forked from pool/python-truststore
		
	Compare commits
	
		
			8 Commits
		
	
	
		
	
	| Author | SHA256 | Date | |
|---|---|---|---|
| 707436e7b3 | |||
| fb3e1ebd8c | |||
| 31b82e451a | |||
| bc9b10c8bc | |||
| 415afa3be5 | |||
| 5fd8f8441b | |||
| a67245abad | |||
| 4381ad4010 | 
| @@ -1,113 +0,0 @@ | |||||||
| --- |  | ||||||
|  pyproject.toml     |    3 +++ |  | ||||||
|  test_truststore.py |    7 +++---- |  | ||||||
|  2 files changed, 6 insertions(+), 4 deletions(-) |  | ||||||
|  |  | ||||||
| Index: truststore-0.8.0/pyproject.toml |  | ||||||
| =================================================================== |  | ||||||
| --- truststore-0.8.0.orig/pyproject.toml |  | ||||||
| +++ truststore-0.8.0/pyproject.toml |  | ||||||
| @@ -26,6 +26,9 @@ classifiers = [ |  | ||||||
|  ] |  | ||||||
|  dynamic = ["version", "description"] |  | ||||||
|  requires-python = ">= 3.10" |  | ||||||
| +markers = [ |  | ||||||
| +    "network: test case requires network connection", |  | ||||||
| +] |  | ||||||
|   |  | ||||||
|  [project.urls] |  | ||||||
|  Source = "https://github.com/sethmlarson/truststore" |  | ||||||
| @@ -38,3 +41,6 @@ filterwarnings = [ |  | ||||||
|    # See: aio-libs/aiohttp#7545 |  | ||||||
|    "ignore:.*datetime.utcfromtimestamp().*:DeprecationWarning", |  | ||||||
|  ] |  | ||||||
| +markers = [ |  | ||||||
| +   "network: test case requires network connection", |  | ||||||
| +] |  | ||||||
| Index: truststore-0.8.0/tests/conftest.py |  | ||||||
| =================================================================== |  | ||||||
| --- truststore-0.8.0.orig/tests/conftest.py |  | ||||||
| +++ truststore-0.8.0/tests/conftest.py |  | ||||||
| @@ -18,7 +18,7 @@ SUBPROCESS_TIMEOUT = 5 |  | ||||||
|  original_SSLContext = ssl.SSLContext |  | ||||||
|   |  | ||||||
|   |  | ||||||
| -successful_hosts = pytest.mark.parametrize("host", ["example.com", "1.1.1.1"]) |  | ||||||
| +successful_hosts = pytest.mark.network |  | ||||||
|   |  | ||||||
|  logger = logging.getLogger("aiohttp.web") |  | ||||||
|   |  | ||||||
| Index: truststore-0.8.0/tests/test_api.py |  | ||||||
| =================================================================== |  | ||||||
| --- truststore-0.8.0.orig/tests/test_api.py |  | ||||||
| +++ truststore-0.8.0/tests/test_api.py |  | ||||||
| @@ -27,8 +27,8 @@ pytestmark = pytest.mark.flaky |  | ||||||
|  # if the client drops the connection due to a cert verification error |  | ||||||
|  socket.setdefaulttimeout(10) |  | ||||||
|   |  | ||||||
| -successful_hosts = pytest.mark.parametrize("host", ["example.com", "1.1.1.1"]) |  | ||||||
|   |  | ||||||
| +successful_hosts = pytest.mark.network |  | ||||||
|   |  | ||||||
|  @dataclass |  | ||||||
|  class FailureHost: |  | ||||||
| @@ -118,9 +118,7 @@ failure_hosts_list = [ |  | ||||||
|      ), |  | ||||||
|  ] |  | ||||||
|   |  | ||||||
| -failure_hosts_no_revocation = pytest.mark.parametrize( |  | ||||||
| -    "failure", failure_hosts_list.copy(), ids=attrgetter("host") |  | ||||||
| -) |  | ||||||
| +failure_hosts_no_revocation = pytest.mark.network |  | ||||||
|   |  | ||||||
|  if platform.system() != "Linux": |  | ||||||
|      failure_hosts_list.append( |  | ||||||
| @@ -139,9 +137,7 @@ if platform.system() != "Linux": |  | ||||||
|          ) |  | ||||||
|      ) |  | ||||||
|   |  | ||||||
| -failure_hosts = pytest.mark.parametrize( |  | ||||||
| -    "failure", failure_hosts_list, ids=attrgetter("host") |  | ||||||
| -) |  | ||||||
| +failure_hosts = pytest.mark.network |  | ||||||
|   |  | ||||||
|   |  | ||||||
|  @pytest.fixture(scope="session") |  | ||||||
| @@ -317,7 +313,7 @@ def test_trustme_cert_loaded_via_capath( |  | ||||||
|          assert resp.status == 200 |  | ||||||
|          assert len(resp.data) > 0 |  | ||||||
|   |  | ||||||
| - |  | ||||||
| +@pytest.mark.network |  | ||||||
|  def test_trustme_cert_still_uses_system_certs(trustme_ca): |  | ||||||
|      ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT) |  | ||||||
|      trustme_ca.configure_trust(ctx) |  | ||||||
| Index: truststore-0.8.0/tests/test_sslcontext.py |  | ||||||
| =================================================================== |  | ||||||
| --- truststore-0.8.0.orig/tests/test_sslcontext.py |  | ||||||
