------------------------------------------------------------------- Wed Oct 30 18:42:41 UTC 2024 - Matej Cepl - Update to 0.43.0: - feat[m2]: add m2.time_t_bits to checking for 32bitness. - fix[tests]: Use only X509_VERSION_1 (0) as version for CSR. - fix[EC]: raise ValueError when load_key_bio() cannot read the file (bsc#1231589). - ci: use -mpip wheel instead of -mbuild - fix: use PyMem_Malloc() instead of malloc() - fix[hints]: more work on conversion of type hints to the py3k ones - fix: make the package build even on Python 3.6 - ci[local]: skip freezing local tests - fix[hints]: remove AnyStr type - test: add suggested test for RSA.{get,set}_ex_data - fix: implement interfaces for RSA_{get,set}_ex_new_{data,index} - fix: generate src/SWIG/x509_v_flag.h to overcome weaknesses of swig - fix: replace literal enumeration of all VERIFY_ constants by a cycle - test: unify various test cases in test_ssl related to ftpslib - fix: replace deprecated url keyword in setup.cfg with complete project_urls map ------------------------------------------------------------------- Sat Aug 10 22:41:07 UTC 2024 - Matej Cepl - Update 0.42.0: - allow ASN1_{Integer,String} be initialized directly - minimal infrastructure for type hints for a C extension and some type hints for some basic modules - time_t on 32bit Linux is 32bit (integer) not 64bit (long) - EOS for CentOS 7 - correct checking for OpenSSL version number on Windows - make compatible with Python 3.13 (replace PyEval_CallObject with PyObject_CallObject) - fix typo in extern function signature (and proper type of engine_ctrl_cmd_string()) - move the package to Sorucehut - setup CI to use Sourcehut CI - setup CI on GitLab for Windows as well (remove Appveyor) - initial draft of documentation for migration to pyca/cryptography - fix Read the Docs configuration (contributed kindly by Facundo Tuesca) - Remove upstreamed 32bit_ASN1_Time.patch - Remove python-M2Crypto.keyring, because PyPI broke GPG support ------------------------------------------------------------------- Wed Apr 3 09:22:02 UTC 2024 - Daniel Garcia - Build for modern python stack on SLE/Leap ------------------------------------------------------------------- Wed Jan 24 17:00:29 UTC 2024 - Daniel Garcia - Disable broken tests with openssl 3.2, bsc#1217782 ------------------------------------------------------------------- Wed Jan 3 09:51:38 UTC 2024 - Dirk Müller - require setuptools ------------------------------------------------------------------- Tue Oct 24 15:13:16 UTC 2023 - Matej Cepl - Update to 0.40.0: - OK, SO NOT THIS RELEASE, BUT IN THE NEXT RELEASE PYTHON2 WILL TRULY GO! - BREAKING CHANGES: - There are no SWIG generated files (src/SWIG/_m2crytpo_wrap.c) included anymore, so swig must be installed, no exceptions! Also, for compatibility with Python 3.12+, swig 4.0+ is required. - All support for asyncore has been removed, as it has been removed in Python 3.12 as well (which means also removal of contrib/dispatcher.py, M2Crypto/SSL/ssl_dispatcher.py, ZServerSSL). - All use of distutils (including the bundled ones in setuptools) has been removed, so `setup.py clean` is no more. - Excessively complicated and error-prone __init__py has been cleaned and `import M2Crypto` doesn’t include everything anymore. Imports should specified as for example with `from M2Crypto import foo`. - ASN1_Time handling has been mostly rewritten and it almost works even on Windows. - All tests in Gitlab CI (with exceptions of some skipped tests especially on Windows) are now green, tests of Python 2.7 on CentOS 7 have been included. - Introduce m2.err_clear_error() - Make X509_verify_cert() accessible as m2.x509_verify_cert - Add 32bit_ASN1_Time.patch to quench errors on 32bit archs. ------------------------------------------------------------------- Mon Aug 7 13:14:41 UTC 2023 - Matej Cepl - Make tests running