- update to 24.2.0:

* Python 3.13 is now officially supported. * pyOpenSSL's identity extraction has been reimplemented using *cryptography*'s primitives instead of deprecated pyOpenSSL APIs. * As a result, the oldest supported pyOpenSSL version is now 17.1.0. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-service_identity?expand=0&rev=36
2024-10-30 19:54:55 +00:00
commit 76b4df06de
6 changed files with 332 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+.osc
--- a/24.1.0.tar.gz
+++ b/24.1.0.tar.gz
--- a/24.2.0.tar.gz
+++ b/24.2.0.tar.gz
--- a/python-service_identity.changes
+++ b/python-service_identity.changes
@@ -0,0 +1,219 @@
+-------------------------------------------------------------------
+Wed Oct 30 19:54:23 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 24.2.0:
+  * Python 3.13 is now officially supported.
+  * pyOpenSSL's identity extraction has been reimplemented using
+    *cryptography*'s primitives instead of deprecated pyOpenSSL
+    APIs.
+  * As a result, the oldest supported pyOpenSSL version is now
+    17.1.0.
+
+-------------------------------------------------------------------
+Sat Jan 20 20:31:18 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 24.1.0:
+  * If a certificate doesn't contain any `subjectAltName`s, we
+    now raise `service_identity.CertificateError` instead of
+    `service_identity.VerificationError` to make the problem
+    easier to debug.
+
+-------------------------------------------------------------------
+Mon Sep 18 09:42:13 UTC 2023 - pgajdos@suse.com
+
+- python-six is not required
+
+-------------------------------------------------------------------
+Wed Jun 21 13:47:12 UTC 2023 - ecsos <ecsos@opensuse.org>
+
+- Update to 23.1.0
+  * Removed
+    - All Python versions up to and including 3.7 have been dropped.
+    - Support for commonName in certificates has been dropped.
+      It has been deprecated since 2017 and isn't supported by any
+      major browser.
+    - The oldest supported pyOpenSSL version (when using the
+      pyopenssl backend) is now 17.0.0.
+      When using such an old pyOpenSSL version, you have to pin
+      cryptography yourself to ensure compatibility between them.
+      Please check out contraints/oldest-pyopenssl.txt to verify
+      what we are testing against.
+  * Deprecated
+    - If you've used service_identity.(cryptography|pyopenssl).extract_ids(),
+      please switch to the new names extract_patterns(). #56
+  * Added
+    - service_identity.(cryptography|pyopenssl).extract_patterns()
+      are now public APIs (FKA extract_ids()).
+      You can use them to extract the patterns from a certificate
+      without verifying anything. #55
+    - service-identity is now fully typed. #57
+
+-------------------------------------------------------------------
+Fri Apr 21 12:33:48 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- add sle15_python_module_pythons (jsc#PED-68)
+
+-------------------------------------------------------------------
+Thu Apr 13 22:44:43 UTC 2023 - Matej Cepl <mcepl@suse.com>
+
+- Make calling of %{sle15modernpython} optional.
+
+-------------------------------------------------------------------
+Fri Feb 24 07:27:03 UTC 2023 - Matej Cepl <mcepl@suse.com>
+
+- Clean up the SPEC file.
+
+-------------------------------------------------------------------
+Mon Feb  7 14:27:56 UTC 2022 - Matej Cepl <mcepl@suse.com>
+
+- Update to 21.1.0:
+  - Python 3.4 is not supported anymore. It has been unsupported
+    by the Python core team for a while now, its PyPI downloads
+    are negligible, and our CI provider removed it as a supported
+    option.
+  - It's very unlikely that service-identity will break under 3.4
+    anytime soon, which is why we do not block its installation
+    on Python 3.4. But we don't test it anymore and will block it
+    once someone reports breakage.
+  - service_identity.exceptions.VerificationError can now be
+    pickled and is overall more well-behaved as an exception.
+    This raises the requirement of attrs to 19.1.0.
+- This package actually truly requires six (it is expected to
+  work with Python 2.7 as well).
