Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
systemsmanagement:saltstack:bundle:testing
saltbundlepy-pyopenssl
saltbundlepy-pyopenssl.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File saltbundlepy-pyopenssl.changes of Package saltbundlepy-pyopenssl
------------------------------------------------------------------- Fri Aug 2 08:28:18 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com> - Make the module compatible with older OpenSSL versions not having `X509_CRL_set1_lastUpdate` and `X509_CRL_set1_nextUpdate` defined by using `X509_CRL_set_lastUpdate` and `X509_CRL_set_nextUpdate` instead. - Added: * fix-missing-X509_CRL_set1_lastUpdate-_nextUpdate.patch ------------------------------------------------------------------- Mon May 6 13:50:55 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com> - Make the module compatible with older OpenSSL versions not having `ASN1_STRING_get0_data` defined by using `ASN1_STRING_data` instead. - Added: * fix-missing-ASN1_STRING_get0_data-in-old-openssl.patch ------------------------------------------------------------------- Wed Dec 27 12:35:24 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com> - Fix utils.deprecation issues with old OpenSSL version (reverts https://github.com/pyca/pyopenssl/pull/1140) - Added: * revert_switch_to_new_utils_deprecation.patch ------------------------------------------------------------------- Thu Dec 14 15:22:39 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com> - Update to 23.2.0: * Removed ``X509StoreFlags.NOTIFY_POLICY``. * ``cryptography`` maximum version has been increased to 41.0.x. * Invalid versions are now rejected in ``OpenSSL.crypto.X509Req.set_version``. * Added ``X509VerificationCodes`` to ``OpenSSL.SSL``. - Update to 23.1.1: * Worked around an issue in OpenSSL 3.1.0 which caused `X509Extension.get_short_name` to raise an exception when no short name was known to OpenSSL. - Update to 23.1.0: * ``cryptography`` maximum version has been increased to 40.0.x. * Add ``OpenSSL.SSL.Connection.DTLSv1_get_timeout`` and ``OpenSSL.SSL.Connection.DTLSv1_handle_timeout`` to support DTLS timeouts `#1180 - Update to 23.0.0: * Add ``OpenSSL.SSL.X509StoreFlags.PARTIAL_CHAIN`` constant to allow for users to perform certificate verification on partial certificate chains. * ``cryptography`` maximum version has been increased to 39.0.x. - Update to 22.1.0: * Remove support for SSLv2 and SSLv3. * The minimum ``cryptography`` version is now 37.0.2. * The ``OpenSSL.crypto.X509StoreContextError`` exception has been refactored, changing its internal attributes. * Add ``OpenSSL.SSL.Connection.set_verify`` and ``OpenSSL.SSL.Connection.get_verify_mode`` to override the context object's verification flags. * Add ``OpenSSL.SSL.Connection.use_certificate`` and ``OpenSSL.SSL.Connection.use_privatekey`` to set a certificate per connection (and not just per context) - Update to 22.0.0: * Drop support for Python 2.7. * The minimum ``cryptography`` version is now 35.0. * Expose wrappers for some `DTLS <https://en.wikipedia.org/wiki/Datagram_Transport_Layer_Security>`_ primitives. - Update to 21.0.0 (bsc#1200771, jsc#SLE-24519): * The minimum ``cryptography`` version is now 3.3. * Drop support for Python 3.5 * Raise an error when an invalid ALPN value is set. * Added ``OpenSSL.SSL.Context.set_min_proto_version`` and ``OpenSSL.SSL.Context.set_max_proto_version`` * Updated ``to_cryptography`` and ``from_cryptography`` methods to support an upcoming release of ``cryptography`` without raising deprecation warnings. - Modified: * skip-networked-test.patch ------------------------------------------------------------------- Fri Jul 22 08:55:57 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com> - update to 20.0.1: - Fixed compatibility with OpenSSL 1.1.0. - Adjust metadata for skip-networked-test.patch and refer to the proper upstream ticket gh#pyca/pyopenssl#68. - Update to v20.0.0 - Backward-incompatible changes: - The minimum cryptography version is now 3.2. - Remove deprecated OpenSSL.tsafe module. - Removed deprecated OpenSSL.SSL.Context.set_npn_advertise_callback, OpenSSL.SSL.Context.set_npn_select_callback, and OpenSSL.SSL.Connection.get_next_proto_negotiated. - Drop support for Python 3.4 - Drop support for OpenSSL 1.0.1 and 1.0.2 - Deprecations: - Deprecated OpenSSL.crypto.loads_pkcs7 and OpenSSL.crypto.loads_pkcs12. - Changes: - Added a new optional chain