again. ------------------------------------------------------------------- Tue Jul 4 19:21:57 UTC 2023 - Matej Cepl - Update to 0.39.0: - SUPPORT FOR PYTHON 2 HAS BEEN DEPRECATED AND IT WILL BE COMPLETELY REMOVED IN THE NEXT RELEASE. - Remove dependency on parameterized and use unittest.subTest instead. - Upgrade embedded six.py module to 1.16.0 (really tiny inconsequential changes). - Make tests working on MacOS again (test_bio_membuf: Use fork) - Use OpenSSL_version_num() instead of unrealiable parsing of .h file. - Mitigate the Bleichenbacher timing attacks in the RSA decryption API (CVE-2020-25657) - Add functionality to extract EC key from public key + Update tests - Worked around compatibility issues with OpenSSL 3.* - Support for Twisted has been deprecated (they have their own SSL support anyway). - Generate TAP while testing. - Stop using GitHub for testing. - Accept a small deviation from time in the testsuite (for systems with non-standard HZ kernel parameter). - Use the default BIO.__del__ rather tha overriding in BIO.File (avoid a memleak). - Resolve "X509_Name.as_der() method from X509.py -> class X509_Name caused segmentation fault" - Remove upstreamed patches: - CVE-2020-25657-Bleichenbacher-attack.patch - m2crypto-0.38-ossl3-tests.patch - openssl-adapt-tests-for-3.1.0.patch - openssl-stop-parsing-header.patch - timeout_300hz.patch ------------------------------------------------------------------- Tue Jun 27 10:51:14 UTC 2023 - Dirk Müller - add timeout_300hz.patch to accept a small deviation from time in the testsuite (bsc#1212757) ------------------------------------------------------------------- Thu Mar 16 10:35:33 UTC 2023 - Otto Hollmann - Adapt tests for OpenSSL v3.1.0 * Add openssl-adapt-tests-for-3.1.0.patch ------------------------------------------------------------------- Mon Nov 7 20:14:16 UTC 2022 - Dirk Müller - add openssl-stop-parsing-header.patch (bsc#1205042) - add m2crypto-0.38-ossl3-tests.patch ------------------------------------------------------------------- Wed Aug 3 16:48:00 UTC 2022 - Dirk Müller - update CVE-2020-25657-Bleichenbacher-attack.patch to actually contain the fix rather than just being empty (CVE-2020-25657, bsc#1178829) ------------------------------------------------------------------- Tue Jul 12 20:49:47 UTC 2022 - Matej Cepl - Add CVE-2020-25657-Bleichenbacher-attack.patch (CVE-2020-25657, bsc#1178829), which mitigates the Bleichenbacher timing attacks in the RSA decryption API. - Add python-M2Crypto.keyring to verify GPG signature of tarball. ------------------------------------------------------------------- Thu Apr 7 15:45:07 UTC 2022 - Matej Cepl - Add missing bug references to this changelog. ------------------------------------------------------------------- Mon Jun 14 21:04:54 UTC 2021 - Matej Cepl - Update to 0.38.0: - Remove the last use of setup.py test idiom. - Use m2_PyObject_AsReadBuffer instead of PyObject_AsReadBuffer. - Add support for arm64 big endian - Make support of RSA_SSLV23_PADDING optional (it has been deprecated). - Move project to src/ layout - Allow verify_cb_* to be called with ok=True - Be prepared if any of constants in x509_vfy.h is not available. - But we do support 3.8 - We DO NOT support Python 2.6. - All patches were upstreamed: - 293_sslv23_padding.patch - no-need-parameterized.patch - python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch ------------------------------------------------------------------- Thu Apr 22 22:33:46 UTC 2021 - Matej Cepl - Add no-need-parameterized.patch ... we don't need run-time requirement of parameterized package (bsc#1185150). ------------------------------------------------------------------- Fri Feb 19 12:56:50 UTC 2021 - Matej Cepl - Add 293_sslv23_padding.patch to avoid using RSA_SSLV23_PADDING (gl#m2crypto/m2crypto#293, gh#openssl/openssl#14216). ------------------------------------------------------------------- Wed