+
+-------------------------------------------------------------------
+Thu Mar 12 07:32:33 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Fix build without python2
+
+-------------------------------------------------------------------
+Fri Jan  3 14:16:19 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Format with spec-cleaner
+- Upstream seems to rebase the tarball, refetch it
+
+-------------------------------------------------------------------
+Fri Mar  1 14:02:29 UTC 2019 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 18.1.0
+- drop fetch-intersphinx-inventories.sh
+- drop local-intersphinx-inventories.patch
+- cleanup spec + enable tests
+ * pyOpenSSL is optional now if you use service_identity.cryptography.* only.
+ * Added support for iPAddress subjectAltNames.
+
+-------------------------------------------------------------------
+Mon Feb 25 19:48:17 UTC 2019 - Todd R <toddrme2178@gmail.com>
+
+- add fetch-intersphinx-inventories.sh to the sources
+
+-------------------------------------------------------------------
+Mon Feb  4 19:49:08 UTC 2019 - Hans-Peter Jansen <hpj@urpla.net>
+
+- add local-intersphinx-inventories.patch for generating the docs
+  correctly
+- add fetch-intersphinx-inventories.sh to fetch the inventories
+
+-------------------------------------------------------------------
+Tue Dec  4 12:54:12 UTC 2018 - Matej Cepl <mcepl@suse.com>
+
+- Remove superfluous devel dependency for noarch package
+
+-------------------------------------------------------------------
+Mon Oct  1 14:33:07 UTC 2018 - Bernhard Wiedemann <bwiedemann@suse.com>
+
+- Reduce parallelism of sphinx-build
+  to ensure reproducible builds (boo#1102408)
+
+-------------------------------------------------------------------
+Tue Sep 25 11:54:42 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Drop some SLE11 code that is quite useless today
+
+-------------------------------------------------------------------
+Mon Sep 24 13:16:17 UTC 2018 - ecsos@opensuse.org
+
+- Update to 17.0.0:
+  * Deprecations:
+    - Since Chrome 58 and Firefox 48 both don’t accept certificates
+      that contain only a Common Name, its usage is hereby
+      deprecated in service_identity too. We have been raising
+      a warning since 16.0.0 and the support will be removed in
+      mid-2018 for good.
+  * Changes:
+    - When service_identity.SubjectAltNameWarning is raised, the
+      Common Name of the certificate is now included in the warning
+      message. #17
+    - Added cryptography.x509 backend for verifying certificates.
+      #18
+    - Wildcards (*) are now only allowed if they are the leftmost
+      label in a certificate. This is common practice by all major
+      browsers. #19
+
+-------------------------------------------------------------------
+Sat Jul  1 15:09:29 UTC 2017 - okurz@suse.com
+
+- Convert to singlespec
+
+-------------------------------------------------------------------
+Thu Jun  2 16:30:29 UTC 2016 - jacobwinski@gmail.com
+
+- Update to 16.0.0:
+  * Changes:
+    +  Officially support Python 3.5.
+    +  service_identity.SubjectAltNameWarning is now raised if the server certicate lacks a proper SubjectAltName. [#9]
+    +  Add a __str__ method to VerificationError.
+    +  Port from characteristic to its spiritual successor attrs.
+  * Backward-incompatible changes:
+    +  Python 3.3 and 2.6 aren't supported anymore. They may work by chance but any effort to keep them working has ceased.
+    +  pyOpenSSL versions older than 0.14 are not tested anymore. They don't even build with recent OpenSSL versions.
+- Update spec file with new upstream package requirements.