parameter to OpenSSL.crypto.X509StoreContext() where additional untrusted certificates can be specified to help chain building. #948 - Added OpenSSL.crypto.X509Store.load_locations to set trusted certificate file bundles and/or directories for verification. #943 - Added Context.set_keylog_callback to log key material. #910 - Added OpenSSL.SSL.Connection.get_verified_chain to retrieve the verified certificate chain of the peer. #894. - Make verification callback optional in Context.set_verify. If omitted, OpenSSL’s default verification is used. #933 - Fixed a bug that could truncate or cause a zero-length key error due to a null byte in private key passphrase in OpenSSL.crypto.load_privatekey and OpenSSL.crypto.dump_privatekey. #947 - Drop patch fix-compilation-2020.patch: no longer needed - Update to v19.1 * Removed deprecated aliases ContextType, ConnectionType, PKeyType, X509NameType, X509ReqType, X509Type, X509StoreType, CRLType, PKCS7Type, PKCS12Type, and NetscapeSPKIType. Use the classes without the ``Type`` suffix instead. * The minimum ``cryptography`` version is now 2.8 * Deprecated ``OpenSSL.SSL.Context.set_npn_advertise_callback, OpenSSL.SSL.Context.set_npn_select_callback, and OpenSSL.SSL.Connection.get_next_proto_negotiated ALPN should be used instead. * Support bytearray in SSL.Connection.send() by using cffi's from_buffer * The OpenSSL.SSL.Context.set_alpn_select_callback can return a new NO_OVERLAPPING_PROTOCOLS sentinel value to allow a TLS handshake to complete without an application protocol. - Added: * pyOpenSSL-20.0.1.tar.gz - Modified: * skip-networked-test.patch - Removed: * pyOpenSSL-19.0.0.tar.gz * fix-compilation-2020.patch ------------------------------------------------------------------- Mon Apr 4 12:56:47 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com> - Strictly require Python 3.10 with saltbundlepy requrement ------------------------------------------------------------------- Thu Aug 22 12:02:59 UTC 2019 - Bernhard Wiedemann <bwiedemann@suse.com> - Add fix-compilation-2020.patch to fix tests after 2020 ------------------------------------------------------------------- Thu Mar 7 15:53:31 UTC 2019 - John Vandenberg <jayvdb@gmail.com> - Remove no longer necessary pytest argument -k "not test_export_text" ------------------------------------------------------------------- Sat Mar 2 16:29:39 UTC 2019 - Ondřej Súkup <mimi.vx@gmail.com> - update to 19.0 - fixed build deps. - drop patches: openssl-1.1.0i.patch openssl-1.1.1.patch opensuse_ca.patch tls13-renegotiation.patch * X509Store.add_cert no longer raises an error if you add a duplicate cert. * pyOpenSSL now works with OpenSSL 1.1.1. * pyOpenSSL now handles NUL bytes in X509Name.get_components() ------------------------------------------------------------------- Fri Mar 1 18:06:10 UTC 2019 - Hans-Peter Jansen <hpj@urpla.net> - remove everything to build docs: - local-intersphinx-inventories.patch - fetch-intersphinx-inventories.sh - python3.inv - crypto.inv ------------------------------------------------------------------- Mon Feb 25 19:56:35 UTC 2019 - Todd R <toddrme2178@gmail.com> - Add fetch-intersphinx-inventories.sh to sources ------------------------------------------------------------------- Sat Feb 2 18:56:14 UTC 2019 - Hans-Peter Jansen <hpj@urpla.net> - add local-intersphinx-inventories.patch for generating the docs correctly - add fetch-intersphinx-inventories.sh to fetch the inventories ------------------------------------------------------------------- Tue Oct 30 13:41:43 UTC 2018 - Vítězslav Čížek <vcizek@suse.com> - handle that renegotiation is forbidden in TLS 1.3 * add tls13-renegotiation.patch ------------------------------------------------------------------- Tue Oct 30 11:21:30 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com> - Add patch to fix issues with openssl 1.1.1: * openssl-1.1.1.patch - Drop the downstream fix_test_suite.patch ------------------------------------------------------------------- Tue Oct 30 01:06:28 CET 2018 - mcepl@suse.com - Add patch fix_test_suite.patch to allow test suite to pass with OpenSSL 1.1.1. ------------------------------------------------------------------- Fri Oct 5 14:31:59 UTC 2018 - Vítězslav Čížek <vcizek@suse.com> - OpenSSL changed X509_STORE_add_cert in 1.1.0i such that it no longer raises an error if a duplicate cert is added (bsc#1110435) * https://github.com/pyca/pyopenssl/pull/787 * add X509_STORE_add_cert.patch ------------------------------------------------------------------- Fri Aug 24 09:08:36 UTC 2018 - tchvatal@suse.com - Add patch to work with openssl 1.1.0i+: * openssl-1.1.0i.patch ------------------------------------------------------------------- Thu Aug 16 15:48:21 UTC 2018 - tchvatal@suse.com - Update to 18.0.0: * Update for new openssl 1.1.1 - Remove not needed patches: * bug-lp-1265482.diff * rsa128-i586.patch ------------------------------------------------------------------- Thu Jun 14 14:41:50 UTC 2018 - hpj@urpla.net - add missing python-cffi dependency ------------------------------------------------------------------- Tue Feb 27 19:20:19 UTC 2018 - aplanas@suse.com - Use %__python3 macro to call Python 3 binary ------------------------------------------------------------------- Fri Feb 2 11:36:18 UTC 2018 - tchvatal@suse.com - Update to 17.5.0: * The minimum cryptography version is now 2.1.4. * Fixed various memory leaks * Various fuzz fixes * See CHANGELOG.rst ------------------------------------------------------------------- Wed Aug 23 05:26:31 UTC 2017 - tbechtold@suse.com - update to 17.2.0: - Deprecated ``OpenSSL.rand`` - callers should use ``os.urandom()`` instead. - Fixed a bug causing ``Context.set_default_verify_paths()`` to not work with cryptography ``manylinux1`` wheels on Python 3.x. - Fixed a crash with (EC)DSA signatures in some cases. - Removed the deprecated ``OpenSSL.rand.egd()`` function. Applications should prefer ``os.urandom()`` for random number generation. - Removed the deprecated default ``digest`` argument to ``OpenSSL.crypto.CRL.export()``. Callers must now always pass an explicit ``digest``. - Fixed a bug with ``ASN1_TIME`` casting in ``X509.set_notBefore()``, ``X509.set_notAfter()``, ``Revoked.set_rev_date()``, ``Revoked.set_nextUpdate()``, and ``Revoked.set_lastUpdate()``. You must now pass times in the form ``YYYYMMDDhhmmssZ``. ``YYYYMMDDhhmmss+hhmm`` and ``YYYYMMDDhhmmss-hhmm`` will no longer work. `#612 <https://github.com/pyca/pyopenssl/pull/612>`_ - Deprecated the legacy "Type" aliases: ``ContextType``, ``ConnectionType``, ``PKeyType``, ``X509NameType``, ``X509ExtensionType``, ``X509ReqType``, ``X509Type``, ``X509StoreType``, ``CRLType``, ``PKCS7Type``, ``PKCS12Type``, ``NetscapeSPKIType``. The names without the "Type"-suffix should be used instead. - Added ``OpenSSL.crypto.X509.from_cryptography()`` and ``OpenSSL.crypto.X509.to_cryptography()`` for converting X.509 certificate to and from pyca/cryptography objects. - Added ``OpenSSL.crypto.X509Req.from_cryptography()``, ``OpenSSL.crypto.X509Req.to_cryptography()``, ``OpenSSL.crypto.CRL.from_cryptography()``, and ``OpenSSL.crypto.CRL.to_cryptography()`` for converting X.509 CSRs and CRLs to and from pyca/cryptography objects. - Added ``OpenSSL.debug`` that allows to get an overview of used library versions (including linked OpenSSL) and other useful runtime information using ``python -m OpenSSL.debug``. - Added a fallback path to ``Context.set_default_verify_paths()`` to accommodate the upcoming release of ``cryptography`` ``manylinux1`` wheels. - Drop python-pyOpenSSL=replace-expired-cert.patch . Applied upstream. - Drop python-pyOpenSSL-always-overflow.patch. Applied upstream. ------------------------------------------------------------------- Thu Aug 10 11:38:17 CEST 2017 - ro@suse.de - add patch to always trigger overflow in the testsuite (gh#pyca/pyopenssl#657) b3460c6a9a45a016d1ab65c149c606fa3f07096d python-pyOpenSSL-always-overflow.patch ------------------------------------------------------------------- Tue Jun 13 07:05:41 UTC 2017 - dimstar@opensuse.org - Add python-pyOpenSSL=replace-expired-cert.patch: the root cert expired, mking the test suite fail. Replace the certificate with a new one, valid for 20 years (gh#pyca/pyopenssl#637). ------------------------------------------------------------------- Fri May 5 21:32:55 UTC 2017 - toddrme2178@gmail.com - Fix Provides/Obsoletes. ------------------------------------------------------------------- Wed Apr 26 14:20:27 UTC 2017 - toddrme2178@gmail.com - Implement single-spec version - Fix source URL - Update to 17.0.0 * Added ``OpenSSL.X509Store.set_time()`` to set a custom verification time when verifying certificate chains. * Added a collection of functions for working with OCSP stapling. None of these functions make it possible to validate OCSP