| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: python311-pyOpenSSL | Distribution: SUSE Linux Enterprise 15 |
| Version: 23.2.0 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 150400.3.6.9 | Build date: Wed Oct 4 00:34:50 2023 |
| Group: Unspecified | Build host: h03-ch2a |
| Size: 559789 | Source RPM: python-pyOpenSSL-23.2.0-150400.3.6.9.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://github.com/pyca/pyopenssl | |
| Summary: Python wrapper module around the OpenSSL library | |
pyOpenSSL is a set of Python bindings for OpenSSL. It includes some low-level cryptography APIs but is primarily focused on providing an API for using the TLS protocol from Python. pyOpenSSL is now a pure-Python project with a dependency on a new project, cryptography (<https://github.com/pyca/cryptography>), which provides (among other things) a cffi-based interface to OpenSSL.
Apache-2.0
* Mon Jun 19 2023 dmueller@suse.com
- update to 23.2.0:
* Removed ``X509StoreFlags.NOTIFY_POLICY``.
* ``cryptography`` maximum version has been increased to
41.0.x.
* Invalid versions are now rejected in
``OpenSSL.crypto.X509Req.set_version``.
* Added ``X509VerificationCodes`` to ``OpenSSL.SSL``.
* Fri Apr 21 2023 dmueller@suse.com
- add sle15_python_module_pythons (jsc#PED-68)
* Thu Apr 13 2023 mcepl@suse.com
- Make calling of %{sle15modernpython} optional.
* Tue Mar 28 2023 dmueller@suse.com
- update to 23.1.1:
* Worked around an issue in OpenSSL 3.1.0 which caused
`X509Extension.get_short_name` to raise an exception when no
short name was known to OpenSSL.
* Mon Mar 27 2023 dmueller@suse.com
- update to 23.1.0:
* ``cryptography`` maximum version has been increased to
40.0.x.
* Add ``OpenSSL.SSL.Connection.DTLSv1_get_timeout`` and
``OpenSSL.SSL.Connection.DTLSv1_handle_timeout``
to support DTLS timeouts `#1180
* Mon Jan 02 2023 dmueller@suse.com
- update to 23.0.0:
* Add ``OpenSSL.SSL.X509StoreFlags.PARTIAL_CHAIN`` constant to allow for
users
to perform certificate verification on partial certificate chains.
* ``cryptography`` maximum version has been increased to 39.0.x.
- drop pyOpenSSL-pr1158-conditional-__all__.patch (upstream)
* Fri Oct 21 2022 code@bnavigator.de
- Upstream post-release doc fix (gh#pyca/pyopenssl#1150)
* The minimum cryptography version is now 38.0.x (and we now pin
releases against cryptography major versions to prevent future
breakage)
- Add pyOpenSSL-pr1158-conditional-__all__.patch
gh#pyca/pyopenssl#1158
* Thu Sep 29 2022 dmueller@suse.com
- update to 22.1.0:
* Remove support for SSLv2 and SSLv3.
* The minimum ``cryptography`` version is now 37.0.2.
* The ``OpenSSL.crypto.X509StoreContextError`` exception has been refactored,
changing its internal attributes.
* Add ``OpenSSL.SSL.Connection.set_verify`` and ``OpenSSL.SSL.Connection.get_verify_mode``
to override the context object's verification flags.
* Add ``OpenSSL.SSL.Connection.use_certificate`` and
``OpenSSL.SSL.Connection.use_privatekey``
to set a certificate per connection (and not just per context)
* Wed Jun 01 2022 steven.kowalik@suse.com
- Shift BuildRequires on openssl, it's only required for tests.
* Fri Feb 04 2022 dmueller@suse.com
- update to 22.0.0:
- Drop support for Python 2.7.
- The minimum ``cryptography`` version is now 35.0.
- Expose wrappers for some `DTLS
<https://en.wikipedia.org/wiki/Datagram_Transport_Layer_Security>`_
primitives.