Feb 17 11:18:07 UTC 2021 - Pedro Monreal - OpenSSL allows the verificaton to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE * This unifies the behaviour of a single certificate with an unknown CA certificate with a self-signed certificate. - Add python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch (Thanks for Debian, https://salsa.debian.org/python-team/packages/m2crypto/-/commit/e0e9ad5cfff8) ------------------------------------------------------------------- Wed Feb 17 10:57:56 UTC 2021 - Pedro Monreal - Add source signature file ------------------------------------------------------------------- Wed Jan 13 08:16:04 UTC 2021 - Matej Cepl - Dr. Strangelove or: How I Learned to Stop Worrying and Love pytest ------------------------------------------------------------------- Tue Dec 8 17:58:23 UTC 2020 - Matej Cepl - Update to 0.37.1: - Remove support for CentOS 6 and Python 2.6 (remove tests.vendor module). Python 2.7 is still fully supported. - Remodel CI: - on GitHub switched from Travis-CI to GH Actions - on GitLab-CI: stop testing 2.7 on Fedora, add centos7 - update appveyor.yml - Stop playing with swig in setup.py, we don't support swig 1.* anymore. - Fix dereferencing of pointers (gl#m2crypto/m2crypto#281) - Replace deprecated PyObject_AsReadBuffer with our own shim (thanks to Casey Deccio for saving my bacon there). - Use parametrized to create parametrized tests (new external dependency). - Only use DigestSign() and DigestUpdate() with OpenSSL >= 1.1.1 - Expose all the X509_V_FLAG - Add support for DigestSign* and DigestVerify* ------------------------------------------------------------------- Mon Jul 13 21:07:34 UTC 2020 - Matej Cepl Update to 0.36.0: - wrap SocketIO in io.Buffered* for makefile - SSL.Connection.close accepts an argument to force the socket closing - SSL.Connection: make the clientPostConnectionCheck an instance attribute - Fixed bug with usage of unexisting method getreply at SSL_Transport - Add appveyor builds for python 3.7 and 3.8 - Fixed syntax warning on line 44. - Update M2Crypto.six to 1.13.0 - base64.decodestring() was finally removed in Python 3.8. - wrap SocketIO in io.Buffered* for makefile - NULL is legal argument for key and iv paramters of EVP_CipherInit(3) - Expose X509_V_FLAG_ALLOW_PROXY_CERTS verification flag and X509_STORE_SET_FLAGS function - Stop testing for 2.6 and 3.4 on Travis. Start testing 3.8 - Extend test cert validity to 2049 - Revert using typing module in 2.6. It is just not worthy. - Update Debian/stable SSL as well - Make tests pass again. - Stop using string module, which has been deprecated. - Tiny fixes to make pyls more happy - CI: Rework Fedora CI configuration - Remove upstream merged patch 001-fix-buffering-for-python38.patch. ------------------------------------------------------------------- Wed Apr 8 12:30:32 UTC 2020 - Tomáš Chvátal - Do not pull in py2 pkg on doc subpkg ------------------------------------------------------------------- Mon Mar 9 09:56:49 UTC 2020 - Marco Strigl - in python3.8 the fp is wrapped in a Buffer. SSL.Connection.makefile returns a socketIO which is no buffer. Added: 001-fix-buffering-for-python38.patch ------------------------------------------------------------------- Mon Jun 10 13:59:24 CEST 2019 - Matej Cepl - Update to fix release 0.35.2 ... just fixing the test suite (bsc#1172226). ------------------------------------------------------------------- Sat Jun 8 08:58:56 CEST 2019 - Matej Cepl - Replace fix_OpenSSL111c.patch with proper new release 0.35.1 (there is really not much more in it; bsc#1149792). ------------------------------------------------------------------- Fri Jun 7 22:21:23 CEST 2019 - Matej Cepl - Add fix_OpenSSL111c.patch patch to ensure compatibility with OpenSSL 1.1.1c. gl#m2crypto/m2crypto#258 and