+
+-------------------------------------------------------------------
+Tue Jul 21 12:30:36 UTC 2015 - nemysis@gmx.ch
+
+- Change URL
+- Use %{oname} instead of service_identity
+- Add BuildRequires for python-Sphinx for Documentation
+- Change Description
+- Change Documentation add index.html
+- Add Man Page
+
+-------------------------------------------------------------------
+Thu Jul 16 23:49:31 UTC 2015 - jacobwinski@gmail.com
+
+- update pkg description to reflect upstream
+- rm warnings in description about this pkg being alpha / possibly broken
+
+-------------------------------------------------------------------
+Thu Jul 16 23:38:30 UTC 2015 - jacobwinski@gmail.com
+
+- alphabetize BuildRequires & Requires
+- remove no longer needed commented out test fail workaround
+
+-------------------------------------------------------------------
+Thu Jul 16 23:24:49 UTC 2015 - jacobwinski@gmail.com
+
+- update to 14.0.0:
+  * update spec file with new requirements per instructions by upstream
+  * update spec file comment out no longer needed test fail workaround
+  * upstream changes:
+    + Switch to year-based version numbers.
+    + Port to characteristic 14.0 (get rid of deprecation warnings).
+    + Package docs with sdist.
+
+-update to 1.0.0:
+  * Backward-incompatible changes:
+    + Drop support for Python 3.2. There is no justification to add complexity and unnecessary function calls for a Python version that nobody uses.
+  * changes:
+    + Move into the Python Cryptography Authority’s GitHub account.
+    + Move exceptions into service_identity.exceptions so tracebacks don’t contain private module names.
+    + Promoting to stable since Twisted 14.0 is optionally depending on service_identity now.
+    + Use characteristic instead of a home-grown solution.
+    + idna 0.6 did some backward-incompatible fixes that broke Python 3 support. This has been fixed now therefore service_identity only works with idna 0.6 and later. Unfortunately since idna doesn’t offer version introspection, service_identity can’t warn about it.
+
+-------------------------------------------------------------------
+Thu May 15 07:59:23 UTC 2014 - hpj@urpla.net
+
+- version 0.2: initial build
+
--- a/python-service_identity.spec
+++ b/python-service_identity.spec
@@ -0,0 +1,83 @@
+#
+# spec file for package python-service_identity
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%define oname   service_identity
+%{?sle15_python_module_pythons}
+Name:           python-service_identity
+Version:        24.2.0
+Release:        0
+Summary:        Service identity verification for pyOpenSSL
+License:        MIT
+Group:          Development/Languages/Python
+URL:            https://github.com/pyca/service_identity
+# no tests in upstream tarball
+Source:         https://github.com/pyca/service_identity/archive/%{version}.tar.gz
+BuildRequires:  %{python_module attrs >= 19.1.0}
+BuildRequires:  %{python_module cryptography}
+BuildRequires:  %{python_module hatch-fancy-pypi-readme}
+BuildRequires:  %{python_module hatch_vcs}
+BuildRequires:  %{python_module hatchling >= 1.14.0}
+BuildRequires:  %{python_module idna}
+BuildRequires:  %{python_module pip}
+BuildRequires:  %{python_module pyOpenSSL >= 17.1.0}
+BuildRequires:  %{python_module pyasn1-modules}
+BuildRequires:  %{python_module pyasn1}
+BuildRequires:  %{python_module pytest}
+BuildRequires:  %{python_module wheel}
+BuildRequires:  fdupes
+BuildRequires:  python-rpm-macros
+Requires:       python-attrs >= 19.1.0
+Requires:       python-cryptography
+Requires:       python-pyasn1
+Requires:       python-pyasn1-modules
+Recommends:     python-idna
+Recommends:     python-pyOpenSSL >= 17.1.0
+BuildArch:      noarch
+%ifpython2
+Requires:       python-ipaddress
+%endif
+%python_subpackages
+
+%description
+service_identity aspires to give you all the tools you need for
+verifying whether a certificate is valid for the intended purposes.
+
+In the simplest case, this means host name verification. However,
+service_identity implements RFC 6125 fully and plans to add other
+relevant RFCs too.
+
+%prep
+%setup -q -n service-identity-%{version}
+
+%build
+%pyproject_wheel
+
+%install
+%pyproject_install
+%python_expand %fdupes %{buildroot}%{$python_sitelib}
+
+%check
+%pytest
+
+%files %{python_files}
+%license LICENSE
+%doc README.md
+%{python_sitelib}/%{oname}
+%{python_sitelib}/%{oname}-%{version}*-info
+
+%changelog