python-cryptography/skip_openssl_memleak_test.patch

---
 tests/hazmat/backends/test_openssl_memleak.py |   10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

--- a/tests/hazmat/backends/test_openssl_memleak.py
+++ b/tests/hazmat/backends/test_openssl_memleak.py
@@ -203,12 +203,10 @@ def assert_no_memory_leaks(s, argv=[]):
 
 
 def skip_if_memtesting_not_supported():
-    return pytest.mark.skipif(
-        not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS
-        or platform.python_implementation() == "PyPy",
-        reason="Requires OpenSSL memory functions (>=1.1.0) and not PyPy",
-    )
-
+    return pytest.mark.skip(
+        reason="Our FIPS openssl startup code invokes CRYPTO_malloc() which prevents later debugging via CRYPTO_set_mem_functions()"
+     )
+
 
 @pytest.mark.skip_fips(reason="FIPS self-test sets allow_customize = 0")
 @skip_if_memtesting_not_supported()
Accepting request 1033458 from home:mcepl:branches:devel:languages:python - update to 38.0.3: - Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.7, which resolves CVE-2022-3602 and CVE-2022-3786. OBS-URL: https://build.opensuse.org/request/show/1033458 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=163 2022-11-04 08:58:36 +01:00			`---`
Accepting request 1098044 from home:mcepl:branches:devel:languages:python - Add no-pytest_benchmark.patch, which remove dependency on pytest-benchmark and coveralls (We don't need no benchmarking and coverage measurement; bsc#1213005). OBS-URL: https://build.opensuse.org/request/show/1098044 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=188 2023-07-11 07:55:34 +02:00			`tests/hazmat/backends/test_openssl_memleak.py \| 10 ++++------`
			`1 file changed, 4 insertions(+), 6 deletions(-)`
Accepting request 1033458 from home:mcepl:branches:devel:languages:python - update to 38.0.3: - Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.7, which resolves CVE-2022-3602 and CVE-2022-3786. OBS-URL: https://build.opensuse.org/request/show/1033458 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=163 2022-11-04 08:58:36 +01:00
Accepting request 1098044 from home:mcepl:branches:devel:languages:python - Add no-pytest_benchmark.patch, which remove dependency on pytest-benchmark and coveralls (We don't need no benchmarking and coverage measurement; bsc#1213005). OBS-URL: https://build.opensuse.org/request/show/1098044 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=188 2023-07-11 07:55:34 +02:00			`--- a/tests/hazmat/backends/test_openssl_memleak.py`
			`+++ b/tests/hazmat/backends/test_openssl_memleak.py`
			`@@ -203,12 +203,10 @@ def assert_no_memory_leaks(s, argv=[]):`
Accepting request 521999 from home:vitezslav_cizek:branches:devel:languages:python - Disable memleak tests to fix build with OpenSSL 1.1 (bsc#1055478) * add skip_openssl_memleak_test.patch OBS-URL: https://build.opensuse.org/request/show/521999 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=69 2017-09-07 16:49:40 +02:00

