python-cryptography/skip_openssl_memleak_test.patch

---
 tests/hazmat/backends/test_openssl_memleak.py |   10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

Index: cryptography-42.0.1/tests/hazmat/backends/test_openssl_memleak.py
===================================================================
--- cryptography-42.0.1.orig/tests/hazmat/backends/test_openssl_memleak.py
+++ cryptography-42.0.1/tests/hazmat/backends/test_openssl_memleak.py
@@ -199,11 +199,9 @@ def assert_no_memory_leaks(s, argv=[]):
 
 
 def skip_if_memtesting_not_supported():
-    return pytest.mark.skipif(
-        not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS
-        or platform.python_implementation() == "PyPy",
-        reason="Requires OpenSSL memory functions (>=1.1.0) and not PyPy",
-    )
+    return pytest.mark.skip(
+        reason="Our FIPS openssl startup code invokes CRYPTO_malloc() which prevents later debugging via CRYPTO_set_mem_functions()"
+     )
 
 
 @pytest.mark.skip_fips(reason="FIPS self-test sets allow_customize = 0")
Accepting request 1033458 from home:mcepl:branches:devel:languages:python - update to 38.0.3: - Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.7, which resolves CVE-2022-3602 and CVE-2022-3786. OBS-URL: https://build.opensuse.org/request/show/1033458 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=163 2022-11-04 07:58:36 +00:00			`---`
Accepting request 1098044 from home:mcepl:branches:devel:languages:python - Add no-pytest_benchmark.patch, which remove dependency on pytest-benchmark and coveralls (We don't need no benchmarking and coverage measurement; bsc#1213005). OBS-URL: https://build.opensuse.org/request/show/1098044 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=188 2023-07-11 05:55:34 +00:00			`tests/hazmat/backends/test_openssl_memleak.py \| 10 ++++------`
			`1 file changed, 4 insertions(+), 6 deletions(-)`
Accepting request 1033458 from home:mcepl:branches:devel:languages:python - update to 38.0.3: - Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.7, which resolves CVE-2022-3602 and CVE-2022-3786. OBS-URL: https://build.opensuse.org/request/show/1033458 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=163 2022-11-04 07:58:36 +00:00
- update to 42.0.1: * Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey :meth:`~cryptography.hazmat.primitive s.asymmetric.ec.EllipticCurvePrivateKey.sign`. * Resolved compatibility issue with loading certain RSA public keys in :func:`~cryptography.hazmat.primitives.serialization. load_pem_public_key`. * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7. * BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field using :func:`~cryptography.hazmat.primitives.serialization.pk cs7.load_pem_pkcs7_certificates` or :func:`~cryptography.hazm at.primitives.serialization.pkcs7.load_der_pkcs7_certificates ` will now raise a ValueError rather than return an empty list. * Parsing SSH certificates no longer permits malformed critical options with values, as documented in the 41.0.2 release notes. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0. * Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0. * We now publish both py37 and py39 abi3 wheels. This should resolve some errors relating to initializing a module multiple times per process. * Support :class:`~cryptography.hazmat.primitives.asymmetric.pa dding.PSS` for X.509 certificate signing requests and certificate revocation lists with the keyword-only argument rsa_padding on the sign methods for :class:`~cryptography.x509.CertificateSigningRequestBuilder` and OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=205 2024-01-29 14:19:13 +00:00			`Index: cryptography-42.0.1/tests/hazmat/backends/test_openssl_memleak.py`
			`===================================================================`
			`--- cryptography-42.0.1.orig/tests/hazmat/backends/test_openssl_memleak.py`
			`+++ cryptography-42.0.1/tests/hazmat/backends/test_openssl_memleak.py`
			`@@ -199,11 +199,9 @@ def assert_no_memory_leaks(s, argv=[]):`
Accepting request 521999 from home:vitezslav_cizek:branches:devel:languages:python - Disable memleak tests to fix build with OpenSSL 1.1 (bsc#1055478) * add skip_openssl_memleak_test.patch OBS-URL: https://build.opensuse.org/request/show/521999 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=69 2017-09-07 14:49:40 +00:00

