./security/py-OpenSSL, Python interface to the OpenSSL library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 24.3.0, Package name: py312-OpenSSL-24.3.0, Maintainer: pkgsrc-users

pyOpenSSL is a Python module that is a rather thin wrapper around (a
subset of) the OpenSSL library. A lot of the object methods do
nothing more than call a corresponding function in the OpenSSL
library.


Required to run:
[security/openssl] [devel/py-setuptools] [lang/py-six] [security/py-cryptography] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 174.75 KB

Version history: (Expand)


CVS history: (Expand)


   2024-11-28 14:23:11 by Adam Ciarcinski | Files touched by this commit (1)
Log message:
py-OpenSSL: remove unused patch
   2024-11-28 14:21:55 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-OpenSSL: updated to 24.3.0

24.3.0 (2024-11-27)

Backward-incompatible changes:

- Removed the deprecated ``OpenSSL.crypto.CRL``, ``OpenSSL.crypto.Revoked``, \ 
``OpenSSL.crypto.dump_crl``, and ``OpenSSL.crypto.load_crl``. \ 
``cryptography.x509``'s CRL functionality should be used instead.
- Removed the deprecated ``OpenSSL.crypto.sign`` and ``OpenSSL.crypto.verify``. \ 
``cryptography.hazmat.primitives.asymmetric``'s signature APIs should be used \ 
instead.

Deprecations:

- Deprecated ``OpenSSL.rand`` - callers should use ``os.urandom()`` instead.
- Deprecated ``add_extensions`` and ``get_extensions`` on \ 
``OpenSSL.crypto.X509Req`` and ``OpenSSL.crypto.X509``. These should have been \ 
deprecated at the same time ``X509Extension`` was. Users should use \ 
pyca/cryptography's X.509 APIs instead.
- Deprecated ``OpenSSL.crypto.get_elliptic_curves`` and \ 
``OpenSSL.crypto.get_elliptic_curve``, as well as passing the reult of them to \ 
``OpenSSL.SSL.Context.set_tmp_ecdh``, users should instead pass curves from \ 
``cryptography``.
- Deprecated passing ``X509`` objects to \ 
``OpenSSL.SSL.Context.use_certificate``, \ 
``OpenSSL.SSL.Connection.use_certificate``, \ 
``OpenSSL.SSL.Context.add_extra_chain_cert``, and \ 
``OpenSSL.SSL.Context.add_client_ca``, users should instead pass \ 
``cryptography.x509.Certificate`` instances. This is in preparation for \ 
deprecating pyOpenSSL's ``X509`` entirely.
- Deprecated passing ``PKey`` objects to ``OpenSSL.SSL.Context.use_privatekey`` \ 
and ``OpenSSL.SSL.Connection.use_privatekey``, users should instead pass \ 
``cryptography`` priate key instances. This is in preparation for deprecating \ 
pyOpenSSL's ``PKey`` entirely.

Changes:

* ``cryptography`` maximum version has been increased to 44.0.x.
* ``OpenSSL.SSL.Connection.get_certificate``, \ 
``OpenSSL.SSL.Connection.get_peer_certificate``, \ 
``OpenSSL.SSL.Connection.get_peer_cert_chain``, and \ 
``OpenSSL.SSL.Connection.get_verified_chain`` now take an ``as_cryptography`` \ 
keyword-argument. When ``True`` is passed then ``cryptography.x509.Certificate`` \ 
are returned, instead of ``OpenSSL.crypto.X509``. In the future, passing \ 
``False`` (the default) will be deprecated.
   2024-11-11 08:29:31 by Thomas Klausner | Files touched by this commit (862)
Log message:
py-*: remove unused tool dependency

py-setuptools includes the py-wheel functionality nowadays
   2024-07-21 11:02:03 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
py-OpenSSL: update to 24.2.1.

24.2.1 (2024-07-20)
-------------------

Changes:
^^^^^^^^

- Fixed changelog to remove sphinx specific restructured text strings.

24.2.0 (2024-07-20)
-------------------

Deprecations:
^^^^^^^^^^^^^

- Deprecated ``OpenSSL.crypto.X509Req``, \ 
``OpenSSL.crypto.load_certificate_request``, \ 
``OpenSSL.crypto.dump_certificate_request``. Instead, \ 
``cryptography.x509.CertificateSigningRequest``, \ 
``cryptography.x509.CertificateSigningRequestBuilder``, \ 
``cryptography.x509.load_der_x509_csr``, or \ 
``cryptography.x509.load_pem_x509_csr`` should be used.

Changes:
^^^^^^^^

- Added type hints for the ``SSL`` module.
  `#1308 <https://github.com/pyca/pyopenssl/pull/1308>`_.
- Changed ``OpenSSL.crypto.PKey.from_cryptography_key`` to accept public and \ 
private EC, ED25519, ED448 keys.
  `#1310 <https://github.com/pyca/pyopenssl/pull/1310>`_.
   2024-03-11 07:54:28 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-OpenSSL: updated to 24.1.0

24.1.0 (2024-03-09)

Backward-incompatible changes:

* Removed the deprecated ``OpenSSL.crypto.PKCS12`` and
  ``OpenSSL.crypto.NetscapeSPKI``. ``OpenSSL.crypto.PKCS12`` may be replaced
  by the PKCS#12 APIs in the ``cryptography`` package.
   2024-01-23 07:34:36 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-OpenSSL: updated to 24.0.0

24.0.0 (2024-01-22)

Changes:
- Added ``OpenSSL.SSL.Connection.get_selected_srtp_profile`` to determine which \ 
SRTP profile was negotiated.
   2023-10-26 08:32:57 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-OpenSSL: updated to 23.3.0

23.3.0 (2023-10-25)
-------------------

Backward-incompatible changes:

- Dropped support for Python 3.6.
- The minimum ``cryptography`` version is now 41.0.5.
- Removed ``OpenSSL.crypto.loads_pkcs7`` and ``OpenSSL.crypto.loads_pkcs12`` \ 
which had been deprecated for 3 years.
- Added ``OpenSSL.SSL.OP_LEGACY_SERVER_CONNECT`` to allow legacy insecure \ 
renegotiation between OpenSSL and unpatched servers.

Deprecations:

- Deprecated ``OpenSSL.crypto.PKCS12`` (which was intended to have been \ 
deprecated at the same time as ``OpenSSL.crypto.load_pkcs12``).
- Deprecated ``OpenSSL.crypto.NetscapeSPKI``.
- Deprecated ``OpenSSL.crypto.CRL``
- Deprecated ``OpenSSL.crypto.Revoked``
- Deprecated ``OpenSSL.crypto.load_crl`` and ``OpenSSL.crypto.dump_crl``
- Deprecated ``OpenSSL.crypto.sign`` and ``OpenSSL.crypto.verify``
- Deprecated ``OpenSSL.crypto.X509Extension``

Changes:

- Changed ``OpenSSL.crypto.X509Store.add_crl`` to also accept
  ``cryptography``'s ``x509.CertificateRevocationList`` arguments in addition
  to the now deprecated ``OpenSSL.crypto.CRL`` arguments.
- Fixed ``test_set_default_verify_paths`` test so that it is skipped if no
  network connection is available.
   2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298)
Log message:
*: bump for openssl 3