- drop check_inv_ALPN_lists.patch: upstream
* Thu Dec 09 2021 steven.kowalik@suse.com
- Inject multibuild to avoid a build loop.
* Sat Oct 30 2021 mcepl@suse.com
- Add check_inv_ALPN_lists.patch checks for invalid ALPN lists
before calling OpenSSL (gh#pyca/pyopenssl#1056).
* Tue Oct 26 2021 dmueller@suse.com
- update to 21.0.0 (bsc#1200771, jsc#SLE-24519):
- The minimum ``cryptography`` version is now 3.3.
- Drop support for Python 3.5
- Raise an error when an invalid ALPN value is set.
- Added ``OpenSSL.SSL.Context.set_min_proto_version`` and ``OpenSSL.SSL.Context.set_max_proto_version``
- Updated ``to_cryptography`` and ``from_cryptography`` methods to support an
upcoming release of ``cryptography`` without raising deprecation warnings.
* Mon Feb 01 2021 dmueller@suse.com
- update to 20.0.1:
- Fixed compatibility with OpenSSL 1.1.0.
* Tue Dec 22 2020 mcepl@suse.com
- Adjust metadata for skip-networked-test.patch and refer to the proper
upstream ticket gh#pyca/pyopenssl#68.
* Fri Dec 11 2020 mcepl@suse.com
- According to gh#pyca/pyopenssl#684 tests must run with TZ=UTC, also
skip test_verify_with_time on %ix86.
* Wed Dec 09 2020 mrueckert@suse.de
- Update to v20.0.0
- Backward-incompatible changes:
- The minimum cryptography version is now 3.2.
- Remove deprecated OpenSSL.tsafe module.
- Removed deprecated
OpenSSL.SSL.Context.set_npn_advertise_callback,
OpenSSL.SSL.Context.set_npn_select_callback, and
OpenSSL.SSL.Connection.get_next_proto_negotiated.
- Drop support for Python 3.4
- Drop support for OpenSSL 1.0.1 and 1.0.2
- Deprecations:
- Deprecated OpenSSL.crypto.loads_pkcs7 and
OpenSSL.crypto.loads_pkcs12.
- Changes:
- Added a new optional chain parameter to
OpenSSL.crypto.X509StoreContext() where additional untrusted
certificates can be specified to help chain building. #948
- Added OpenSSL.crypto.X509Store.load_locations to set trusted
certificate file bundles and/or directories for verification.
[#943]
- Added Context.set_keylog_callback to log key material. #910
- Added OpenSSL.SSL.Connection.get_verified_chain to retrieve
the verified certificate chain of the peer. #894.
- Make verification callback optional in Context.set_verify. If
omitted, OpenSSL’s default verification is used. #933
- Fixed a bug that could truncate or cause a zero-length key
error due to a null byte in private key passphrase in
OpenSSL.crypto.load_privatekey and
OpenSSL.crypto.dump_privatekey. #947
- drop patch fix-compilation-2020.patch: no longer needed
- refreshed patch skip-networked-test.patch
* Tue Feb 18 2020 jayvdb@gmail.com
- Update to v19.1
* Removed deprecated aliases ContextType, ConnectionType, PKeyType, X509NameType,
X509ReqType, X509Type, X509StoreType, CRLType, PKCS7Type, PKCS12Type, and NetscapeSPKIType.
Use the classes without the ``Type`` suffix instead.
* The minimum ``cryptography`` version is now 2.8
* Deprecated ``OpenSSL.SSL.Context.set_npn_advertise_callback,
OpenSSL.SSL.Context.set_npn_select_callback, and
OpenSSL.SSL.Connection.get_next_proto_negotiated
ALPN should be used instead.
* Support bytearray in SSL.Connection.send() by using cffi's from_buffer
* The OpenSSL.SSL.Context.set_alpn_select_callback can return a new
NO_OVERLAPPING_PROTOCOLS sentinel value to allow a TLS handshake
to complete without an application protocol.
