| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Misc CI cleanups
- Update branch names to match upstream
- Drop py2 testing
* Appease stricter checking in latest Sphinx to get CI passing again
* Don't accidentally delete an important line from tox.ini
* Give py2 support a brief stay of execution
As requested by @reaperhulk on IRC
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add Context.set_*_proto_version, fix #860
* docs: add new openssl tls methods
* accept the fact that nothing can be taken for granted
* bump minimum required cryptography version to 3.3
* drop support for Python 3.5
* use binary wheels for cryptography
* Revert "use binary wheels for cryptography"
This reverts commit 91a04c612ed1d0dd9fd541dfefe21cac7c25b1c1.
* docker ci: compile cryptography with rust
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Tox.ini; Test on Python 3.9 and make flake8 stricter
* max-line-length = 88
* Remove unused import
* Update tox.ini
* Use PEP8 line length
* Use PEP8 line length
|
|
|
|
|
|
|
| |
* Drop CI for OpenSSL 1.0.2
* Delete code for coverage reasons
* Bump minimum cryptography version
|
|
|
| |
* fixed tests for twisted change
|
| |
|
| |
|
|
|
|
|
| |
* Uhhh, fix twisted tests to actually run twisted (wat)
* Update tox.ini
|
| |
|
|
|
|
|
|
|
| |
Users with older cryptography (and hence potentially older asn1crypto, a
transitive dependency) are seeing a serious bug on macOS catalina due to
the way older asn1crypto loads a shared library. While this isn't a
pyOpenSSL bug bumping this dep might prevent the bug from impacting
some users.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fix openssl CLI testing for 1.1.1
* various 1.1.1 related fixes
some of which are just admitting TLS 1.3 is fundamentally different and
pinning the tests to TLS 1.2
* flake8 fixes
* allow travis_infra env var through
* fix twisted
|
| |
|
|
|
|
|
|
|
|
| |
* Added py37 to travis
* Added py37 trove classifier
* Added py37 to tox
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
* fix a memory leak and a potential UAF and also #722
* sanity check
* bump cryptography minimum version, add changelog
|
| |
|
|
|
|
|
|
| |
* move deps to extras
* this file is gone
|
|
|
|
|
|
| |
* FIxed #266 -- attempt to deflake our tests
* typo
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* try loading trusted certs from a list of fallbacks
pyca/cryptography will shortly begin shipping a wheel. Since
SSL_CTX_set_default_verify_paths uses a hardcoded path compiled into the
library, this will start failing to load the proper certificates for
users on many linux distributions. To avoid this we can use the Go
solution of iterating over a list of potential candidates and loading
it when found.
* capath is lazy loaded so we need to do a lot more checks
This now checks to see if env vars are set as well as seeing if the
dir exists and has valid certs in it. If either of those are true (or
the number of certs is > 0) it won't load the fallback. If it does do
the fallback it will also attempt to load certs from a dir as a final
fallback
* remove an early return
* this shouldn't be commented out
* oops
* very limited testing
* sigh, can't use these py3 exceptions of course
* expand the tests a bit
* coverage!
* don't need this now
* change the approach to use a pyca/cryptography guard value
* test fix
* older python sometimes calls itself linux2
* flake8
* add changelog
* coverage
* slash opt
|
|
|
|
|
|
| |
* Fix invalid cast from ASN1_TIME to ASN1_GENERALIZEDTIME, which ends up with an error with LibreSSL.
* Require cryptography >= 1.9
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* urllib3 uses pytest now, also use trusty
* more improvements
* keep modernizing
* try trusty later.
* revert
* still try for trusty, back to the right pypy
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add an informative __main__.py
Give users an easy way to figure out what versions they're running.
* Why not more info!
* Add test
* No empty last line
* Make @alex happy
* DIAF Python 2.6
* Add cffi's version
* Make debug a module
* Add cryptography's compile-time OpenSSL
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Define the OCSPCallbackHelper.
* Define set_ocsp_status_callback function.
* Reframe this as the "server" helper.
* Add OCSP helper.
* Allow clients to request OCSP
* Some tests for OCSP.
* Don't forget to throw callback errors.
* Add changelog entry for OCSP stapling.
* Require at least cryptography 1.7
* Sorry Flake8, won't happen again.
* How does spelling work?
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Convert NextProtoNegotiationTests to use pytest-style tests
Addresses #340.
* Fix Twisted test suite
See https://twistedmatrix.com/trac/ticket/8876
* Remove tests for OpenSSL with no NPN support
NPN was added in OpenSSL 1.0.1. As of version 16.1.0, PyOpenSSL
only supports OpenSSL 1.0.1 or later, so this test is:
1. Testing a use case that's no longer supported.
2. Dead code in CI.
|
|
|
|
|
|
|
|
|
|
| |
Fix up the assert helpers, subclass form `object` rather than test case,
and use parametrization where appropriate.
One helper method on the original `TestCase` was the ability to create
temporary directories that were cleaned up at the end of the test --
now we use a pytest fixture instead: http://doc.pytest.org/en/latest/tmpdir.html
Addresses #340.
|
|
|
|
|
|
| |
* Avoid pytest warning
* Upgrade pytest min version in tox.ini
|
|
|
|
|
|
| |
* coverage 4.2 doesn't need the clean step anymore
* Set version for report too
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
- Mention them in the docs (arguably a bit hamfistedly).
- Make the README an RST.
- Make them pass flake8 and add flake8 to tox.ini
They should all be rewritten and made Python 3-friendly but that's out
of scope here.
|
|
|
|
| |
Also port forward a few changes from #422.
|
| |
|
|
|
|
| |
Notably stop breaking cryptography 1.3.
|
|
|
|
| |
Library name changed and skip_install will speed up our test times.
|
| |
|
|
|
|
|
| |
py.test has broken deprecation behavior in 2.8.4, wheels make testing of
various OpenSSLs on OS X impossible.
|
| |
|
| |
|
|
|
|
| |
The twisted test suite can't currently run using an in-dev pyOpenSSL.
|