			`def skip_if_memtesting_not_supported():`
			`- return pytest.mark.skipif(`
- update to 40.0.1: * Support for Python 3.6 is deprecated and will be removed in the next release. * Deprecated the current minimum supported Rust version (MSRV) of 1.48.0. In the next release we will raise MSRV to 1.56.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed * Deprecated support for OpenSSL less than 1.1.1d. The next release of ``cryptography`` will drop support for older versions. * Deprecated support for DSA keys in :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` and :func:`~cryptography.hazmat.primitives.serialization.load_s sh_private_key`. * Deprecated support for OpenSSH serialization in :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP ublicKey` and :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP rivateKey`. * Added support for parsing SSH certificates in addition to public keys with :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_identity`. :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` continues to support only public keys. * Added support for generating SSH certificates with :class:`~cryptography.hazmat.primitives.serialization.SSHCe rtificateBuilder`. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=176 2023-03-26 19:59:51 +00:00			`- not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS`
			`- or platform.python_implementation() == "PyPy",`
			`- reason="Requires OpenSSL memory functions (>=1.1.0) and not PyPy",`
- update to 3.0 - refreshed disable-uneven-sizes-tests.patch and skip_openssl_memleak_test.patch * Removed support for passing an Extension instance to from_issuer_subject_key_identifier(), as per our deprecation policy. * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. * RSA generate_private_key() no longer accepts public_exponent values except 65537 and 3 (the latter for legacy purposes). * X.509 certificate parsing now enforces that the version field contains a valid value, rather than deferring this check until version is accessed. * Deprecated support for Python 2 * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa private keys: load_ssh_private_key() for loading and OpenSSH for writing. * Added support for OpenSSH certificates to load_ssh_public_key(). * Added encrypt_at_time() and decrypt_at_time() to Fernet. * Added support for the SubjectInformationAccess X.509 extension. * Added support for parsing SignedCertificateTimestamps in OCSP responses. * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid(). * Added support for encoding attributes in certificate signing requests via add_attribute(). * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG instead of its own OS random engine because these versions of OpenSSL properly reseed on fork. * Added initial support for creating PKCS12 files with serialize_key_and_certificates(). OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=122 2020-07-28 17:32:18 +00:00			`- )`
Accepting request 521999 from home:vitezslav_cizek:branches:devel:languages:python - Disable memleak tests to fix build with OpenSSL 1.1 (bsc#1055478) * add skip_openssl_memleak_test.patch OBS-URL: https://build.opensuse.org/request/show/521999 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=69 2017-09-07 14:49:40 +00:00			`+ return pytest.mark.skip(`
			`+ reason="Our FIPS openssl startup code invokes CRYPTO_malloc() which prevents later debugging via CRYPTO_set_mem_functions()"`
- update to 3.0 - refreshed disable-uneven-sizes-tests.patch and skip_openssl_memleak_test.patch * Removed support for passing an Extension instance to from_issuer_subject_key_identifier(), as per our deprecation policy. * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. * RSA generate_private_key() no longer accepts public_exponent values except 65537 and 3 (the latter for legacy purposes). * X.509 certificate parsing now enforces that the version field contains a valid value, rather than deferring this check until version is accessed. * Deprecated support for Python 2 * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa private keys: load_ssh_private_key() for loading and OpenSSH for writing. * Added support for OpenSSH certificates to load_ssh_public_key(). * Added encrypt_at_time() and decrypt_at_time() to Fernet. * Added support for the SubjectInformationAccess X.509 extension. * Added support for parsing SignedCertificateTimestamps in OCSP responses. * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid(). * Added support for encoding attributes in certificate signing requests via add_attribute(). * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG instead of its own OS random engine because these versions of OpenSSL properly reseed on fork. * Added initial support for creating PKCS12 files with serialize_key_and_certificates(). OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=122 2020-07-28 17:32:18 +00:00			`+ )`
- update to 42.0.1: * Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey :meth:`~cryptography.hazmat.primitive s.asymmetric.ec.EllipticCurvePrivateKey.sign`. * Resolved compatibility issue with loading certain RSA public keys in :func:`~cryptography.hazmat.primitives.serialization. load_pem_public_key`. * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7. * BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field using :func:`~cryptography.hazmat.primitives.serialization.pk cs7.load_pem_pkcs7_certificates` or :func:`~cryptography.hazm at.primitives.serialization.pkcs7.load_der_pkcs7_certificates ` will now raise a ValueError rather than return an empty list. * Parsing SSH certificates no longer permits malformed critical options with values, as documented in the 41.0.2 release notes. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0. * Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0. * We now publish both py37 and py39 abi3 wheels. This should resolve some errors relating to initializing a module multiple times per process. * Support :class:`~cryptography.hazmat.primitives.asymmetric.pa dding.PSS` for X.509 certificate signing requests and certificate revocation lists with the keyword-only argument rsa_padding on the sign methods for :class:`~cryptography.x509.CertificateSigningRequestBuilder` and OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=205 2024-01-29 14:19:13 +00:00
Accepting request 521999 from home:vitezslav_cizek:branches:devel:languages:python - Disable memleak tests to fix build with OpenSSL 1.1 (bsc#1055478) * add skip_openssl_memleak_test.patch OBS-URL: https://build.opensuse.org/request/show/521999 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=69 2017-09-07 14:49:40 +00:00
- update to 3.0 - refreshed disable-uneven-sizes-tests.patch and skip_openssl_memleak_test.patch * Removed support for passing an Extension instance to from_issuer_subject_key_identifier(), as per our deprecation policy. * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. * RSA generate_private_key() no longer accepts public_exponent values except 65537 and 3 (the latter for legacy purposes). * X.509 certificate parsing now enforces that the version field contains a valid value, rather than deferring this check until version is accessed. * Deprecated support for Python 2 * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa private keys: load_ssh_private_key() for loading and OpenSSH for writing. * Added support for OpenSSH certificates to load_ssh_public_key(). * Added encrypt_at_time() and decrypt_at_time() to Fernet. * Added support for the SubjectInformationAccess X.509 extension. * Added support for parsing SignedCertificateTimestamps in OCSP responses. * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid(). * Added support for encoding attributes in certificate signing requests via add_attribute(). * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG instead of its own OS random engine because these versions of OpenSSL properly reseed on fork. * Added initial support for creating PKCS12 files with serialize_key_and_certificates(). OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=122 2020-07-28 17:32:18 +00:00			`@pytest.mark.skip_fips(reason="FIPS self-test sets allow_customize = 0")`