			`def skip_if_memtesting_not_supported():`
			`- return pytest.mark.skipif(`
- update to 40.0.1: * Support for Python 3.6 is deprecated and will be removed in the next release. * Deprecated the current minimum supported Rust version (MSRV) of 1.48.0. In the next release we will raise MSRV to 1.56.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed * Deprecated support for OpenSSL less than 1.1.1d. The next release of ``cryptography`` will drop support for older versions. * Deprecated support for DSA keys in :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` and :func:`~cryptography.hazmat.primitives.serialization.load_s sh_private_key`. * Deprecated support for OpenSSH serialization in :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP ublicKey` and :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP rivateKey`. * Added support for parsing SSH certificates in addition to public keys with :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_identity`. :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` continues to support only public keys. * Added support for generating SSH certificates with :class:`~cryptography.hazmat.primitives.serialization.SSHCe rtificateBuilder`. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=176 2023-03-26 21:59:51 +02:00			`- not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS`
			`- or platform.python_implementation() == "PyPy",`
			`- reason="Requires OpenSSL memory functions (>=1.1.0) and not PyPy",`
- update to 3.0 - refreshed disable-uneven-sizes-tests.patch and skip_openssl_memleak_test.patch * Removed support for passing an Extension instance to from_issuer_subject_key_identifier(), as per our deprecation policy. * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. * RSA generate_private_key() no longer accepts public_exponent values except 65537 and 3 (the latter for legacy purposes). * X.509 certificate parsing now enforces that the version field contains a valid value, rather than deferring this check until version is accessed. * Deprecated support for Python 2 * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa private keys: load_ssh_private_key() for loading and OpenSSH for writing. * Added support for OpenSSH certificates to load_ssh_public_key(). * Added encrypt_at_time() and decrypt_at_time() to Fernet. * Added support for the SubjectInformationAccess X.509 extension. * Added support for parsing SignedCertificateTimestamps in OCSP responses. * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid(). * Added support for encoding attributes in certificate signing requests via add_attribute(). * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG instead of its own OS random engine because these versions of OpenSSL properly reseed on fork. * Added initial support for creating PKCS12 files with serialize_key_and_certificates(). OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=122 2020-07-28 19:32:18 +02:00			`- )`
- update to 40.0.1: * Support for Python 3.6 is deprecated and will be removed in the next release. * Deprecated the current minimum supported Rust version (MSRV) of 1.48.0. In the next release we will raise MSRV to 1.56.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed * Deprecated support for OpenSSL less than 1.1.1d. The next release of ``cryptography`` will drop support for older versions. * Deprecated support for DSA keys in :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` and :func:`~cryptography.hazmat.primitives.serialization.load_s sh_private_key`. * Deprecated support for OpenSSH serialization in :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP ublicKey` and :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP rivateKey`. * Added support for parsing SSH certificates in addition to public keys with :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_identity`. :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` continues to support only public keys. * Added support for generating SSH certificates with :class:`~cryptography.hazmat.primitives.serialization.SSHCe rtificateBuilder`. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=176 2023-03-26 21:59:51 +02:00			`-`
Accepting request 521999 from home:vitezslav_cizek:branches:devel:languages:python - Disable memleak tests to fix build with OpenSSL 1.1 (bsc#1055478) * add skip_openssl_memleak_test.patch OBS-URL: https://build.opensuse.org/request/show/521999 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=69 2017-09-07 16:49:40 +02:00			`+ return pytest.mark.skip(`
			`+ reason="Our FIPS openssl startup code invokes CRYPTO_malloc() which prevents later debugging via CRYPTO_set_mem_functions()"`
- update to 3.0 - refreshed disable-uneven-sizes-tests.patch and skip_openssl_memleak_test.patch * Removed support for passing an Extension instance to from_issuer_subject_key_identifier(), as per our deprecation policy. * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. * RSA generate_private_key() no longer accepts public_exponent values except 65537 and 3 (the latter for legacy purposes). * X.509 certificate parsing now enforces that the version field contains a valid value, rather than deferring this check until version is accessed. * Deprecated support for Python 2 * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa private keys: load_ssh_private_key() for loading and OpenSSH for writing. * Added support for OpenSSH certificates to load_ssh_public_key(). * Added encrypt_at_time() and decrypt_at_time() to Fernet. * Added support for the SubjectInformationAccess X.509 extension. * Added support for parsing SignedCertificateTimestamps in OCSP responses. * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid(). * Added support for encoding attributes in certificate signing requests via add_attribute(). * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG instead of its own OS random engine because these versions of OpenSSL properly reseed on fork. * Added initial support for creating PKCS12 files with serialize_key_and_certificates(). OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=122 2020-07-28 19:32:18 +02:00			`+ )`
Accepting request 1098044 from home:mcepl:branches:devel:languages:python - Add no-pytest_benchmark.patch, which remove dependency on pytest-benchmark and coveralls (We don't need no benchmarking and coverage measurement; bsc#1213005). OBS-URL: https://build.opensuse.org/request/show/1098044 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=188 2023-07-11 07:55:34 +02:00			`+`
Accepting request 521999 from home:vitezslav_cizek:branches:devel:languages:python - Disable memleak tests to fix build with OpenSSL 1.1 (bsc#1055478) * add skip_openssl_memleak_test.patch OBS-URL: https://build.opensuse.org/request/show/521999 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=69 2017-09-07 16:49:40 +02:00
- update to 3.0 - refreshed disable-uneven-sizes-tests.patch and skip_openssl_memleak_test.patch * Removed support for passing an Extension instance to from_issuer_subject_key_identifier(), as per our deprecation policy. * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. * RSA generate_private_key() no longer accepts public_exponent values except 65537 and 3 (the latter for legacy purposes). * X.509 certificate parsing now enforces that the version field contains a valid value, rather than deferring this check until version is accessed. * Deprecated support for Python 2 * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa private keys: load_ssh_private_key() for loading and OpenSSH for writing. * Added support for OpenSSH certificates to load_ssh_public_key(). * Added encrypt_at_time() and decrypt_at_time() to Fernet. * Added support for the SubjectInformationAccess X.509 extension. * Added support for parsing SignedCertificateTimestamps in OCSP responses. * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid(). * Added support for encoding attributes in certificate signing requests via add_attribute(). * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG instead of its own OS random engine because these versions of OpenSSL properly reseed on fork. * Added initial support for creating PKCS12 files with serialize_key_and_certificates(). OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=122 2020-07-28 19:32:18 +02:00			`@pytest.mark.skip_fips(reason="FIPS self-test sets allow_customize = 0")`
- update to 40.0.1: * Support for Python 3.6 is deprecated and will be removed in the next release. * Deprecated the current minimum supported Rust version (MSRV) of 1.48.0. In the next release we will raise MSRV to 1.56.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed * Deprecated support for OpenSSL less than 1.1.1d. The next release of ``cryptography`` will drop support for older versions. * Deprecated support for DSA keys in :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` and :func:`~cryptography.hazmat.primitives.serialization.load_s sh_private_key`. * Deprecated support for OpenSSH serialization in :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP ublicKey` and :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP rivateKey`. * Added support for parsing SSH certificates in addition to public keys with :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_identity`. :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` continues to support only public keys. * Added support for generating SSH certificates with :class:`~cryptography.hazmat.primitives.serialization.SSHCe rtificateBuilder`. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=176 2023-03-26 21:59:51 +02:00			`@skip_if_memtesting_not_supported()`