- Switch to pyproject macros.
- Add typing-extensions to Requires for 3.11 and 3.12.
- Update to 25.0.0
* Backward-incompatible changes: -
* Deprecations: -
* Changes:
- Corrected type annotations on Context.set_alpn_select_callback,
Context.set_session_cache_mode, Context.set_options, Context.set_mode,
X509.subject_name_hash, and X509Store.load_locations.
- Deprecated APIs are now marked using warnings.deprecated. mypy will emit deprecation notices
for them when used with --enable-error-code deprecated.
- Changes from 24.3.0
* Backward-incompatible changes:
- Removed the deprecated OpenSSL.crypto.CRL, OpenSSL.crypto.Revoked, OpenSSL.crypto.dump_crl,
and OpenSSL.crypto.load_crl. cryptography.x509's CRL functionality should be used instead.
- Removed the deprecated OpenSSL.crypto.sign and OpenSSL.crypto.verify.
cryptography.hazmat.primitives.asymmetric's signature APIs should be used instead.
* Deprecations:
- Deprecated OpenSSL.rand - callers should use os.urandom() instead.
- Deprecated add_extensions and get_extensions on OpenSSL.crypto.X509Req and OpenSSL.crypto.X509.
These should have been deprecated at the same time X509Extension was. Users should use pyca/cryptography's X.509 APIs instead.
- Deprecated OpenSSL.crypto.get_elliptic_curves and OpenSSL.crypto.get_elliptic_curve,
as well as passing the reult of them to OpenSSL.SSL.Context.set_tmp_ecdh,
users should instead pass curves from cryptography.
- Deprecated passing X509 objects to OpenSSL.SSL.Context.use_certificate, OpenSSL.SSL.Connection.use_certificate,
OpenSSL.SSL.Context.add_extra_chain_cert, and OpenSSL.SSL.Context.add_client_ca, users should instead
pass cryptography.x509.Certificate instances. This is in preparation for deprecating pyOpenSSL's X509 entirely.
- Deprecated passing PKey objects to OpenSSL.SSL.Context.use_privatekey and OpenSSL.SSL.Connection.use_privatekey,
users should instead pass cryptography priate key instances. This is in preparation for deprecating pyOpenSSL's PKey entirely.
OBS-URL: https://build.opensuse.org/request/show/1243130
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-pyOpenSSL?expand=0&rev=57
* Deprecated OpenSSL.crypto.X509Req,
OpenSSL.crypto.load_certificate_request,
OpenSSL.crypto.dump_certificate_request.
Instead, cryptography.x509.CertificateSigningRequest,s
cryptography.x509.CertificateSigningRequestBuilder,s
cryptography.x509.load_der_x509_csr,s
or cryptography.x509.load_pem_x509_csr should be used.
* Added type hints for the SSL module. #1308.
* Changed OpenSSL.crypto.PKey.from_cryptography_key to accept public and private EC, ED25519, ED448 keys
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pyOpenSSL?expand=0&rev=114
- update to 23.3.0:
* Dropped support for Python 3.6.
* The minimum ``cryptography`` version is now 41.0.5.
* Removed ``OpenSSL.crypto.loads_pkcs7`` and
``OpenSSL.crypto.loads_pkcs12`` which had been deprecated for
3 years.
* Added ``OpenSSL.SSL.OP_LEGACY_SERVER_CONNECT`` to allow
legacy insecure renegotiation between OpenSSL and unpatched
servers.
* Deprecated ``OpenSSL.crypto.PKCS12`` (which was intended to
have been deprecated at the same time as
``OpenSSL.crypto.load_pkcs12``).
* Deprecated ``OpenSSL.crypto.NetscapeSPKI``.
* Deprecated ``OpenSSL.crypto.CRL``
* Deprecated ``OpenSSL.crypto.Revoked``
* Deprecated ``OpenSSL.crypto.load_crl`` and
``OpenSSL.crypto.dump_crl``
* Deprecated ``OpenSSL.crypto.sign`` and
``OpenSSL.crypto.verify``
* Deprecated ``OpenSSL.crypto.X509Extension``
* Changed ``OpenSSL.crypto.X509Store.add_crl`` to also accept
* ``cryptography``'s ``x509.CertificateRevocationList``
arguments in addition
* to the now deprecated ``OpenSSL.crypto.CRL`` arguments.