jsc#SLE-9135. ------------------------------------------------------------------- Thu Jun 6 12:27:35 UTC 2019 - Ondřej Súkup - Upgrade to 0.34.0 - no upstream changelog ------------------------------------------------------------------- Fri Apr 26 16:48:44 CEST 2019 - Matej Cepl - Upgrade to 0.33.0 (bsc#1135009): - eb4525c - Stop pretending to support Python 3.4. - 6a89548 - Fix use of urlunsplit (25 hours ago) - 0a5a356 - tests/test_ssl: use -ciphercuites for TLS1.3 cipher in openssl1.1 - 8a0a3e3 - There are apparently multiword CPP variables. Taking that into account. - Remove 0001-tests-test_ssl-use-ciphercuites-for-TLS1.3-cipher-in.patch as it included in the latest release. ------------------------------------------------------------------- Thu Mar 7 14:14:45 CET 2019 - Matej Cepl - Fix for compatibility with OpenSSL 1.1.0h by adding the patch 0001-tests-test_ssl-use-ciphercuites-for-TLS1.3-cipher-in.patch ------------------------------------------------------------------- Tue Mar 5 09:01:46 CET 2019 - Matej Cepl - Update to 0.32.0: * 471582f - setup.py: use ${CPP} as path to cpp * efb1580 - Bump pipeline OpenSSL from 1.1.0i to 1.1.0j * 35bb71b - Stub wchar_t helpers and ignore unused WCHAR defs * effc7be - Add type comment to setup.py ------------------------------------------------------------------- Wed Dec 5 14:30:23 UTC 2018 - Matej Cepl - Whoops! Here -devel dependency certainly should stay ------------------------------------------------------------------- Tue Dec 4 12:50:42 UTC 2018 - Matej Cepl - Remove superfluous devel dependency for noarch package ------------------------------------------------------------------- Fri Nov 9 15:20:09 CET 2018 - mcepl@suse.com - Update to 0.31.0 released tarball: * Compatibility with OpenSSL 1.1.1 (partly workaround, maybe requires further investigation) * Fixes for Windows builds * Fixes of installs on AWS Lambda * Fixes of Mac OS X related failures * Fix Python 2.6 compatibility issues ------------------------------------------------------------------- Tue Nov 6 17:26:23 CET 2018 - mcepl@suse.com - pre-release of 0.31.0 tarball - add openssl-1_1_1-compat.patch to fix OpenSSL 1.1.1 compatibility. ------------------------------------------------------------------- Mon Sep 24 15:14:14 UTC 2018 - Matěj Cepl - Update to 0.30.1: * Various small typos (Windows builds, Fix SSL.Connection.__del__) * The project is now Linux-distribution agnostic * Replace all old-style classes with the new ones (it shouldn't cause any problems, but feel free to file an issue, if it does) * Do not by-pass a potential transfer decoding in m2urllib2 * Update M2Crypto.six with 1.11.0 and replace our local workarounds with new functions. * SSLv3 just removed. * Don't support Python 2.6 on Windows anymore. Windows users don't have python as a system package, so they are usually more likely to upgrade anyway. ------------------------------------------------------------------- Fri Feb 23 17:38:27 UTC 2018 - michael@stroeder.com - Update to 0.29.0 (Fixes of some small bugs) ------------------------------------------------------------------- Tue Feb 20 11:14:52 UTC 2018 - tchvatal@suse.com - Require python-xml that is used by some parts of M2crypto ------------------------------------------------------------------- Fri Feb 9 22:30:59 UTC 2018 - michael@stroeder.com - Update to 0.28.2: * Fix ppc builds ------------------------------------------------------------------- Fri Feb 9 09:56:10 UTC 2018 - tchvatal@suse.com - Enable tests, fix docu install phase ------------------------------------------------------------------- Thu Feb 8 18:57:19 UTC 2018 - michael@stroeder.com - Removed obsolete patches fix-build-python3.diff and fix-openssl-include-path.diff - Update to 0.28.1 * compability with Python 3 * building on Mac OS X should be now more reliable and automagic * Fix licence in metadata: it is MIT, not BSD * Fix and add tests for SWIG/_aes.i module * Bundle-in unittest2 for Python 2.6 * Remove all PGP modules ------------------------------------------------------------------- Wed Nov 8 18:13:06 UTC 2017 - jmatejek@suse.com - use generic way to require python-typing now that python3 provides it ------------------------------------------------------------------- Wed Oct 25 20:07:14 UTC 2017 - michael@stroeder.com - License set to MIT ------------------------------------------------------------------- Fri Oct 20 13:51:00 UTC 2017 - alarrosa@suse.com - Remove unnecessary fdupes call ------------------------------------------------------------------- Wed Oct 18 07:13:58 UTC 2017 - alarrosa@suse.com - Update to 0.27.0 * Fix licence: it is MIT, not BSD * At least minimal support of SNI in httpslib. * Small bugfixes and cleanups. * More effort to make build system more robust. * Restore m2.rsa_set_e() and m2.rsa_set_n(). * Make sure that every exceptional return throws and exception and viceversa. - Add patch fix-build-python3.diff to let it build with python3 - Add patch fix-openssl-include-path.diff to fix openssl include path (the code already includes the openssl/ part) - Create a new package python-M2Crypto-doc for documentation since rpmlint was complaining around 75% of the package was documentation. ------------------------------------------------------------------- Tue Sep 26 12:32:25 UTC 2017 - michael@stroeder.com - Update to 0.26.4 with fix for OpenSSL 1.1.0 and LibreSSL ------------------------------------------------------------------- Fri Sep 22 19:22:13 UTC 2017 - michael@stroeder.com - Update to 0.26.3 with fix for a syntax error ------------------------------------------------------------------- Thu Sep 21 06:42:10 UTC 2017 - michael@stroeder.com - Update to 0.26.2 * compatibility with OpenSSL 1.1.0 ------------------------------------------------------------------- Mon Jun 19 21:47:35 UTC 2017 - sebix+novell.com@sebix.at - only require python3-typing if necessary ------------------------------------------------------------------- Sat May 6 03:33:01 UTC 2017 - toddrme2178@gmail.com - It doesn't look like python3-m2crypto ever existed, so don't provide it. ------------------------------------------------------------------- Thu Apr 27 15:56:24 UTC 2017 - alarrosa@suse.com - Add python-typing as a dependency ------------------------------------------------------------------- Wed Apr 26 15:50:39 UTC 2017 - alarrosa@suse.com - Provide python-m2crypto in the python2 package ------------------------------------------------------------------- Tue Apr 18 21:03:56 UTC 2017 - toddrme2178@gmail.com - Update to 0.26.0 * No changelog provided - Implement single-spec version. ------------------------------------------------------------------- Mon Sep 12 10:53:53 UTC 2016 - dmueller@suse.com - use pypi.io as Source URL ------------------------------------------------------------------- Fri Jul 22 14:06:42 UTC 2016 - michael@stroeder.com - update to 0.25.1 - set new dependency on package python-typing ------------------------------------------------------------------- Fri Jun 3 13:05:13 UTC 2016 - jweberhofer@weberhofer.at - update to 0.24.0 (bsc#1001377) * No changelog provided - README is no longer included - Removed obsolete python-M2Crypto-SWIG-3.0.5.patch ------------------------------------------------------------------- Mon Dec 7 13:29:40 UTC 2015 - opensuse@dstoecker.de - fix SSLv2 link error for 13.2 and Leap 42.1 (M2Crypto-0.22.5-SSLv2_link_error.patch) (bsc#969731) ------------------------------------------------------------------- Sat Dec 5 20:42:42 UTC 2015 - opensuse@dstoecker.de - update to 0.22.5, fix URL - drop python-M2Crypto-SWIG-3.0.5.patch (functionality included upstream) ------------------------------------------------------------------- Thu Nov 26 09:35:28 UTC 2015 - hpj@urpla.net - SLE12 