forked from pool/python-truststore
		
	Compare commits
	
		
			8 Commits
		
	
	
		
	
	| Author | SHA256 | Date | |
|---|---|---|---|
| 707436e7b3 | |||
| fb3e1ebd8c | |||
| 31b82e451a | |||
| bc9b10c8bc | |||
| 415afa3be5 | |||
| 5fd8f8441b | |||
| a67245abad | |||
| 4381ad4010 | 
| @@ -1,113 +0,0 @@ | ||||
| --- | ||||
|  pyproject.toml     |    3 +++ | ||||
|  test_truststore.py |    7 +++---- | ||||
|  2 files changed, 6 insertions(+), 4 deletions(-) | ||||
|  | ||||
| Index: truststore-0.8.0/pyproject.toml | ||||
| =================================================================== | ||||
| --- truststore-0.8.0.orig/pyproject.toml | ||||
| +++ truststore-0.8.0/pyproject.toml | ||||
| @@ -26,6 +26,9 @@ classifiers = [ | ||||
|  ] | ||||
|  dynamic = ["version", "description"] | ||||
|  requires-python = ">= 3.10" | ||||
| +markers = [ | ||||
| +    "network: test case requires network connection", | ||||
| +] | ||||
|   | ||||
|  [project.urls] | ||||
|  Source = "https://github.com/sethmlarson/truststore" | ||||
| @@ -38,3 +41,6 @@ filterwarnings = [ | ||||
|    # See: aio-libs/aiohttp#7545 | ||||
|    "ignore:.*datetime.utcfromtimestamp().*:DeprecationWarning", | ||||
|  ] | ||||
| +markers = [ | ||||
| +   "network: test case requires network connection", | ||||
| +] | ||||
| Index: truststore-0.8.0/tests/conftest.py | ||||
| =================================================================== | ||||
| --- truststore-0.8.0.orig/tests/conftest.py | ||||
| +++ truststore-0.8.0/tests/conftest.py | ||||
| @@ -18,7 +18,7 @@ SUBPROCESS_TIMEOUT = 5 | ||||
|  original_SSLContext = ssl.SSLContext | ||||
|   | ||||
|   | ||||
| -successful_hosts = pytest.mark.parametrize("host", ["example.com", "1.1.1.1"]) | ||||
| +successful_hosts = pytest.mark.network | ||||
|   | ||||
|  logger = logging.getLogger("aiohttp.web") | ||||
|   | ||||
| Index: truststore-0.8.0/tests/test_api.py | ||||
| =================================================================== | ||||
| --- truststore-0.8.0.orig/tests/test_api.py | ||||
| +++ truststore-0.8.0/tests/test_api.py | ||||
| @@ -27,8 +27,8 @@ pytestmark = pytest.mark.flaky | ||||
|  # if the client drops the connection due to a cert verification error | ||||
|  socket.setdefaulttimeout(10) | ||||
|   | ||||
| -successful_hosts = pytest.mark.parametrize("host", ["example.com", "1.1.1.1"]) | ||||
|   | ||||
| +successful_hosts = pytest.mark.network | ||||
|   | ||||
|  @dataclass | ||||
|  class FailureHost: | ||||
| @@ -118,9 +118,7 @@ failure_hosts_list = [ | ||||
|      ), | ||||
|  ] | ||||
|   | ||||
| -failure_hosts_no_revocation = pytest.mark.parametrize( | ||||
| -    "failure", failure_hosts_list.copy(), ids=attrgetter("host") | ||||
| -) | ||||
| +failure_hosts_no_revocation = pytest.mark.network | ||||
|   | ||||
|  if platform.system() != "Linux": | ||||
|      failure_hosts_list.append( | ||||
| @@ -139,9 +137,7 @@ if platform.system() != "Linux": | ||||
|          ) | ||||
|      ) | ||||
|   | ||||
| -failure_hosts = pytest.mark.parametrize( | ||||
| -    "failure", failure_hosts_list, ids=attrgetter("host") | ||||
| -) | ||||
| +failure_hosts = pytest.mark.network | ||||
|   | ||||
|   | ||||
|  @pytest.fixture(scope="session") | ||||
| @@ -317,7 +313,7 @@ def test_trustme_cert_loaded_via_capath( | ||||
|          assert resp.status == 200 | ||||
|          assert len(resp.data) > 0 | ||||
|   | ||||
| - | ||||
| +@pytest.mark.network | ||||
|  def test_trustme_cert_still_uses_system_certs(trustme_ca): | ||||
