From d31ee8068632315b21fd25c4ff62529b18b293c18b233d41a4d73bfe7dc9c77a Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 26 Mar 2023 19:59:51 +0000 Subject: [PATCH] - update to 40.0.1: * Support for Python 3.6 is deprecated and will be removed in the next release. * Deprecated the current minimum supported Rust version (MSRV) of 1.48.0. In the next release we will raise MSRV to 1.56.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed * Deprecated support for OpenSSL less than 1.1.1d. The next release of ``cryptography`` will drop support for older versions. * Deprecated support for DSA keys in :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` and :func:`~cryptography.hazmat.primitives.serialization.load_s sh_private_key`. * Deprecated support for OpenSSH serialization in :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP ublicKey` and :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP rivateKey`. * Added support for parsing SSH certificates in addition to public keys with :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_identity`. :func:`~cryptography.hazmat.primitives.serialization.load_s sh_public_key` continues to support only public keys. * Added support for generating SSH certificates with :class:`~cryptography.hazmat.primitives.serialization.SSHCe rtificateBuilder`. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=176 --- _service | 2 +- cryptography-39.0.2.tar.gz | 3 --- cryptography-40.0.1.tar.gz | 3 +++ python-cryptography.changes | 48 +++++++++++++++++++++++++++++++++ python-cryptography.spec | 2 +- skip_openssl_memleak_test.patch | 17 +++++++----- vendor.tar.zst | 4 +-- 7 files changed, 66 insertions(+), 13 deletions(-) delete mode 100644 cryptography-39.0.2.tar.gz create mode 100644 cryptography-40.0.1.tar.gz diff --git a/_service b/_service index 9ee96a8..794d362 100644 --- a/_service +++ b/_service @@ -1,7 +1,7 @@ - cryptography-39.0.0/src/rust + cryptography-40.0.1/src/rust zst diff --git a/cryptography-39.0.2.tar.gz b/cryptography-39.0.2.tar.gz deleted file mode 100644 index de1df50..0000000 --- a/cryptography-39.0.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:bc5b871e977c8ee5a1bbc42fa8d19bcc08baf0c51cbf1586b0e87a2694dde42f -size 604277 diff --git a/cryptography-40.0.1.tar.gz b/cryptography-40.0.1.tar.gz new file mode 100644 index 0000000..253e2e9 --- /dev/null +++ b/cryptography-40.0.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2803f2f8b1e95f614419926c7e6f55d828afc614ca5ed61543877ae668cc3472 +size 624978 diff --git a/python-cryptography.changes b/python-cryptography.changes index a64b983..15a9e80 100644 --- a/python-cryptography.changes +++ b/python-cryptography.changes @@ -1,3 +1,51 @@ +------------------------------------------------------------------- +Sun Mar 26 19:56:32 UTC 2023 - Dirk Müller + +- update to 40.0.1: + * Support for Python 3.6 is deprecated and will be removed in + the next release. + * Deprecated the current minimum supported Rust version (MSRV) + of 1.48.0. In the next release we will raise MSRV to 1.56.0. + Users with the latest ``pip`` will typically get a wheel + and not need Rust installed + * Deprecated support for OpenSSL less than 1.1.1d. The next + release of ``cryptography`` will drop support for older versions. + * Deprecated support for DSA keys in + :func:`~cryptography.hazmat.primitives.serialization.load_s + sh_public_key` + and + :func:`~cryptography.hazmat.primitives.serialization.load_s + sh_private_key`. + * Deprecated support for OpenSSH serialization in + :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP + ublicKey` + and + :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAP + rivateKey`. + * Added support for parsing SSH certificates in addition to + public keys with + :func:`~cryptography.hazmat.primitives.serialization.load_s + sh_public_identity`. + :func:`~cryptography.hazmat.primitives.serialization.load_s + sh_public_key` continues to support only public keys. + * Added support for generating SSH certificates with + :class:`~cryptography.hazmat.primitives.serialization.SSHCe + rtificateBuilder`. + * Added :meth:`~cryptography.x509.Certificate.verify_directly_i + ssued_by` to + :class:`~cryptography.x509.Certificate`. + * Added a check to :class:`~cryptography.x509.NameConstraints` + to ensure that :class:`~cryptography.x509.DNSName` constraints + do not contain any ``*`` wildcards. + * Removed many unused CFFI OpenSSL bindings. This will not + impact you unless you are using ``cryptography`` to directly + invoke OpenSSL's C API. Note that + these have never been considered a stable, supported, + public API by ``cryptography``, this note is included as a courtesy. + * The X.509 builder classes now raise ``UnsupportedAlgorithm`` + instead of ``ValueError`` if an unsupported hash algorithm is passed. + * Added public union type aliases for type hinting + ------------------------------------------------------------------- Tue Mar 7 07:34:20 UTC 2023 - Dirk Müller diff --git a/python-cryptography.spec b/python-cryptography.spec index 19c49d4..7bf67ad 100644 --- a/python-cryptography.spec +++ b/python-cryptography.spec @@ -28,7 +28,7 @@ %bcond_with test %endif Name: python-cryptography%{psuffix} -Version: 39.0.2 +Version: 40.0.1 Release: 0 Summary: Python library which exposes cryptographic recipes and primitives License: Apache-2.0 OR BSD-3-Clause diff --git a/skip_openssl_memleak_test.patch b/skip_openssl_memleak_test.patch index 7bb6954..5e642da 100644 --- a/skip_openssl_memleak_test.patch +++ b/skip_openssl_memleak_test.patch @@ -2,19 +2,24 @@ tests/hazmat/backends/test_openssl_memleak.py | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) ---- a/tests/hazmat/backends/test_openssl_memleak.py -+++ b/tests/hazmat/backends/test_openssl_memleak.py -@@ -174,10 +174,9 @@ def assert_no_memory_leaks(s, argv=[]): +Index: cryptography-40.0.1/tests/hazmat/backends/test_openssl_memleak.py +=================================================================== +--- cryptography-40.0.1.orig/tests/hazmat/backends/test_openssl_memleak.py ++++ cryptography-40.0.1/tests/hazmat/backends/test_openssl_memleak.py +@@ -204,12 +204,10 @@ def assert_no_memory_leaks(s, argv=[]): def skip_if_memtesting_not_supported(): - return pytest.mark.skipif( -- not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS, -- reason="Requires OpenSSL memory functions (>=1.1.0)", +- not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS +- or platform.python_implementation() == "PyPy", +- reason="Requires OpenSSL memory functions (>=1.1.0) and not PyPy", - ) +- + return pytest.mark.skip( + reason="Our FIPS openssl startup code invokes CRYPTO_malloc() which prevents later debugging via CRYPTO_set_mem_functions()" + ) - ++ @pytest.mark.skip_fips(reason="FIPS self-test sets allow_customize = 0") + @skip_if_memtesting_not_supported() diff --git a/vendor.tar.zst b/vendor.tar.zst index 1441bc3..c51d884 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:496dc7babba9bf44823e5380db97c8777653e3586d0e7b55f9fb1595376d3b4e -size 8109468 +oid sha256:d71248f9e02ecfa211ee0ddc44ade4d776844d0e6d3fc7d6a122433bdc731b95 +size 22460854