requires swig3 for a successful build, too ------------------------------------------------------------------- Tue Nov 17 17:54:49 UTC 2015 - hpj@urpla.net - fix build for openSUSE Leap 42.1 (requires swig3) ------------------------------------------------------------------- Tue Feb 24 11:35:42 UTC 2015 - dimstar@opensuse.org - Add python-M2Crypto-SWIG-3.0.5.patch: Fix generation of M2Crypto module when using SWIG 3.0.5. - Manually install _m2crypto shadow file: setup.py misses it. (boo#917759, boo#917815). ------------------------------------------------------------------- Thu Apr 17 19:49:12 UTC 2014 - hrvoje.senjan@gmail.com - Update to 0.22.3 * No changelog provided - Demos are no longer included ------------------------------------------------------------------- Thu Oct 24 11:08:11 UTC 2013 - speilicke@suse.com - Require python-setuptools instead of distribute (upstreams merged) ------------------------------------------------------------------- Fri Sep 13 14:52:08 UTC 2013 - jmatejek@suse.com - fixed %fdupes creating dangling symlinks (bnc#835687) ------------------------------------------------------------------- Fri Apr 5 13:41:54 UTC 2013 - idonmez@suse.com - Add Source URL, see https://en.opensuse.org/SourceUrls ------------------------------------------------------------------- Mon Jan 14 15:01:41 UTC 2013 - saschpe@suse.de - Add requirement on python-pyOpenSSL, thinner than M2Crypto ------------------------------------------------------------------- Wed Oct 31 13:09:21 UTC 2012 - saschpe@suse.de - Narrow the scops of fdupes (see bnc#784670) ------------------------------------------------------------------- Tue Jan 24 13:49:57 UTC 2012 - bwiedemann@suse.com - fix Obsoletes ------------------------------------------------------------------- Tue Dec 13 13:16:21 UTC 2011 - coolo@suse.com - fix license to be in spdx.org format ------------------------------------------------------------------- Thu Sep 22 09:18:45 UTC 2011 - saschpe@suse.de - Use SPDX style license - Require python-distribute instead of python-setuptools - Don't package testsuite ------------------------------------------------------------------- Tue May 31 08:18:39 UTC 2011 - saschpe@suse.de - Renamed to python-M2Crypto to match PyPI upstream name * Added Provides/Obsoletes for python-m2crypto - Fixed wrong-EOL, executable bit for docs rpmlint warnings ------------------------------------------------------------------- Mon Apr 18 09:05:48 UTC 2011 - saschpe@suse.de - Update to 0.21.1 - Support OpenSSL 1.0. Thanks to Miloslav Trmac for figuring out how to fix test_smime.py - Rename m2.engine_init to engine_init_error so that ENGINE_init and ENGINE_finish can be exposed, thanks to Erlo - 0.20 started releasing Python locks even around some operations that interacted with the Python runtime, potentially causing crashes and other weirdness, fix by Miloslav Trmac - Make httpslib.ProxyHTTPSConnection work with Python 2.3 - Removed patches that are now upstream - Removed authors from spec ------------------------------------------------------------------- Tue Apr 20 08:46:03 UTC 2010 - lnussel@suse.de - add some upstream patches to fix openssl 1.0 build ------------------------------------------------------------------- Tue Mar 30 14:09:38 CEST 2010 - matejcik@suse.cz - update to 0.20.2 * PGP subpackage is deprecated * m2urllib now closes sockets properly * port is now integer in ProxyHTTPSConnection * many bugfixes * test coverage up to 80% - enabled test suite in %check phase (requires python-setuptools and openssl binary to run) ------------------------------------------------------------------- Fri Feb 27 10:21:12 CET 2009 - jblunck@suse.de - Update to M2Crypto 0.19.1. ------------------------------------------------------------------- Tue Jan 13 20:20:39 CET 2009 - matejcik@suse.cz - package taken from devel:languages:python in OBS