|      ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT) | ||||
|      trustme_ca.configure_trust(ctx) | ||||
| Index: truststore-0.8.0/tests/test_sslcontext.py | ||||
| =================================================================== | ||||
| --- truststore-0.8.0.orig/tests/test_sslcontext.py | ||||
| +++ truststore-0.8.0/tests/test_sslcontext.py | ||||
| @@ -7,7 +7,7 @@ from urllib3.exceptions import InsecureR | ||||
|   | ||||
|  import truststore | ||||
|   | ||||
| - | ||||
| +@pytest.mark.network | ||||
|  def test_minimum_maximum_version(): | ||||
|      ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT) | ||||
|      ctx.maximum_version = ssl.TLSVersion.TLSv1_2 | ||||
| @@ -24,6 +24,7 @@ def test_minimum_maximum_version(): | ||||
|      assert ctx.maximum_version == ssl.TLSVersion.TLSv1_2 | ||||
|   | ||||
|   | ||||
| +@pytest.mark.network | ||||
|  def test_check_hostname_false(): | ||||
|      ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT) | ||||
|      assert ctx.check_hostname is True | ||||
| @@ -35,6 +36,7 @@ def test_check_hostname_false(): | ||||
|          assert "match" in str(e.value) | ||||
|   | ||||
|   | ||||
| +@pytest.mark.network | ||||
|  def test_verify_mode_cert_none(): | ||||
|      ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT) | ||||
|      assert ctx.check_hostname is True | ||||
| @@ -1,3 +1,51 @@ | ||||
| ------------------------------------------------------------------- | ||||
| Mon Feb 24 10:44:14 UTC 2025 - Dirk Müller <dmueller@suse.com> | ||||
|  | ||||
| - update to 0.10.1: | ||||
|   * Fixed the patching of Requests' globally-cached | ||||
|     `ssl.SSLContext` object to work automagically with | ||||
|     ``truststore.inject_into_ssl()`` regardless of import-order. | ||||
|   * Speed up import times by skipping feature-checking for known | ||||
|     Python implementations (CPython and PyPy). | ||||
|  | ||||
| ------------------------------------------------------------------- | ||||
| Tue Jan 28 10:07:25 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> | ||||
|  | ||||
| - Update to 0.10.0 | ||||
|   * Added support for macOS 10.13 and earlier using the `SecTrustEvaluate` | ||||
|     API. Note that this API doesn't return fine-grained errors like | ||||
|     `SecTrustEvaluateWithError` (requires macOS 10.14+). | ||||
|   * Added `SSLContext.set_default_verify_paths()` method. | ||||
|   * Changed method for disabling hostname verification for macOS and | ||||
|     Windows. Previously would ignore hostname verification errors if | ||||
|     `SSLContext.check_hostname` was `False`. | ||||
|     Now for both macOS and Windows the certificate verification policy | ||||
|     is configured to not check certificate hostname. This should have | ||||
|     no effect on users. | ||||
| - from version 0.9.2 | ||||
|   * Fixed an issue where implementations supporting Python 3.10 but not | ||||
|     the peer certificate chain APIs would fail during the handshake instead | ||||
|     of when importing the `truststore` module. The module now raises an error | ||||
|     immediately instead of on first handshake. This was added for the GraalPy | ||||
|     implementation specifically, but there may be others. | ||||
| - Skip test_wrong_host_succeeds_with_hostname_verification_disabled test | ||||
|  | ||||
| ------------------------------------------------------------------- | ||||
| Thu Oct  3 05:43:57 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com> | ||||
|  | ||||
| - Add missing BuildRequires on pyOpenSSL for the testsuite, rather than | ||||