assertions, only to staple them into the handshake and to retrieve the stapled assertion if provided. Users will need to write their own code to handle OCSP assertions. We specifically added: ``Context.set_ocsp_server_callback``, ``Context.set_ocsp_client_callback``, and ``Connection.request_ocsp``. * Changed the ``SSL`` module's memory allocation policy to avoid zeroing memory it allocates when unnecessary. This reduces CPU usage and memory allocation time by an amount proportional to the size of the allocation. For applications that process a lot of TLS data or that use very lage allocations this can provide considerable performance improvements. * Automatically set ``SSL_CTX_set_ecdh_auto()`` on ``OpenSSL.SSL.Context``. - Fix empty exceptions from ``OpenSSL.crypto.load_privatekey()``. - Rebase bug-lp-1265482.diff - Rebase rsa128-i586.patch - Rebase skip-networked-test.patch ------------------------------------------------------------------- Wed Nov 16 07:46:25 UTC 2016 - dmueller@suse.com - fix source url ------------------------------------------------------------------- Tue Nov 15 09:39:09 UTC 2016 - mlin@suse.com - Change source url to pypi.io * version 16.2.0 source tarball failed to download from pypi.python.org ------------------------------------------------------------------- Mon Nov 14 08:46:18 UTC 2016 - mlin@suse.com - Update to 16.2.0 * Deprecations ** Dropped support for OpenSSL 0.9.8. * Changes ** Fix memory leak in OpenSSL.crypto.dump_privatekey() with FILETYPE_TEXT. #496 ** Enable use of CRL (and more) in verify context. #483 ** OpenSSL.crypto.PKey can now be constructed from cryptography objects and also exported as such. #439 ** Support newer versions of cryptography which use opaque structs for OpenSSL 1.1.0 compatibility. ** Fixed compatibility errors with OpenSSL 1.1.0. ** Fixed an issue that caused failures with subinterpreters and embedded Pythons. #552 ------------------------------------------------------------------- Mon May 16 15:29:16 UTC 2016 - jmatejek@suse.com - added %check section with testsuite - skip-networked-test.patch - mark a test as networked so that we can specify non-network test run - rsa128-i586.patch - sidestep a crasher bug on 32bit platforms by generating reasonably-sized RSA keys instead of small 128bit ones ------------------------------------------------------------------- Mon May 9 09:54:12 UTC 2016 - hpj@urpla.net - update to 16.0.0 Backward-incompatible changes: * Python 3.2 support has been dropped. It never had significant real world usage and has been dropped by our main dependency cryptography. Affected users should upgrade to Python 3.3 or later. Deprecations: * The support for EGD has been removed. The only affected function OpenSSL.rand.egd() now uses os.urandom() to seed the internal PRNG instead. Please see pyca/cryptography#1636 for more background information on this decision. In accordance with our backward compatibility policy OpenSSL.rand.egd() will be removed no sooner than a year from the release of 16.0.0. * Please note that you should use urandom for all your secure random number needs. * Python 2.6 support has been deprecated. Our main dependency cryptography deprecated 2.6 in version 0.9 (2015-05-14) with no time table for actually dropping it. pyOpenSSL will drop Python 2.6 support once cryptography does. Changes: * Fixed OpenSSL.SSL.Context.set_session_id, OpenSSL.SSL.Connection.renegotiate, OpenSSL.SSL.Connection.renegotiate_pending, and OpenSSL.SSL.Context.load_client_ca. They were lacking an implementation since 0.14. #422 * Fixed segmentation fault when using keys larger than 4096-bit to sign data. #428 * Fixed AttributeError when OpenSSL.SSL.Connection.get_app_data() was called before setting any app data. #304 * Added OpenSSL.crypto.dump_publickey() to dump OpenSSL.crypto.PKey objects that represent public keys, and OpenSSL.crypto.load_publickey() to load such objects from serialized representations. #382 * Added OpenSSL.crypto.dump_crl() to dump a certificate revocation list out to a string buffer. #368 * Added OpenSSL.SSL.Connection.get_state_string() using the OpenSSL binding state_string_long. #358 * Added support for the socket.MSG_PEEK flag to OpenSSL.SSL.Connection.recv() and OpenSSL.SSL.Connection.recv_into(). #294 * Added OpenSSL.SSL.Connection.get_protocol_version() and OpenSSL.SSL.Connection.get_protocol_version_name(). #244 * Switched to utf8string