* Thu Aug 22 2019 bwiedemann@suse.com
- Add fix-compilation-2020.patch to fix tests after 2020
* Thu Mar 07 2019 jayvdb@gmail.com
- Remove no longer necessary pytest argument -k "not test_export_text"
* Sat Mar 02 2019 mimi.vx@gmail.com
- update to 19.0
- fixed build deps.
- drop patches: openssl-1.1.0i.patch
openssl-1.1.1.patch
opensuse_ca.patch
tls13-renegotiation.patch
* X509Store.add_cert no longer raises an error if you add a duplicate cert.
* pyOpenSSL now works with OpenSSL 1.1.1.
* pyOpenSSL now handles NUL bytes in X509Name.get_components()
* Fri Mar 01 2019 hpj@urpla.net
- remove everything to build docs:
- local-intersphinx-inventories.patch
- fetch-intersphinx-inventories.sh
- python3.inv
- crypto.inv
* Mon Feb 25 2019 toddrme2178@gmail.com
- Add fetch-intersphinx-inventories.sh to sources
* Sat Feb 02 2019 hpj@urpla.net
- add local-intersphinx-inventories.patch for generating the docs
correctly
- add fetch-intersphinx-inventories.sh to fetch the inventories
* Tue Oct 30 2018 vcizek@suse.com
- handle that renegotiation is forbidden in TLS 1.3
* add tls13-renegotiation.patch
* Tue Oct 30 2018 tchvatal@suse.com
- Add patch to fix issues with openssl 1.1.1:
* openssl-1.1.1.patch
- Drop the downstream fix_test_suite.patch
* Tue Oct 30 2018 mcepl@suse.com
- Add patch fix_test_suite.patch to allow test suite to pass with
OpenSSL 1.1.1.
* Fri Oct 05 2018 vcizek@suse.com
- OpenSSL changed X509_STORE_add_cert in 1.1.0i such that it no longer
raises an error if a duplicate cert is added (bsc#1110435)
* https://github.com/pyca/pyopenssl/pull/787
* add X509_STORE_add_cert.patch
* Fri Aug 24 2018 tchvatal@suse.com
- Add patch to work with openssl 1.1.0i+:
* openssl-1.1.0i.patch
* Thu Aug 16 2018 tchvatal@suse.com
- Update to 18.0.0:
* Update for new openssl 1.1.1
- Remove not needed patches:
* bug-lp-1265482.diff
* rsa128-i586.patch
* Thu Jun 14 2018 hpj@urpla.net
- add missing python-cffi dependency
* Tue Feb 27 2018 aplanas@suse.com
- Use %__python3 macro to call Python 3 binary
* Fri Feb 02 2018 tchvatal@suse.com
- Update to 17.5.0:
* The minimum cryptography version is now 2.1.4.
* Fixed various memory leaks
* Various fuzz fixes
* See CHANGELOG.rst
* Wed Aug 23 2017 tbechtold@suse.com
- update to 17.2.0:
- Deprecated ``OpenSSL.rand`` - callers should use ``os.urandom()`` instead.
- Fixed a bug causing ``Context.set_default_verify_paths()`` to not work with
cryptography ``manylinux1`` wheels on Python 3.x.
- Fixed a crash with (EC)DSA signatures in some cases.
- Removed the deprecated ``OpenSSL.rand.egd()`` function.
Applications should prefer ``os.urandom()`` for random number generation.
- Removed the deprecated default ``digest`` argument to ``OpenSSL.crypto.CRL.export()``.
Callers must now always pass an explicit ``digest``.
- Fixed a bug with ``ASN1_TIME`` casting in ``X509.set_notBefore()``,
``X509.set_notAfter()``, ``Revoked.set_rev_date()``, ``Revoked.set_nextUpdate()``,
and ``Revoked.set_lastUpdate()``. You must now pass times in the form
``YYYYMMDDhhmmssZ``. ``YYYYMMDDhhmmss+hhmm`` and ``YYYYMMDDhhmmss-hhmm``
will no longer work. `#612 <https://github.com/pyca/pyopenssl/pull/612>`_
- Deprecated the legacy "Type" aliases: ``ContextType``, ``ConnectionType``,
``PKeyType``, ``X509NameType``, ``X509ExtensionType``, ``X509ReqType``,
``X509Type``, ``X509StoreType``, ``CRLType``, ``PKCS7Type``, ``PKCS12Type``,
``NetscapeSPKIType``.
The names without the "Type"-suffix should be used instead.
- Added ``OpenSSL.crypto.X509.from_cryptography()`` and ``OpenSSL.crypto.X509.to_cryptography()``
for converting X.509 certificate to and from pyca/cryptography objects.
- Added ``OpenSSL.crypto.X509Req.from_cryptography()``, ``OpenSSL.crypto.X509Req.to_cryptography()``,
``OpenSSL.crypto.CRL.from_cryptography()``, and ``OpenSSL.crypto.CRL.to_cryptography()``
for converting X.509 CSRs and CRLs to and from pyca/cryptography objects.
- Added ``OpenSSL.debug`` that allows to get an overview of used library versions
(including linked OpenSSL) and other useful runtime information using
``python -m OpenSSL.debug``.
- Added a fallback path to ``Context.set_default_verify_paths()`` to accommodate
the upcoming release of ``cryptography`` ``manylinux1`` wheels.
- Drop python-pyOpenSSL=replace-expired-cert.patch . Applied upstream.
- Drop python-pyOpenSSL-always-overflow.patch. Applied upstream.
* Thu Aug 10 2017 ro@suse.de
- add patch to always trigger overflow in the testsuite
(gh#pyca/pyopenssl#657) b3460c6a9a45a016d1ab65c149c606fa3f07096d
python-pyOpenSSL-always-overflow.patch
* Tue Jun 13 2017 dimstar@opensuse.org
- Add python-pyOpenSSL=replace-expired-cert.patch: the root cert
expired, mking the test suite fail. Replace the certificate with
a new one, valid for 20 years (gh#pyca/pyopenssl#637).
* Fri May 05 2017 toddrme2178@gmail.com
- Fix Provides/Obsoletes.
* Wed Apr 26 2017 toddrme2178@gmail.com
- Implement single-spec version
- Fix source URL
- Update to 17.0.0
* Added ``OpenSSL.X509Store.set_time()`` to set a custom
verification time when verifying certificate chains.
* Added a collection of functions for working with OCSP stapling.
None of these functions make it possible to validate OCSP
assertions, only to staple them into the handshake and to
retrieve the stapled assertion if provided.
Users will need to write their own code to handle OCSP
assertions.
We specifically added: ``Context.set_ocsp_server_callback``,
``Context.set_ocsp_client_callback``, and
``Connection.request_ocsp``.
* Changed the ``SSL`` module's memory allocation policy to
avoid zeroing memory it allocates when unnecessary.
This reduces CPU usage and memory allocation time by an amount
proportional to the size of the allocation.
For applications that process a lot of TLS data or that use
very lage allocations this can provide considerable performance
improvements.
* Automatically set ``SSL_CTX_set_ecdh_auto()`` on
``OpenSSL.SSL.Context``.
- Fix empty exceptions from ``OpenSSL.crypto.load_privatekey()``.
- Rebase bug-lp-1265482.diff
- Rebase rsa128-i586.patch
- Rebase skip-networked-test.patch
* Wed Nov 16 2016 dmueller@suse.com
- fix source url
* Tue Nov 15 2016 mlin@suse.com
- Change source url to pypi.io
* version 16.2.0 source tarball failed to download from pypi.python.org
* Mon Nov 14 2016 mlin@suse.com
- Update to 16.2.0
* Deprecations
* * Dropped support for OpenSSL 0.9.8.
* Changes
* * Fix memory leak in OpenSSL.crypto.dump_privatekey() with FILETYPE_TEXT. #496
* * Enable use of CRL (and more) in verify context. #483
* * OpenSSL.crypto.PKey can now be constructed from cryptography objects and also
exported as such. #439
* * Support newer versions of cryptography which use opaque structs for OpenSSL
1.1.0 compatibility.
* * Fixed compatibility errors with OpenSSL 1.1.0.
* * Fixed an issue that caused failures with subinterpreters and embedded Pythons.
[#552]
* Mon May 16 2016 jmatejek@suse.com
- added %check section with testsuite
- skip-networked-test.patch - mark a test as networked so that we can
specify non-network test run
- rsa128-i586.patch - sidestep a crasher bug on 32bit platforms
by generating reasonably-sized RSA keys instead of small 128bit ones
* Mon May 09 2016 hpj@urpla.net
- update to 16.0.0
Backward-incompatible changes:
* Python 3.2 support has been dropped. It never had significant real world
usage and has been dropped by our main dependency cryptography. Affected
users should upgrade to Python 3.3 or later.
Deprecations:
* The support for EGD has been removed. The only affected function
OpenSSL.rand.egd() now uses os.urandom() to seed the internal PRNG instead.
Please see pyca/cryptography#1636 for more background information on this
decision. In accordance with our backward compatibility policy
OpenSSL.rand.egd() will be removed no sooner than a year from the release of
16.0.0.
* Please note that you should use urandom for all your secure random number
needs.
* Python 2.6 support has been deprecated. Our main dependency cryptography
deprecated 2.6 in version 0.9 (2015-05-14) with no time table for actually
dropping it. pyOpenSSL will drop Python 2.6 support once cryptography does.
Changes:
* Fixed OpenSSL.SSL.Context.set_session_id, OpenSSL.SSL.Connection.renegotiate,
OpenSSL.SSL.Connection.renegotiate_pending, and
OpenSSL.SSL.Context.load_client_ca. They were lacking an implementation since
0.14. #422
* Fixed segmentation fault when using keys larger than 4096-bit to sign data.
[#428]
* Fixed AttributeError when OpenSSL.SSL.Connection.get_app_data() was called
before setting any app data. #304
* Added OpenSSL.crypto.dump_publickey() to dump OpenSSL.crypto.PKey objects
that represent public keys, and OpenSSL.crypto.load_publickey() to load such
objects from serialized representations. #382
* Added OpenSSL.crypto.dump_crl() to dump a certificate revocation list out to
a string buffer. #368
* Added OpenSSL.SSL.Connection.get_state_string() using the OpenSSL binding
state_string_long. #358
* Added support for the socket.MSG_PEEK flag to OpenSSL.SSL.Connection.recv()
and OpenSSL.SSL.Connection.recv_into(). #294
* Added OpenSSL.SSL.Connection.get_protocol_version() and
OpenSSL.SSL.Connection.get_protocol_version_name(). #244
* Switched to utf8string mask by default. OpenSSL formerly defaulted to a
T61String if there were UTF-8 characters present. This was changed to
default to UTF8String in the config around 2005, but the actual code didn’t
change it until late last year. This will default us to the setting that
actually works. To revert this you can call
OpenSSL.crypto._lib.ASN1_STRING_set_default_mask_asc(b"default"). #234
- fixed paths in bug-lp-1265482.diff
- fixed doc generation
- spec clean up
* Tue Jul 14 2015 toddrme2178@gmail.com
- Fix building on SLES 11
* Wed Apr 22 2015 mcihar@suse.cz
- Do not hardcode version in file list
* Wed Apr 22 2015 mcihar@suse.cz
- udapte to 0.15.1
* OpenSSL/SSL.py, OpenSSL/test/test_ssl.py: Fix a regression
present in 0.15, where when an error occurs and no errno() is set,
a KeyError is raised. This happens, for example, if
Connection.shutdown() is called when the underlying transport has
gone away.
* OpenSSL/rand.py, OpenSSL/SSL.py: APIs which previously accepted
filenames only as bytes now accept them as either bytes or
unicode (and respect sys.getfilesystemencoding()).
* OpenSSL/SSL.py: Add Cory Benfield's next-protocol-negotiation
(NPN) bindings.
* OpenSSL/SSL.py: Add ``Connection.recv_into``, mirroring the
builtin ``socket.recv_into``. Based on work from Cory Benfield.
* OpenSSL/test/test_ssl.py: Add tests for ``recv_into``.
* OpenSSL/crypto.py: Expose ``X509StoreContext`` for verifying certificates.
* OpenSSL/test/test_crypto.py: Add intermediate certificates for
* OpenSSL/SSL.py: ``Connection.shutdown`` now propagates errors from the
underlying socket.
* OpenSSL/SSL.py: Fixed a regression ``Context.check_privatekey``
causing it to always succeed - even if it should fail.
* OpenSSL/crypto.py: Fixed a regression where calling ``load_pkcs7_data``
with ``FILETYPE_ASN1`` would fail with a ``NameError``.
* OpenSSL/SSL.py: Fix a regression in which the first argument of
/usr/lib/python3.11/site-packages/OpenSSL /usr/lib/python3.11/site-packages/OpenSSL/SSL.py /usr/lib/python3.11/site-packages/OpenSSL/__init__.py /usr/lib/python3.11/site-packages/OpenSSL/__pycache__ /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/SSL.cpython-311.opt-1.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/SSL.cpython-311.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/__init__.cpython-311.opt-1.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/__init__.cpython-311.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/_util.cpython-311.opt-1.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/_util.cpython-311.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/crypto.cpython-311.opt-1.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/crypto.cpython-311.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/debug.cpython-311.opt-1.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/debug.cpython-311.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/rand.cpython-311.opt-1.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/rand.cpython-311.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/version.cpython-311.opt-1.pyc /usr/lib/python3.11/site-packages/OpenSSL/__pycache__/version.cpython-311.pyc /usr/lib/python3.11/site-packages/OpenSSL/_util.py /usr/lib/python3.11/site-packages/OpenSSL/crypto.py /usr/lib/python3.11/site-packages/OpenSSL/debug.py /usr/lib/python3.11/site-packages/OpenSSL/rand.py /usr/lib/python3.11/site-packages/OpenSSL/version.py /usr/lib/python3.11/site-packages/pyOpenSSL-23.2.0-py3.11.egg-info /usr/lib/python3.11/site-packages/pyOpenSSL-23.2.0-py3.11.egg-info/PKG-INFO /usr/lib/python3.11/site-packages/pyOpenSSL-23.2.0-py3.11.egg-info/SOURCES.txt /usr/lib/python3.11/site-packages/pyOpenSSL-23.2.0-py3.11.egg-info/dependency_links.txt /usr/lib/python3.11/site-packages/pyOpenSSL-23.2.0-py3.11.egg-info/requires.txt /usr/lib/python3.11/site-packages/pyOpenSSL-23.2.0-py3.11.egg-info/top_level.txt /usr/share/doc/packages/python311-pyOpenSSL /usr/share/doc/packages/python311-pyOpenSSL/CHANGELOG.rst /usr/share/doc/packages/python311-pyOpenSSL/CODE_OF_CONDUCT.rst /usr/share/doc/packages/python311-pyOpenSSL/CONTRIBUTING.rst /usr/share/doc/packages/python311-pyOpenSSL/INSTALL.rst /usr/share/doc/packages/python311-pyOpenSSL/README.rst /usr/share/licenses/python311-pyOpenSSL /usr/share/licenses/python311-pyOpenSSL/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Apr 26 23:30:45 2024