| +++ truststore-0.8.0/tests/test_sslcontext.py |  | ||||||
| @@ -7,7 +7,7 @@ from urllib3.exceptions import InsecureR |  | ||||||
|   |  | ||||||
|  import truststore |  | ||||||
|   |  | ||||||
| - |  | ||||||
| +@pytest.mark.network |  | ||||||
|  def test_minimum_maximum_version(): |  | ||||||
|      ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT) |  | ||||||
|      ctx.maximum_version = ssl.TLSVersion.TLSv1_2 |  | ||||||
| @@ -24,6 +24,7 @@ def test_minimum_maximum_version(): |  | ||||||
|      assert ctx.maximum_version == ssl.TLSVersion.TLSv1_2 |  | ||||||
|   |  | ||||||
|   |  | ||||||
| +@pytest.mark.network |  | ||||||
|  def test_check_hostname_false(): |  | ||||||
|      ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT) |  | ||||||
|      assert ctx.check_hostname is True |  | ||||||
| @@ -35,6 +36,7 @@ def test_check_hostname_false(): |  | ||||||
|          assert "match" in str(e.value) |  | ||||||
|   |  | ||||||
|   |  | ||||||
| +@pytest.mark.network |  | ||||||
|  def test_verify_mode_cert_none(): |  | ||||||
|      ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT) |  | ||||||
|      assert ctx.check_hostname is True |  | ||||||
| @@ -1,3 +1,51 @@ | |||||||
|  | ------------------------------------------------------------------- | ||||||
|  | Mon Feb 24 10:44:14 UTC 2025 - Dirk Müller <dmueller@suse.com> | ||||||
|  |  | ||||||
|  | - update to 0.10.1: | ||||||
|  |   * Fixed the patching of Requests' globally-cached | ||||||
|  |     `ssl.SSLContext` object to work automagically with | ||||||
|  |     ``truststore.inject_into_ssl()`` regardless of import-order. | ||||||
|  |   * Speed up import times by skipping feature-checking for known | ||||||
|  |     Python implementations (CPython and PyPy). | ||||||
|  |  | ||||||
|  | ------------------------------------------------------------------- | ||||||
|  | Tue Jan 28 10:07:25 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> | ||||||
|  |  | ||||||
|  | - Update to 0.10.0 | ||||||
|  |   * Added support for macOS 10.13 and earlier using the `SecTrustEvaluate` | ||||||
|  |     API. Note that this API doesn't return fine-grained errors like | ||||||
|  |     `SecTrustEvaluateWithError` (requires macOS 10.14+). | ||||||
|  |   * Added `SSLContext.set_default_verify_paths()` method. | ||||||
|  |   * Changed method for disabling hostname verification for macOS and | ||||||
|  |     Windows. Previously would ignore hostname verification errors if | ||||||
|  |     `SSLContext.check_hostname` was `False`. | ||||||
|  |     Now for both macOS and Windows the certificate verification policy | ||||||
|  |     is configured to not check certificate hostname. This should have | ||||||
|  |     no effect on users. | ||||||
|  | - from version 0.9.2 | ||||||
|  |   * Fixed an issue where implementations supporting Python 3.10 but not | ||||||
|  |     the peer certificate chain APIs would fail during the handshake instead | ||||||
|  |     of when importing the `truststore` module. The module now raises an error | ||||||
|  |     immediately instead of on first handshake. This was added for the GraalPy | ||||||
|  |     implementation specifically, but there may be others. | ||||||
|  | - Skip test_wrong_host_succeeds_with_hostname_verification_disabled test | ||||||
|  |  | ||||||
|  | ------------------------------------------------------------------- | ||||||
|  | Thu Oct  3 05:43:57 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com> | ||||||
|  |  | ||||||
|  | - Add missing BuildRequires on pyOpenSSL for the testsuite, rather than | ||||||
|  |   depending on it transitivity. | ||||||
|  |  | ||||||
|  | ------------------------------------------------------------------- | ||||||
|  | Wed Aug 14 05:38:45 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com> | ||||||
|  |  | ||||||
|  | - Update to 0.9.1: | ||||||
|  |   * Fixed an issue for CPython 3.13 where `ssl.SSLSocket` and `ssl.SSLObject` | ||||||
|  |     certificate chain APIs would return different types. | ||||||
|  |   * Added support for Python 3.13. | ||||||
|  |   * Fixed loading additional certificates on macOS. | ||||||
|  | - Drop patch no-network-testing.patch, not required. | ||||||
