Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-pyOpenSSL for
openSUSE:Factory checked in at 2023-06-21 22:37:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-pyOpenSSL (Old)
and /work/SRC/openSUSE:Factory/.python-pyOpenSSL.new.15902 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-pyOpenSSL"
Wed Jun 21 22:37:12 2023 rev:51 rq:1093835 version:23.2.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-pyOpenSSL/python-pyOpenSSL.changes
2023-04-22 22:00:12.477125876 +0200
+++
/work/SRC/openSUSE:Factory/.python-pyOpenSSL.new.15902/python-pyOpenSSL.changes
2023-06-21 22:37:26.553498556 +0200
@@ -1,0 +2,11 @@
+Mon Jun 19 20:25:32 UTC 2023 - Dirk Müller <[email protected]>
+
+- update to 23.2.0:
+ * Removed ``X509StoreFlags.NOTIFY_POLICY``.
+ * ``cryptography`` maximum version has been increased to
+ 41.0.x.
+ * Invalid versions are now rejected in
+ ``OpenSSL.crypto.X509Req.set_version``.
+ * Added ``X509VerificationCodes`` to ``OpenSSL.SSL``.
+
+-------------------------------------------------------------------
Old:
----
pyOpenSSL-23.1.1.tar.gz
New:
----
pyOpenSSL-23.2.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-pyOpenSSL.spec ++++++
--- /var/tmp/diff_new_pack.Pnh3w7/_old 2023-06-21 22:37:27.609504911 +0200
+++ /var/tmp/diff_new_pack.Pnh3w7/_new 2023-06-21 22:37:27.613504935 +0200
@@ -16,7 +16,6 @@
#
-%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%global flavor @BUILD_FLAVOR@%{nil}
%if "%{flavor}" == "test"
%define psuffix -test
@@ -25,10 +24,9 @@
%define psuffix %{nil}
%bcond_with test
%endif
-%global skip_python2 1
%{?sle15_python_module_pythons}
Name: python-pyOpenSSL%{psuffix}
-Version: 23.1.1
+Version: 23.2.0
Release: 0
Summary: Python wrapper module around the OpenSSL library
License: Apache-2.0
@@ -42,7 +40,7 @@
BuildRequires: fdupes
BuildRequires: python-rpm-macros
%if %{with test}
-BuildRequires: %{python_module cryptography >= 38.0.0 with
%python-cryptography < 41}
+BuildRequires: %{python_module cryptography >= 38.0.0 with
%python-cryptography < 42}
BuildRequires: %{python_module flaky}
BuildRequires: %{python_module pretend}
BuildRequires: %{python_module pyOpenSSL >= %version}
@@ -51,7 +49,7 @@
BuildRequires: openssl
%endif
Requires: python-cffi
-Requires: (python-cryptography >= 38.0.0 with python-cryptography < 41)
+Requires: (python-cryptography >= 38.0.0 with python-cryptography < 42)
Provides: pyOpenSSL = %{version}
BuildArch: noarch
%python_subpackages
++++++ pyOpenSSL-23.1.1.tar.gz -> pyOpenSSL-23.2.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/CHANGELOG.rst
new/pyOpenSSL-23.2.0/CHANGELOG.rst
--- old/pyOpenSSL-23.1.1/CHANGELOG.rst 2023-03-28 05:07:36.000000000 +0200
+++ new/pyOpenSSL-23.2.0/CHANGELOG.rst 2023-05-31 05:17:39.000000000 +0200
@@ -4,6 +4,26 @@
Versions are year-based with a strict backward-compatibility policy.
The third digit is only for regressions.
+23.2.0 (2023-05-30)
+-------------------
+
+Backward-incompatible changes:
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Removed ``X509StoreFlags.NOTIFY_POLICY``.
+ `#1213 <https://github.com/pyca/pyopenssl/pull/1213>`_.
+
+Deprecations:
+^^^^^^^^^^^^^
+
+Changes:
+^^^^^^^^
+
+- ``cryptography`` maximum version has been increased to 41.0.x.
+- Invalid versions are now rejected in ``OpenSSL.crypto.X509Req.set_version``.
+- Added ``X509VerificationCodes`` to ``OpenSSL.SSL``.