|   depending on it transitivity. | ||||
|  | ||||
| ------------------------------------------------------------------- | ||||
| Wed Aug 14 05:38:45 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com> | ||||
|  | ||||
| - Update to 0.9.1: | ||||
|   * Fixed an issue for CPython 3.13 where `ssl.SSLSocket` and `ssl.SSLObject` | ||||
|     certificate chain APIs would return different types. | ||||
|   * Added support for Python 3.13. | ||||
|   * Fixed loading additional certificates on macOS. | ||||
| - Drop patch no-network-testing.patch, not required. | ||||
|  | ||||
| ------------------------------------------------------------------- | ||||
| Sat Mar  2 08:02:57 UTC 2024 - Andreas Schneider <asn@cryptomilk.org> | ||||
|  | ||||
|   | ||||
| @@ -1,7 +1,7 @@ | ||||
| # | ||||
| # spec file for package python-truststore | ||||
| # | ||||
| # Copyright (c) 2024 SUSE LLC | ||||
| # Copyright (c) 2025 SUSE LLC | ||||
| # | ||||
| # All modifications and additions to the file contributed by third parties | ||||
| # remain the property of their copyright owners, unless otherwise agreed | ||||
| @@ -17,22 +17,19 @@ | ||||
|  | ||||
|  | ||||
| %{?sle15_python_module_pythons} | ||||
| %define skip_python39 1 | ||||
| Name:           python-truststore | ||||
| Version:        0.8.0 | ||||
| Version:        0.10.1 | ||||
| Release:        0 | ||||
| Summary:        Verify certificates using OS trust stores | ||||
| License:        MIT | ||||
| URL:            https://github.com/sethmlarson/truststore | ||||
| Source:         https://github.com/sethmlarson/truststore/archive/refs/tags/v%{version}.tar.gz#/truststore-%{version}.tar.gz | ||||
| # PATCH-FEATURE-UPSTREAM no-network-testing.patch bsc#[0-9]+ mcepl@suse.com | ||||
| # skip tests requiring network access | ||||
| Patch0:         no-network-testing.patch | ||||
| BuildRequires:  %{python_module aiohttp} | ||||
| BuildRequires:  %{python_module flaky} | ||||
| BuildRequires:  %{python_module flit-core} | ||||
| BuildRequires:  %{python_module httpx} | ||||
| BuildRequires:  %{python_module pip} | ||||
| BuildRequires:  %{python_module pyOpenSSL} | ||||
| BuildRequires:  %{python_module pytest-asyncio} | ||||
| BuildRequires:  %{python_module pytest-httpserver} | ||||
| BuildRequires:  %{python_module pytest} | ||||
| @@ -61,12 +58,12 @@ considered experimental. | ||||
| %python_expand %fdupes %{buildroot}%{$python_sitelib} | ||||
|  | ||||
| %check | ||||
| %pytest -s -k 'not network' | ||||
| %pytest -s -k 'not internet and not test_wrong_host_succeeds_with_hostname_verification_disabled' | ||||
|  | ||||
| %files %{python_files} | ||||
| %doc README.md | ||||
| %license LICENSE | ||||
| %{python_sitelib}/truststore | ||||
| %{python_sitelib}/truststore-%{version}*-info | ||||
| %{python_sitelib}/truststore-%{version}.dist-info | ||||
|  | ||||
| %changelog | ||||
|   | ||||
							
								
								
									
										3
									
								
								truststore-0.10.1.tar.gz
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								truststore-0.10.1.tar.gz
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,3 @@ | ||||
| version https://git-lfs.github.com/spec/v1 | ||||
| oid sha256:a470d2763875f9b9a148d5726af330d15b65d2a83f70610c262de8888ee94b4e | ||||
| size 29120 | ||||
| @@ -1,3 +0,0 @@ | ||||
| version https://git-lfs.github.com/spec/v1 | ||||
| oid sha256:c862292f8d136bfcf2a7827a1fd1c1b27944a982741205fb466005673b570df8 | ||||
| size 25619 | ||||
		Reference in New Issue
	
	Block a user