|  |  | ||||||
| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ||||||
| Sat Mar  2 08:02:57 UTC 2024 - Andreas Schneider <asn@cryptomilk.org> | Sat Mar  2 08:02:57 UTC 2024 - Andreas Schneider <asn@cryptomilk.org> | ||||||
|  |  | ||||||
|   | |||||||
| @@ -1,7 +1,7 @@ | |||||||
| # | # | ||||||
| # spec file for package python-truststore | # spec file for package python-truststore | ||||||
| # | # | ||||||
| # Copyright (c) 2024 SUSE LLC | # Copyright (c) 2025 SUSE LLC | ||||||
| # | # | ||||||
| # All modifications and additions to the file contributed by third parties | # All modifications and additions to the file contributed by third parties | ||||||
| # remain the property of their copyright owners, unless otherwise agreed | # remain the property of their copyright owners, unless otherwise agreed | ||||||
| @@ -17,22 +17,19 @@ | |||||||
|  |  | ||||||
|  |  | ||||||
| %{?sle15_python_module_pythons} | %{?sle15_python_module_pythons} | ||||||
| %define skip_python39 1 |  | ||||||
| Name:           python-truststore | Name:           python-truststore | ||||||
| Version:        0.8.0 | Version:        0.10.1 | ||||||
| Release:        0 | Release:        0 | ||||||
| Summary:        Verify certificates using OS trust stores | Summary:        Verify certificates using OS trust stores | ||||||
| License:        MIT | License:        MIT | ||||||
| URL:            https://github.com/sethmlarson/truststore | URL:            https://github.com/sethmlarson/truststore | ||||||
| Source:         https://github.com/sethmlarson/truststore/archive/refs/tags/v%{version}.tar.gz#/truststore-%{version}.tar.gz | Source:         https://github.com/sethmlarson/truststore/archive/refs/tags/v%{version}.tar.gz#/truststore-%{version}.tar.gz | ||||||
| # PATCH-FEATURE-UPSTREAM no-network-testing.patch bsc#[0-9]+ mcepl@suse.com |  | ||||||
| # skip tests requiring network access |  | ||||||
| Patch0:         no-network-testing.patch |  | ||||||
| BuildRequires:  %{python_module aiohttp} | BuildRequires:  %{python_module aiohttp} | ||||||
| BuildRequires:  %{python_module flaky} | BuildRequires:  %{python_module flaky} | ||||||
| BuildRequires:  %{python_module flit-core} | BuildRequires:  %{python_module flit-core} | ||||||
| BuildRequires:  %{python_module httpx} | BuildRequires:  %{python_module httpx} | ||||||
| BuildRequires:  %{python_module pip} | BuildRequires:  %{python_module pip} | ||||||
|  | BuildRequires:  %{python_module pyOpenSSL} | ||||||
| BuildRequires:  %{python_module pytest-asyncio} | BuildRequires:  %{python_module pytest-asyncio} | ||||||
| BuildRequires:  %{python_module pytest-httpserver} | BuildRequires:  %{python_module pytest-httpserver} | ||||||
| BuildRequires:  %{python_module pytest} | BuildRequires:  %{python_module pytest} | ||||||
| @@ -61,12 +58,12 @@ considered experimental. | |||||||
| %python_expand %fdupes %{buildroot}%{$python_sitelib} | %python_expand %fdupes %{buildroot}%{$python_sitelib} | ||||||
|  |  | ||||||
| %check | %check | ||||||
| %pytest -s -k 'not network' | %pytest -s -k 'not internet and not test_wrong_host_succeeds_with_hostname_verification_disabled' | ||||||
|  |  | ||||||
| %files %{python_files} | %files %{python_files} | ||||||
| %doc README.md | %doc README.md | ||||||
| %license LICENSE | %license LICENSE | ||||||
| %{python_sitelib}/truststore | %{python_sitelib}/truststore | ||||||
| %{python_sitelib}/truststore-%{version}*-info | %{python_sitelib}/truststore-%{version}.dist-info | ||||||
|  |  | ||||||
| %changelog | %changelog | ||||||
|   | |||||||
							
								
								
									
										3
									
								
								truststore-0.10.1.tar.gz
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								truststore-0.10.1.tar.gz
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,3 @@ | |||||||
|  | version https://git-lfs.github.com/spec/v1 | ||||||
|  | oid sha256:a470d2763875f9b9a148d5726af330d15b65d2a83f70610c262de8888ee94b4e | ||||||
|  | size 29120 | ||||||
| @@ -1,3 +0,0 @@ | |||||||
| version https://git-lfs.github.com/spec/v1 |  | ||||||
| oid sha256:c862292f8d136bfcf2a7827a1fd1c1b27944a982741205fb466005673b570df8 |  | ||||||
| size 25619 |  | ||||||
		Reference in New Issue
	
	Block a user