+ `#1202 <https://github.com/pyca/pyopenssl/pull/1202>`_.
+
23.1.1 (2023-03-28)
-------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/PKG-INFO
new/pyOpenSSL-23.2.0/PKG-INFO
--- old/pyOpenSSL-23.1.1/PKG-INFO 2023-03-28 05:09:15.759759400 +0200
+++ new/pyOpenSSL-23.2.0/PKG-INFO 2023-05-31 05:18:51.908789900 +0200
@@ -1,13 +1,12 @@
Metadata-Version: 2.1
Name: pyOpenSSL
-Version: 23.1.1
+Version: 23.2.0
Summary: Python wrapper module around the OpenSSL library
Home-page: https://pyopenssl.org/
Author: The pyOpenSSL developers
Author-email: [email protected]
License: Apache License, Version 2.0
Project-URL: Source, https://github.com/pyca/pyopenssl
-Platform: UNKNOWN
Classifier: Development Status :: 6 - Mature
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
@@ -82,6 +81,26 @@
Release Information
===================
+23.2.0 (2023-05-30)
+-------------------
+
+Backward-incompatible changes:
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Removed ``X509StoreFlags.NOTIFY_POLICY``.
+ `#1213 <https://github.com/pyca/pyopenssl/pull/1213>`_.
+
+Deprecations:
+^^^^^^^^^^^^^
+
+Changes:
+^^^^^^^^
+
+- ``cryptography`` maximum version has been increased to 41.0.x.
+- Invalid versions are now rejected in ``OpenSSL.crypto.X509Req.set_version``.
+- Added ``X509VerificationCodes`` to ``OpenSSL.SSL``.
+ `#1202 <https://github.com/pyca/pyopenssl/pull/1202>`_.
+
23.1.1 (2023-03-28)
-------------------
@@ -286,5 +305,3 @@
`Full changelog <https://pyopenssl.org/en/stable/changelog.html>`_.
-
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/doc/conf.py
new/pyOpenSSL-23.2.0/doc/conf.py
--- old/pyOpenSSL-23.1.1/doc/conf.py 2023-03-28 05:07:24.000000000 +0200
+++ new/pyOpenSSL-23.2.0/doc/conf.py 2023-04-29 03:22:33.000000000 +0200
@@ -251,6 +251,6 @@
man_pages = [("index", "pyopenssl", "pyOpenSSL Documentation", [authors], 1)]
intersphinx_mapping = {
- "https://docs.python.org/3": None,
- "https://cryptography.io/en/latest/": None,
+ "python": ("https://docs.python.org/3";, None),
+ "cryptography": ("https://cryptography.io/en/latest/";, None),
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/setup.cfg
new/pyOpenSSL-23.2.0/setup.cfg
--- old/pyOpenSSL-23.1.1/setup.cfg 2023-03-28 05:09:15.760071000 +0200
+++ new/pyOpenSSL-23.2.0/setup.cfg 2023-05-31 05:18:51.909044000 +0200
@@ -1,6 +1,5 @@
[tool:pytest]
-minversion = 3.0.1
-strict = true
+addopts = "-r s --strict-markers"
testpaths = tests
[metadata]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/setup.py
new/pyOpenSSL-23.2.0/setup.py
--- old/pyOpenSSL-23.1.1/setup.py 2023-03-28 05:07:24.000000000 +0200
+++ new/pyOpenSSL-23.2.0/setup.py 2023-05-31 05:17:39.000000000 +0200
@@ -98,7 +98,8 @@
package_dir={"": "src"},
install_requires=[
# Fix cryptographyMinimum in tox.ini when changing this!
- "cryptography>=38.0.0,<41",
+ # 40.0.0 and .1 are missing X509_V_* constants that we re-export.