mask by default. OpenSSL formerly defaulted to a T61String if there were UTF-8 characters present. This was changed to default to UTF8String in the config around 2005, but the actual code didn’t change it until late last year. This will default us to the setting that actually works. To revert this you can call OpenSSL.crypto._lib.ASN1_STRING_set_default_mask_asc(b"default"). #234 - fixed paths in bug-lp-1265482.diff - fixed doc generation - spec clean up ------------------------------------------------------------------- Tue Jul 14 13:07:00 UTC 2015 - toddrme2178@gmail.com - Fix building on SLES 11 ------------------------------------------------------------------- Wed Apr 22 09:50:09 UTC 2015 - mcihar@suse.cz - Do not hardcode version in file list ------------------------------------------------------------------- Wed Apr 22 09:42:53 UTC 2015 - mcihar@suse.cz - udapte to 0.15.1 * OpenSSL/SSL.py, OpenSSL/test/test_ssl.py: Fix a regression present in 0.15, where when an error occurs and no errno() is set, a KeyError is raised. This happens, for example, if Connection.shutdown() is called when the underlying transport has gone away. * OpenSSL/rand.py, OpenSSL/SSL.py: APIs which previously accepted filenames only as bytes now accept them as either bytes or unicode (and respect sys.getfilesystemencoding()). * OpenSSL/SSL.py: Add Cory Benfield's next-protocol-negotiation (NPN) bindings. * OpenSSL/SSL.py: Add ``Connection.recv_into``, mirroring the builtin ``socket.recv_into``. Based on work from Cory Benfield. * OpenSSL/test/test_ssl.py: Add tests for ``recv_into``. * OpenSSL/crypto.py: Expose ``X509StoreContext`` for verifying certificates. * OpenSSL/test/test_crypto.py: Add intermediate certificates for * OpenSSL/SSL.py: ``Connection.shutdown`` now propagates errors from the underlying socket. * OpenSSL/SSL.py: Fixed a regression ``Context.check_privatekey`` causing it to always succeed - even if it should fail. * OpenSSL/crypto.py: Fixed a regression where calling ``load_pkcs7_data`` with ``FILETYPE_ASN1`` would fail with a ``NameError``. * OpenSSL/SSL.py: Fix a regression in which the first argument of ------------------------------------------------------------------- Mon Feb 24 12:58:58 UTC 2014 - mvyskocil@suse.com - update to 0.14 * Support for TLSv1.1 and TLSv1.2 * First-class support for PyPy * New flags, such as MODE_RELEASE_BUFFERS and OP_NO_COMPRESSION * Some APIs to access to the SSL session cache * A variety of bug fixes for error handling cases * Documentation has been converted from LaTeX + python-pyOpenSSL-doc is now build from single spec file * pyOpenSSL now depends on cryptography, so it became pure-python module + changed to noarch package, add proper dependencies * Development moved to github + changed Url tag respectivelly - refreshed bug-lp-1265482.diff ------------------------------------------------------------------- Thu Jan 2 11:17:23 UTC 2014 - dmueller@suse.com -Add bug-lp-1265482.diff; fix testsuite for SLE11 (bnc#855666) ------------------------------------------------------------------- Fri Sep 13 14:02:43 UTC 2013 - jmatejek@suse.com - update to 0.13.1 * fixes NUL byte handling in subjectAltName (bnc#839107, CVE-2013-4314) ------------------------------------------------------------------- Fri Apr 5 07:54:12 UTC 2013 - speilicke@suse.com - Package LICENSE ------------------------------------------------------------------- Mon Jul 9 18:34:08 PDT 2012 - msuman@opensuse.org - Update to version 0.13 * Add OPENSSL_VERSION_NUMBER, SSLeay_version and related constants for retrieving version information about the underlying OpenSSL library. * Support OpenSSL 1.0.0a and related changes. * Remove SSLv2 support if the underlying OpenSSL library does not provide it. * Add a new method to the X509 type, get_signature_algorithm. * Add a new method to the Connection type, get_peer_cert_chain. * Add the PKey.check method to verify the internal consistency of a PKey instance. * Bug fixes. ------------------------------------------------------------------- Thu Sep 1 08:48:23 UTC 2011 - saschpe@suse.de - Changed license to Apache-2.0, to fix bnc#715423 ------------------------------------------------------------------- Wed Aug 31 14:21:58 UTC 2011 - saschpe@suse.de - Initial version, obsoletes 'python-openssl': * Builds properly on all SUSE version * Has real HTML documentation
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor