 and LP#404344.",
      )
 +    @pytest.mark.network
-     def test_set_default_verify_paths(self) -> None:
+     def test_set_default_verify_paths(self):
          """
          `Context.set_default_verify_paths` causes the platform-specific CA
-Index: pyopenssl-25.0.0/setup.cfg
+Index: pyOpenSSL-24.0.0/setup.cfg
 ===================================================================
---- pyopenssl-25.0.0.orig/setup.cfg
+--- pyOpenSSL-24.0.0.orig/setup.cfg
-+++ pyopenssl-25.0.0/setup.cfg
++++ pyOpenSSL-24.0.0/setup.cfg
 @@ -11,4 +11,3 @@ doc_files = doc/_build/html
  [egg_info]
  tag_build = 
  tag_date = 0
 -
-Index: pyopenssl-25.0.0/pyproject.toml
+Index: pyOpenSSL-24.0.0/pyproject.toml
 ===================================================================
---- pyopenssl-25.0.0.orig/pyproject.toml
+--- pyOpenSSL-24.0.0.orig/pyproject.toml
-+++ pyopenssl-25.0.0/pyproject.toml
++++ pyOpenSSL-24.0.0/pyproject.toml
-@@ -39,6 +39,9 @@ ignore_missing_imports = true
+@@ -42,6 +42,9 @@ ignore_missing_imports = true
  [tool.pytest.ini_options]
  addopts = "-r s --strict-markers"
  testpaths = ["tests"]
@@ -32,4 +32,4 @@ Index: pyopenssl-25.0.0/pyproject.toml
 +]
  
  [tool.ruff]
- lint.select = ['E', 'F', 'I', 'W', 'UP', 'RUF']
+ select = ['E', 'F', 'I', 'W', 'UP', 'RUF']