+ "cryptography>=38.0.0,<42,!=40.0.0,!=40.0.1",
],
extras_require={
"test": ["flaky", "pretend", "pytest>=3.0.1"],
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/src/OpenSSL/SSL.py
new/pyOpenSSL-23.2.0/src/OpenSSL/SSL.py
--- old/pyOpenSSL-23.1.1/src/OpenSSL/SSL.py 2023-03-28 05:07:24.000000000
+0200
+++ new/pyOpenSSL-23.2.0/src/OpenSSL/SSL.py 2023-04-29 03:22:33.000000000
+0200
@@ -123,6 +123,7 @@
"Session",
"Context",
"Connection",
+ "X509VerificationCodes",
]
@@ -250,6 +251,113 @@
SSL_CB_HANDSHAKE_START = _lib.SSL_CB_HANDSHAKE_START
SSL_CB_HANDSHAKE_DONE = _lib.SSL_CB_HANDSHAKE_DONE
+
+class X509VerificationCodes:
+ """
+ Success and error codes for X509 verification, as returned by the
+ underlying ``X509_STORE_CTX_get_error()`` function and passed by pyOpenSSL
+ to verification callback functions.
+
+ See `OpenSSL Verification Errors
+
<https://www.openssl.org/docs/manmaster/man3/X509_verify_cert_error_string.html#ERROR-CODES>`_
+ for details.
+ """
+
+ OK = _lib.X509_V_OK
+ ERR_UNABLE_TO_GET_ISSUER_CERT = _lib.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT
+ ERR_UNABLE_TO_GET_CRL = _lib.X509_V_ERR_UNABLE_TO_GET_CRL
+ ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE = (
+ _lib.X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE
+ )
+ ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE = (
+ _lib.X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE
+ )
+ ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY = (
+ _lib.X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY
+ )
+ ERR_CERT_SIGNATURE_FAILURE = _lib.X509_V_ERR_CERT_SIGNATURE_FAILURE
+ ERR_CRL_SIGNATURE_FAILURE = _lib.X509_V_ERR_CRL_SIGNATURE_FAILURE
+ ERR_CERT_NOT_YET_VALID = _lib.X509_V_ERR_CERT_NOT_YET_VALID
+ ERR_CERT_HAS_EXPIRED = _lib.X509_V_ERR_CERT_HAS_EXPIRED
+ ERR_CRL_NOT_YET_VALID = _lib.X509_V_ERR_CRL_NOT_YET_VALID
+ ERR_CRL_HAS_EXPIRED = _lib.X509_V_ERR_CRL_HAS_EXPIRED
+ ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = (
+ _lib.X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD
+ )
+ ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = (
+ _lib.X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD
+ )
+ ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD = (
+ _lib.X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD
+ )
+ ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = (
+ _lib.X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD
+ )
+ ERR_OUT_OF_MEM = _lib.X509_V_ERR_OUT_OF_MEM
+ ERR_DEPTH_ZERO_SELF_SIGNED_CERT = (
+ _lib.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
+ )
+ ERR_SELF_SIGNED_CERT_IN_CHAIN = _lib.X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN
+ ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = (
+ _lib.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
+ )
+ ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = (
+ _lib.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
+ )
+ ERR_CERT_CHAIN_TOO_LONG = _lib.X509_V_ERR_CERT_CHAIN_TOO_LONG
+ ERR_CERT_REVOKED = _lib.X509_V_ERR_CERT_REVOKED
+ ERR_INVALID_CA = _lib.X509_V_ERR_INVALID_CA
+ ERR_PATH_LENGTH_EXCEEDED = _lib.X509_V_ERR_PATH_LENGTH_EXCEEDED
+ ERR_INVALID_PURPOSE = _lib.X509_V_ERR_INVALID_PURPOSE
+ ERR_CERT_UNTRUSTED = _lib.X509_V_ERR_CERT_UNTRUSTED
+ ERR_CERT_REJECTED = _lib.X509_V_ERR_CERT_REJECTED
+ ERR_SUBJECT_ISSUER_MISMATCH = _lib.X509_V_ERR_SUBJECT_ISSUER_MISMATCH
+ ERR_AKID_SKID_MISMATCH = _lib.X509_V_ERR_AKID_SKID_MISMATCH
+ ERR_AKID_ISSUER_SERIAL_MISMATCH = (
+ _lib.X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH
+ )
+ ERR_KEYUSAGE_NO_CERTSIGN = _lib.X509_V_ERR_KEYUSAGE_NO_CERTSIGN
+ ERR_UNABLE_TO_GET_CRL_ISSUER = _lib.X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER
+ ERR_UNHANDLED_CRITICAL_EXTENSION = (
+ _lib.X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION
+ )
+ ERR_KEYUSAGE_NO_CRL_SIGN = _lib.X509_V_ERR_KEYUSAGE_NO_CRL_SIGN
+ ERR_UNHANDLED_CRITICAL_CRL_EXTENSION = (
+ _lib.X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION
+ )
+ ERR_INVALID_NON_CA = _lib.X509_V_ERR_INVALID_NON_CA
+ ERR_PROXY_PATH_LENGTH_EXCEEDED = _lib.X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED
+ ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE = (
+ _lib.X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE
+ )
+ ERR_PROXY_CERTIFICATES_NOT_ALLOWED = (
+ _lib.X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED
+ )
+ ERR_INVALID_EXTENSION = _lib.X509_V_ERR_INVALID_EXTENSION
+ ERR_INVALID_POLICY_EXTENSION = _lib.X509_V_ERR_INVALID_POLICY_EXTENSION
+ ERR_NO_EXPLICIT_POLICY = _lib.X509_V_ERR_NO_EXPLICIT_POLICY
+ ERR_DIFFERENT_CRL_SCOPE = _lib.X509_V_ERR_DIFFERENT_CRL_SCOPE
+ ERR_UNSUPPORTED_EXTENSION_FEATURE = (
+ _lib.X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE
+ )
+ ERR_UNNESTED_RESOURCE = _lib.X509_V_ERR_UNNESTED_RESOURCE
+ ERR_PERMITTED_VIOLATION = _lib.X509_V_ERR_PERMITTED_VIOLATION
+ ERR_EXCLUDED_VIOLATION = _lib.X509_V_ERR_EXCLUDED_VIOLATION
+ ERR_SUBTREE_MINMAX = _lib.X509_V_ERR_SUBTREE_MINMAX
+ ERR_UNSUPPORTED_CONSTRAINT_TYPE = (
+ _lib.X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE
+ )
+ ERR_UNSUPPORTED_CONSTRAINT_SYNTAX = (
+ _lib.X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX
+ )
+ ERR_UNSUPPORTED_NAME_SYNTAX = _lib.X509_V_ERR_UNSUPPORTED_NAME_SYNTAX
+ ERR_CRL_PATH_VALIDATION_ERROR = _lib.X509_V_ERR_CRL_PATH_VALIDATION_ERROR
+ ERR_HOSTNAME_MISMATCH = _lib.X509_V_ERR_HOSTNAME_MISMATCH
+ ERR_EMAIL_MISMATCH = _lib.X509_V_ERR_EMAIL_MISMATCH
+ ERR_IP_ADDRESS_MISMATCH = _lib.X509_V_ERR_IP_ADDRESS_MISMATCH
+ ERR_APPLICATION_VERIFICATION = _lib.X509_V_ERR_APPLICATION_VERIFICATION
+
+
# Taken from https://golang.org/src/crypto/x509/root_linux.go
_CERTIFICATE_FILE_LOCATIONS = [
"/etc/ssl/certs/ca-certificates.crt", # Debian/Ubuntu/Gentoo etc.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/src/OpenSSL/crypto.py
new/pyOpenSSL-23.2.0/src/OpenSSL/crypto.py
--- old/pyOpenSSL-23.1.1/src/OpenSSL/crypto.py 2023-03-28 05:07:36.000000000
+0200
+++ new/pyOpenSSL-23.2.0/src/OpenSSL/crypto.py 2023-04-29 03:22:33.000000000
+0200
@@ -1010,6 +1010,12 @@
:param int version: The version number.
:return: ``None``
"""
+ if not isinstance(version, int):
+ raise TypeError("version must be an int")
+ if version != 0:
+ raise ValueError(
+ "Invalid version. The only valid version for X509Req is 0."
+ )
set_result = _lib.X509_REQ_set_version(self._req, version)
_openssl_assert(set_result == 1)
@@ -1639,7 +1645,6 @@
POLICY_CHECK: int = _lib.X509_V_FLAG_POLICY_CHECK
EXPLICIT_POLICY: int = _lib.X509_V_FLAG_EXPLICIT_POLICY
INHIBIT_MAP: int = _lib.X509_V_FLAG_INHIBIT_MAP
- NOTIFY_POLICY: int = _lib.X509_V_FLAG_NOTIFY_POLICY
CHECK_SS_SIGNATURE: int = _lib.X509_V_FLAG_CHECK_SS_SIGNATURE
PARTIAL_CHAIN: int = _lib.X509_V_FLAG_PARTIAL_CHAIN
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/src/OpenSSL/version.py
new/pyOpenSSL-23.2.0/src/OpenSSL/version.py
--- old/pyOpenSSL-23.1.1/src/OpenSSL/version.py 2023-03-28 05:07:36.000000000
+0200
+++ new/pyOpenSSL-23.2.0/src/OpenSSL/version.py 2023-05-31 05:17:39.000000000
+0200
@@ -17,7 +17,7 @@
"__version__",
]
-__version__ = "23.1.1"
+__version__ = "23.2.0"
__title__ = "pyOpenSSL"
__uri__ = "https://pyopenssl.org/";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/src/pyOpenSSL.egg-info/PKG-INFO
new/pyOpenSSL-23.2.0/src/pyOpenSSL.egg-info/PKG-INFO
--- old/pyOpenSSL-23.1.1/src/pyOpenSSL.egg-info/PKG-INFO 2023-03-28
05:09:15.000000000 +0200
+++ new/pyOpenSSL-23.2.0/src/pyOpenSSL.egg-info/PKG-INFO 2023-05-31
05:18:51.000000000 +0200
@@ -1,13 +1,12 @@
Metadata-Version: 2.1
Name: pyOpenSSL
-Version: 23.1.1
+Version: 23.2.0
Summary: Python wrapper module around the OpenSSL library
Home-page: https://pyopenssl.org/
Author: The pyOpenSSL developers
Author-email: [email protected]
License: Apache License, Version 2.0
Project-URL: Source, https://github.com/pyca/pyopenssl
-Platform: UNKNOWN
Classifier: Development Status :: 6 - Mature
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
@@ -82,6 +81,26 @@
Release Information
===================
+23.2.0 (2023-05-30)
+-------------------
+
+Backward-incompatible changes:
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Removed ``X509StoreFlags.NOTIFY_POLICY``.
+ `#1213 <https://github.com/pyca/pyopenssl/pull/1213>`_.
+
+Deprecations:
+^^^^^^^^^^^^^
+
+Changes:
+^^^^^^^^
+
+- ``cryptography`` maximum version has been increased to 41.0.x.
+- Invalid versions are now rejected in ``OpenSSL.crypto.X509Req.set_version``.
+- Added ``X509VerificationCodes`` to ``OpenSSL.SSL``.
+ `#1202 <https://github.com/pyca/pyopenssl/pull/1202>`_.
+
23.1.1 (2023-03-28)
-------------------
@@ -286,5 +305,3 @@
`Full changelog <https://pyopenssl.org/en/stable/changelog.html>`_.
-
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/src/pyOpenSSL.egg-info/requires.txt
new/pyOpenSSL-23.2.0/src/pyOpenSSL.egg-info/requires.txt
--- old/pyOpenSSL-23.1.1/src/pyOpenSSL.egg-info/requires.txt 2023-03-28
05:09:15.000000000 +0200
+++ new/pyOpenSSL-23.2.0/src/pyOpenSSL.egg-info/requires.txt 2023-05-31
05:18:51.000000000 +0200
@@ -1,4 +1,4 @@
-cryptography<41,>=38.0.0
+cryptography!=40.0.0,!=40.0.1,<42,>=38.0.0
[docs]
sphinx!=5.2.0,!=5.2.0.post0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/tests/test_crypto.py
new/pyOpenSSL-23.2.0/tests/test_crypto.py
--- old/pyOpenSSL-23.1.1/tests/test_crypto.py 2023-03-28 05:07:36.000000000
+0200
+++ new/pyOpenSSL-23.2.0/tests/test_crypto.py 2023-05-31 05:17:39.000000000
+0200
@@ -6,9 +6,9 @@
"""
import base64
import sys
+import warnings
from datetime import datetime, timedelta
from subprocess import PIPE, Popen
-from warnings import simplefilter
from cryptography import x509
from cryptography.hazmat.primitives import serialization
@@ -50,14 +50,15 @@
load_certificate,
load_certificate_request,
load_crl,
- load_pkcs12,
- load_pkcs7_data,
load_privatekey,
load_publickey,
sign,
verify,
)
+with pytest.warns(DeprecationWarning):
+ from OpenSSL.crypto import load_pkcs12, load_pkcs7_data
+
from .util import (
EqualityTestsMixin,
NON_ASCII,
@@ -1601,20 +1602,12 @@
"""
`X509Req.set_version` sets the X.509 version of the certificate
request. `X509Req.get_version` returns the X.509 version of the
- certificate request. The only defined version is 0. Others may or
- may not be supported depending on backend.
+ certificate request. The only defined version is 0.
"""
request = X509Req()
assert request.get_version() == 0
request.set_version(0)
assert request.get_version() == 0
- try:
- request.set_version(1)
- assert request.get_version() == 1
- request.set_version(3)
- assert request.get_version() == 3
- except Error:
- pass
def test_version_wrong_args(self):
"""
@@ -1624,6 +1617,8 @@
request = X509Req()
with pytest.raises(TypeError):
request.set_version("foo")
+ with pytest.raises(ValueError):
+ request.set_version(2)
def test_get_subject(self):
"""
@@ -2610,7 +2605,7 @@
b"pass:" + passwd,
)
with pytest.warns(DeprecationWarning) as w:
- simplefilter("always")
+ warnings.simplefilter("always")
p12 = load_pkcs12(p12_str, passphrase=b"whatever".decode("ascii"))
msg = "{0} for passphrase is no longer accepted, use bytes".format(
WARNING_TYPE_EXPECTED
@@ -2829,7 +2824,7 @@
p12 = self.gen_pkcs12(server_cert_pem, server_key_pem, root_cert_pem)
with pytest.warns(DeprecationWarning) as w:
- simplefilter("always")
+ warnings.simplefilter("always")
dumped_p12 = p12.export(passphrase=b"randomtext".decode("ascii"))
msg = "{0} for passphrase is no longer accepted, use bytes".format(
WARNING_TYPE_EXPECTED
@@ -3684,8 +3679,8 @@
not emit a deprecation warning.
"""
crl = self._get_crl()
- with pytest.warns(None) as catcher:
- simplefilter("always")
+ with warnings.catch_warnings(record=True) as catcher:
+ warnings.simplefilter("always")
assert 0 == len(catcher)
dumped_crl = crl.export(self.cert, self.pkey, digest=b"md5")
text = _runopenssl(dumped_crl, b"crl", b"-noout", b"-text")
@@ -4374,14 +4369,14 @@
cert = load_certificate(FILETYPE_PEM, root_cert_pem)
for digest in ["md5", "sha1", "sha256"]:
with pytest.warns(DeprecationWarning) as w:
- simplefilter("always")
+ warnings.simplefilter("always")
sig = sign(priv_key, content, digest)
assert "{0} for data is no longer accepted, use bytes".format(
WARNING_TYPE_EXPECTED
) == str(w[-1].message)
with pytest.warns(DeprecationWarning) as w:
- simplefilter("always")
+ warnings.simplefilter("always")
verify(cert, sig, content, digest)
assert "{0} for data is no longer accepted, use bytes".format(
WARNING_TYPE_EXPECTED
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/tests/test_ssl.py
new/pyOpenSSL-23.2.0/tests/test_ssl.py
--- old/pyOpenSSL-23.1.1/tests/test_ssl.py 2023-03-28 05:07:24.000000000
+0200
+++ new/pyOpenSSL-23.2.0/tests/test_ssl.py 2023-05-31 05:17:39.000000000
+0200
@@ -2769,7 +2769,7 @@
ctx = Context(TLSv1_2_METHOD)
ctx.use_privatekey(key)
ctx.use_certificate(cert)
- ctx.set_session_id("unity-test")
+ ctx.set_session_id(b"unity-test")
def makeServer(socket):
server = Connection(ctx, socket)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pyOpenSSL-23.1.1/tox.ini new/pyOpenSSL-23.2.0/tox.ini
--- old/pyOpenSSL-23.1.1/tox.ini 2023-03-28 05:07:36.000000000 +0200
+++ new/pyOpenSSL-23.2.0/tox.ini 2023-04-29 03:22:33.000000000 +0200
@@ -1,5 +1,5 @@
[tox]
-envlist =
py{py,py3,36,37,38,39,310,311}{,-cryptographyMain,-cryptographyMinimum}{,-useWheel}{,-randomorder},py37-twistedTrunk,check-manifest,flake8,py36-mypy,docs,coverage-report
+envlist =
py{py,py3,36,37,38,39,310,311}{,-cryptographyMinimum}{,-useWheel}{,-randomorder},py311-twistedTrunk,check-manifest,flake8,py311-mypy,docs,coverage-report
[testenv]
allowlist_externals =
@@ -18,7 +18,6 @@
test
deps =
coverage>=4.2
- cryptographyMain: git+https://github.com/pyca/cryptography.git
cryptographyMinimum: cryptography==38.0.0
randomorder: pytest-randomly
setenv =
@@ -28,18 +27,19 @@
PIP_NO_BINARY=cryptography
useWheel: PIP_NO_BINARY=
commands =
+ cryptographyMain: pip install -U
git+https://github.com/pyca/cryptography.git
openssl version
coverage run --parallel -m OpenSSL.debug
coverage run --parallel -m pytest -v {posargs}
-[testenv:py37-twistedTrunk]
+[testenv:py311-twistedTrunk]
deps =
+ pyasn1!=0.5.0
Twisted[all_non_platform] @ git+https://github.com/twisted/twisted
setenv =
commands =
- python -c "import OpenSSL.SSL;
print(OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_VERSION))"
- python -c "import cryptography; print(cryptography.__version__)"
- python -m twisted.trial --reporter=text twisted
+ python -m OpenSSL.debug
+ python -m twisted.trial -j4 --reporter=text twisted
[testenv:flake8]
basepython = python3
@@ -52,9 +52,9 @@
black --check .
flake8 .
-[testenv:py36-mypy]
+[testenv:py311-mypy]
deps =
- mypy==0.950
+ mypy==1.1.1
skip_install = true
commands =
mypy src
++++++ skip-networked-test.patch ++++++
--- /var/tmp/diff_new_pack.Pnh3w7/_old 2023-06-21 22:37:27.821506186 +0200
+++ /var/tmp/diff_new_pack.Pnh3w7/_new 2023-06-21 22:37:27.825506211 +0200
@@ -1,8 +1,8 @@
-Index: pyOpenSSL-22.1.0/tests/test_ssl.py
+Index: pyOpenSSL-23.2.0/tests/test_ssl.py
===================================================================
---- pyOpenSSL-22.1.0.orig/tests/test_ssl.py
-+++ pyOpenSSL-22.1.0/tests/test_ssl.py
-@@ -1244,6 +1244,7 @@ class TestContext:
+--- pyOpenSSL-23.2.0.orig/tests/test_ssl.py
++++ pyOpenSSL-23.2.0/tests/test_ssl.py
+@@ -1252,6 +1252,7 @@ class TestContext:
reason="set_default_verify_paths appears not to work on Windows. "
"See LP#404343 and LP#404344.",
)
@@ -10,20 +10,20 @@
def test_set_default_verify_paths(self):
"""
`Context.set_default_verify_paths` causes the platform-specific CA
-Index: pyOpenSSL-22.1.0/setup.cfg
+Index: pyOpenSSL-23.2.0/setup.cfg
===================================================================
---- pyOpenSSL-22.1.0.orig/setup.cfg
-+++ pyOpenSSL-22.1.0/setup.cfg
-@@ -2,6 +2,8 @@
- minversion = 3.0.1
- strict = true
+--- pyOpenSSL-23.2.0.orig/setup.cfg
++++ pyOpenSSL-23.2.0/setup.cfg
+@@ -1,6 +1,8 @@
+ [tool:pytest]
+ addopts = "-r s --strict-markers"
testpaths = tests
+markers =
+ network: test case requires network connection
[metadata]
license_file = LICENSE
-@@ -16,4 +18,3 @@ doc_files = doc/_build/html
+@@ -15,4 +17,3 @@ doc_files = doc/_build/html
[egg_info]
tag_build =
tag_date = 0
