pool/python-aioquic
SHA256
17
0
Fork 2
Code Issues Pull Requests Activity

Compare commits

merge into: pool:factory
Branches Tags
pool:factory pool:slfo-1.2 pool:slfo-main python:main
...
pull from: python:main
Branches Tags
python:main pool:factory pool:slfo-1.2 pool:slfo-main

2 Commits
factory ... main

Author SHA256 Message Date
Ana Guerrero
a9f7be7e73 Accepting request 1206502 from devel:languages:python 
OBS-URL: https://build.opensuse.org/request/show/1206502
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-aioquic?expand=0&rev=9
 2024-10-09 20:03:38 +00:00
Matej Cepl
a1f3644593 Accepting request 1206483 from home:mcalabkova:branches:devel:languages:python 
- Update to 1.2.0
  * Ensure no data is sent after a stream reset.
  * Make H3Connection’s send_datagram() and send_push_promise() methods 
    raise an InvalidStreamTypeError exception if an invalid stream ID 
    is specified.
  * Fix utcnow() deprecation warning on Python 3.12 by using 
    cryptography 42.0 and timezone-aware datetime instances when 
    validating TLS certificates.
  * Perform more extensive HTTP/3 header validation in H3Connection.
  * Enable SHA-384 based signature algorithms and SECP384R1 key exchange.
  * Add support for QUIC Version 2
  * Drop support for draft QUIC versions which were obsoleted by RFC 9000.
  * Allow asyncio clients to make efficient use of 0-RTT by passing 
    wait_connected=False to connect().
- Drop merged support-service-identity-24.patch

OBS-URL: https://build.opensuse.org/request/show/1206483
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aioquic?expand=0&rev=16
 2024-10-09 11:11:30 +00:00
5 changed files with 23 additions and 67 deletions
Expand all files Collapse all files

3
aioquic-0.9.25.tar.gz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:70795c78905326d855c2ae524072234aae586c789b81292e272d021e9b0430a3
size 165877

BIN
aioquic-1.2.0.tar.gz LFS Normal file
View File

Binary file not shown.

19
python-aioquic.changes
View File

@@ -1,3 +1,22 @@
-------------------------------------------------------------------
Wed Oct 9 08:43:08 UTC 2024 - Markéta Machová <mmachova@suse.com>
- Update to 1.2.0
* Ensure no data is sent after a stream reset.
* Make H3Connections send_datagram() and send_push_promise() methods
raise an InvalidStreamTypeError exception if an invalid stream ID
is specified.
* Fix utcnow() deprecation warning on Python 3.12 by using
cryptography 42.0 and timezone-aware datetime instances when
validating TLS certificates.
* Perform more extensive HTTP/3 header validation in H3Connection.
* Enable SHA-384 based signature algorithms and SECP384R1 key exchange.
* Add support for QUIC Version 2
* Drop support for draft QUIC versions which were obsoleted by RFC 9000.
* Allow asyncio clients to make efficient use of 0-RTT by passing
wait_connected=False to connect().
- Drop merged support-service-identity-24.patch
-------------------------------------------------------------------
Thu Jan 25 04:25:09 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>

4
python-aioquic.spec
View File

@@ -18,14 +18,12 @@
%{?sle15_python_module_pythons}
Name: python-aioquic
Version: 0.9.25
Version: 1.2.0
Release: 0
Summary: Python implementation of QUIC and HTTP/3
License: BSD-3-Clause
URL: https://github.com/aiortc/aioquic
Source: https://files.pythonhosted.org/packages/source/a/aioquic/aioquic-%{version}.tar.gz
# PATCH-FIX-UPSTREAM gh#aiortc/aioquic#452
Patch0: support-service-identity-24.patch
BuildRequires: %{python_module devel >= 3.7}
BuildRequires: %{python_module pip}
BuildRequires: %{python_module setuptools}

61
support-service-identity-24.patch
View File

@@ -1,61 +0,0 @@
From 9dd2b961dac1c9192d2459b697925ffab26a8ed2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jeremy=20Lain=C3=A9?= <jeremy.laine@m4x.org>
Date: Sun, 14 Jan 2024 11:49:14 +0100
Subject: [PATCH] Adapt "no subjectaltname" test for service-identitity >= 24
When a certificate contains no subjectAltName extension,
`service-identity` now raises a `CertificateError` instead of a
`VerificationError`.
---
pyproject.toml | 2 +-
src/aioquic/tls.py | 7 +++++--
tests/test_tls.py | 3 +--
3 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/pyproject.toml b/pyproject.toml
index 562a2a72..927fa0d4 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -31,7 +31,7 @@ dependencies = [
"cryptography",
"pylsqpack>=0.3.3,<0.4.0",
"pyopenssl>=22",
- "service-identity>=23.1.0",
+ "service-identity>=24.1.0",
]
dynamic = ["version"]
diff --git a/src/aioquic/tls.py b/src/aioquic/tls.py
index a8bcb2ce..35f92ce7 100644
--- a/src/aioquic/tls.py
+++ b/src/aioquic/tls.py
@@ -244,10 +244,13 @@ def verify_certificate(
certificate, server_name
)
- except service_identity.VerificationError as exc:
+ except (
+ service_identity.CertificateError,
+ service_identity.VerificationError,
+ ) as exc:
patterns = service_identity.cryptography.extract_patterns(certificate)
if len(patterns) == 0:
- errmsg = "subject alternative name not found in the certificate"
+ errmsg = str(exc)
elif len(patterns) == 1:
errmsg = f"hostname {server_name!r} doesn't match {patterns[0]!r}"
else:
diff --git a/tests/test_tls.py b/tests/test_tls.py
index 1de9cf35..cf28bf11 100644
--- a/tests/test_tls.py
+++ b/tests/test_tls.py
@@ -1666,8 +1666,7 @@ def test_verify_subject_no_subjaltname(self):
cadata=cadata, certificate=certificate, server_name="example.com"
)
self.assertEqual(
- str(cm.exception),
- "subject alternative name not found in the certificate",
+ str(cm.exception), "Certificate does not contain any `subjectAltName`s."
)
def test_verify_subject_with_subjaltname(self):