* Fixed ``test_set_default_verify_paths`` test so that it is
skipped if no network connection is available.
- Inject multibuild to avoid a build loop.
python-pyOpenSSL-always-overflow.patch
- fixed doc generation
OBS-URL: https://build.opensuse.org/request/show/1129059
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-pyOpenSSL?expand=0&rev=52
* Dropped support for Python 3.6.
* The minimum ``cryptography`` version is now 41.0.5.
* Removed ``OpenSSL.crypto.loads_pkcs7`` and
``OpenSSL.crypto.loads_pkcs12`` which had been deprecated for
3 years.
* Added ``OpenSSL.SSL.OP_LEGACY_SERVER_CONNECT`` to allow
legacy insecure renegotiation between OpenSSL and unpatched
servers.
* Deprecated ``OpenSSL.crypto.PKCS12`` (which was intended to
have been deprecated at the same time as
``OpenSSL.crypto.load_pkcs12``).
* Deprecated ``OpenSSL.crypto.NetscapeSPKI``.
* Deprecated ``OpenSSL.crypto.CRL``
* Deprecated ``OpenSSL.crypto.Revoked``
* Deprecated ``OpenSSL.crypto.load_crl`` and
``OpenSSL.crypto.dump_crl``
* Deprecated ``OpenSSL.crypto.sign`` and
``OpenSSL.crypto.verify``
* Deprecated ``OpenSSL.crypto.X509Extension``
* Changed ``OpenSSL.crypto.X509Store.add_crl`` to also accept
* ``cryptography``'s ``x509.CertificateRevocationList``
arguments in addition
* to the now deprecated ``OpenSSL.crypto.CRL`` arguments.
* Fixed ``test_set_default_verify_paths`` test so that it is
skipped if no network connection is available.
- Inject multibuild to avoid a build loop.
python-pyOpenSSL-always-overflow.patch
- fixed doc generation
-Add bug-lp-1265482.diff; fix testsuite for SLE11 (bnc#855666)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pyOpenSSL?expand=0&rev=108
- update to 23.1.1:
* Worked around an issue in OpenSSL 3.1.0 which caused
`X509Extension.get_short_name` to raise an exception when no
short name was known to OpenSSL.
- update to 23.1.0:
* ``cryptography`` maximum version has been increased to
40.0.x.
* Add ``OpenSSL.SSL.Connection.DTLSv1_get_timeout`` and
``OpenSSL.SSL.Connection.DTLSv1_handle_timeout``
to support DTLS timeouts `#1180
OBS-URL: https://build.opensuse.org/request/show/1075038
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-pyOpenSSL?expand=0&rev=49
* Remove support for SSLv2 and SSLv3.
* The minimum ``cryptography`` version is now 37.0.2.
* The ``OpenSSL.crypto.X509StoreContextError`` exception has been refactored,
changing its internal attributes.
* Add ``OpenSSL.SSL.Connection.set_verify`` and ``OpenSSL.SSL.Connection.get_verify_mode``
to override the context object's verification flags.
* Add ``OpenSSL.SSL.Connection.use_certificate`` and
``OpenSSL.SSL.Connection.use_privatekey``
to set a certificate per connection (and not just per context)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pyOpenSSL?expand=0&rev=95
- Add check_inv_ALPN_lists.patch checks for invalid ALPN lists
before calling OpenSSL (gh#pyca/pyopenssl#1056).
- update to 21.0.0:
- The minimum ``cryptography`` version is now 3.3.
- Drop support for Python 3.5
- Raise an error when an invalid ALPN value is set.
- Added ``OpenSSL.SSL.Context.set_min_proto_version`` and ``OpenSSL.SSL.Context.set_max_proto_version``
- Updated ``to_cryptography`` and ``from_cryptography`` methods to support an
upcoming release of ``cryptography`` without raising deprecation warnings.
OBS-URL: https://build.opensuse.org/request/show/928309
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-pyOpenSSL?expand=0&rev=41
- The minimum ``cryptography`` version is now 3.3.
- Drop support for Python 3.5
- Raise an error when an invalid ALPN value is set.
- Added ``OpenSSL.SSL.Context.set_min_proto_version`` and ``OpenSSL.SSL.Context.set_max_proto_version``
- Updated ``to_cryptography`` and ``from_cryptography`` methods to support an
upcoming release of ``cryptography`` without raising deprecation warnings.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pyOpenSSL?expand=0&rev=83
