subset of) the OpenSSL library. A lot of the object methods do
2024-11-28 14:23:11 by Adam Ciarcinski | Files touched by this commit (1) |
Log message:
py-OpenSSL: remove unused patch
|
2024-11-28 14:21:55 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
py-OpenSSL: updated to 24.3.0
24.3.0 (2024-11-27)
Backward-incompatible changes:
- Removed the deprecated ``OpenSSL.crypto.CRL``, ``OpenSSL.crypto.Revoked``, \
``OpenSSL.crypto.dump_crl``, and ``OpenSSL.crypto.load_crl``. \
``cryptography.x509``'s CRL functionality should be used instead.
- Removed the deprecated ``OpenSSL.crypto.sign`` and ``OpenSSL.crypto.verify``. \
``cryptography.hazmat.primitives.asymmetric``'s signature APIs should be used \
instead.
Deprecations:
- Deprecated ``OpenSSL.rand`` - callers should use ``os.urandom()`` instead.
- Deprecated ``add_extensions`` and ``get_extensions`` on \
``OpenSSL.crypto.X509Req`` and ``OpenSSL.crypto.X509``. These should have been \
deprecated at the same time ``X509Extension`` was. Users should use \
pyca/cryptography's X.509 APIs instead.
- Deprecated ``OpenSSL.crypto.get_elliptic_curves`` and \
``OpenSSL.crypto.get_elliptic_curve``, as well as passing the reult of them to \
``OpenSSL.SSL.Context.set_tmp_ecdh``, users should instead pass curves from \
``cryptography``.
- Deprecated passing ``X509`` objects to \
``OpenSSL.SSL.Context.use_certificate``, \
``OpenSSL.SSL.Connection.use_certificate``, \
``OpenSSL.SSL.Context.add_extra_chain_cert``, and \
``OpenSSL.SSL.Context.add_client_ca``, users should instead pass \
``cryptography.x509.Certificate`` instances. This is in preparation for \
deprecating pyOpenSSL's ``X509`` entirely.
- Deprecated passing ``PKey`` objects to ``OpenSSL.SSL.Context.use_privatekey`` \
and ``OpenSSL.SSL.Connection.use_privatekey``, users should instead pass \
``cryptography`` priate key instances. This is in preparation for deprecating \
pyOpenSSL's ``PKey`` entirely.
Changes:
* ``cryptography`` maximum version has been increased to 44.0.x.
* ``OpenSSL.SSL.Connection.get_certificate``, \
``OpenSSL.SSL.Connection.get_peer_certificate``, \
``OpenSSL.SSL.Connection.get_peer_cert_chain``, and \
``OpenSSL.SSL.Connection.get_verified_chain`` now take an ``as_cryptography`` \
keyword-argument. When ``True`` is passed then ``cryptography.x509.Certificate`` \
are returned, instead of ``OpenSSL.crypto.X509``. In the future, passing \
``False`` (the default) will be deprecated.
|
2024-11-11 08:29:31 by Thomas Klausner | Files touched by this commit (862) |
Log message:
py-*: remove unused tool dependency
py-setuptools includes the py-wheel functionality nowadays
|
2024-07-21 11:02:03 by Thomas Klausner | Files touched by this commit (3) | |
Log message:
py-OpenSSL: update to 24.2.1.
24.2.1 (2024-07-20)
-------------------
Changes:
^^^^^^^^
- Fixed changelog to remove sphinx specific restructured text strings.
24.2.0 (2024-07-20)
-------------------
Deprecations:
^^^^^^^^^^^^^
- Deprecated ``OpenSSL.crypto.X509Req``, \
``OpenSSL.crypto.load_certificate_request``, \
``OpenSSL.crypto.dump_certificate_request``. Instead, \
``cryptography.x509.CertificateSigningRequest``, \
``cryptography.x509.CertificateSigningRequestBuilder``, \
``cryptography.x509.load_der_x509_csr``, or \
``cryptography.x509.load_pem_x509_csr`` should be used.
Changes:
^^^^^^^^
- Added type hints for the ``SSL`` module.
`#1308 <https://github.com/pyca/pyopenssl/pull/1308>`_.
- Changed ``OpenSSL.crypto.PKey.from_cryptography_key`` to accept public and \
private EC, ED25519, ED448 keys.
`#1310 <https://github.com/pyca/pyopenssl/pull/1310>`_.
|
2024-03-11 07:54:28 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
py-OpenSSL: updated to 24.1.0
24.1.0 (2024-03-09)
Backward-incompatible changes:
* Removed the deprecated ``OpenSSL.crypto.PKCS12`` and
``OpenSSL.crypto.NetscapeSPKI``. ``OpenSSL.crypto.PKCS12`` may be replaced
by the PKCS#12 APIs in the ``cryptography`` package.
|
2024-01-23 07:34:36 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
py-OpenSSL: updated to 24.0.0
24.0.0 (2024-01-22)
Changes:
- Added ``OpenSSL.SSL.Connection.get_selected_srtp_profile`` to determine which \
SRTP profile was negotiated.
|
2023-10-26 08:32:57 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
py-OpenSSL: updated to 23.3.0
23.3.0 (2023-10-25)
-------------------
Backward-incompatible changes:
- Dropped support for Python 3.6.
- The minimum ``cryptography`` version is now 41.0.5.
- Removed ``OpenSSL.crypto.loads_pkcs7`` and ``OpenSSL.crypto.loads_pkcs12`` \
which had been deprecated for 3 years.
- Added ``OpenSSL.SSL.OP_LEGACY_SERVER_CONNECT`` to allow legacy insecure \
renegotiation between OpenSSL and unpatched servers.
Deprecations:
- Deprecated ``OpenSSL.crypto.PKCS12`` (which was intended to have been \
deprecated at the same time as ``OpenSSL.crypto.load_pkcs12``).
- Deprecated ``OpenSSL.crypto.NetscapeSPKI``.
- Deprecated ``OpenSSL.crypto.CRL``
- Deprecated ``OpenSSL.crypto.Revoked``
- Deprecated ``OpenSSL.crypto.load_crl`` and ``OpenSSL.crypto.dump_crl``
- Deprecated ``OpenSSL.crypto.sign`` and ``OpenSSL.crypto.verify``
- Deprecated ``OpenSSL.crypto.X509Extension``
Changes:
- Changed ``OpenSSL.crypto.X509Store.add_crl`` to also accept
``cryptography``'s ``x509.CertificateRevocationList`` arguments in addition
to the now deprecated ``OpenSSL.crypto.CRL`` arguments.
- Fixed ``test_set_default_verify_paths`` test so that it is skipped if no
network connection is available.
|
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|