diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-06-21 06:59:58 -1000 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2017-06-21 12:59:58 -0400 |
| commit | ce98ee6075399343ee4580dc334e6bc38bfbc221 (patch) | |
| tree | 57f230b413b9bdcc3785825c974f8faf15733ede | |
| parent | 80b25efa407f15c1c21323b7e512e2e051c0f5e3 (diff) | |
| download | pyopenssl-ce98ee6075399343ee4580dc334e6bc38bfbc221.tar.gz | |
update docs and and changelog for #612 (#639)
* update docs and and changelog for #612
* update changelog
* more detail
| -rw-r--r-- | CHANGELOG.rst | 5 | ||||
| -rw-r--r-- | src/OpenSSL/crypto.py | 28 |
2 files changed, 13 insertions, 20 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 62335a8..5bd844c 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -15,6 +15,11 @@ Backward-incompatible changes: - Removed the deprecated ``OpenSSL.rand.egd`` function. Applications should prefer ``os.urandom()`` for random number generation. `#630 <https://github.com/pyca/pyopenssl/pull/630>`_ +- Fixed a bug with ``ASN1_TIME`` casting in ``X509.set_notBefore``, + ``X509.set_notAfter``, ``Revoked.set_rev_date``, ``Revoked.set_nextUpdate``, + and ``Revoked.set_lastUpdate``. You must now pass times in the form + ``YYYYMMDDhhmmssZ``. ``YYYYMMDDhhmmss+hhmm`` and ``YYYYMMDDhhmmss-hhmm`` + will no longer work. `#612 <https://github.com/pyca/pyopenssl/pull/612>`_ Deprecations: diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py index 3404172..ae05ede 100644 --- a/src/OpenSSL/crypto.py +++ b/src/OpenSSL/crypto.py @@ -1235,11 +1235,9 @@ class X509(object): """ Get the timestamp at which the certificate starts being valid. - The timestamp is formatted as an ASN.1 GENERALIZEDTIME:: + The timestamp is formatted as an ASN.1 TIME:: YYYYMMDDhhmmssZ - YYYYMMDDhhmmss+hhmm - YYYYMMDDhhmmss-hhmm :return: A timestamp string, or ``None`` if there is none. :rtype: bytes or NoneType @@ -1253,11 +1251,9 @@ class X509(object): """ Set the timestamp at which the certificate starts being valid. - The timestamp is formatted as an ASN.1 GENERALIZEDTIME:: + The timestamp is formatted as an ASN.1 TIME:: YYYYMMDDhhmmssZ - YYYYMMDDhhmmss+hhmm - YYYYMMDDhhmmss-hhmm :param bytes when: A timestamp string. :return: ``None`` @@ -1268,11 +1264,9 @@ class X509(object): """ Get the timestamp at which the certificate stops being valid. - The timestamp is formatted as an ASN.1 GENERALIZEDTIME:: + The timestamp is formatted as an ASN.1 TIME:: YYYYMMDDhhmmssZ - YYYYMMDDhhmmss+hhmm - YYYYMMDDhhmmss-hhmm :return: A timestamp string, or ``None`` if there is none. :rtype: bytes or NoneType @@ -1283,11 +1277,9 @@ class X509(object): """ Set the timestamp at which the certificate stops being valid. - The timestamp is formatted as an ASN.1 GENERALIZEDTIME:: + The timestamp is formatted as an ASN.1 TIME:: YYYYMMDDhhmmssZ - YYYYMMDDhhmmss+hhmm - YYYYMMDDhhmmss-hhmm :param bytes when: A timestamp string. :return: ``None`` @@ -1943,7 +1935,7 @@ class Revoked(object): Set the revocation timestamp. :param bytes when: The timestamp of the revocation, - as ASN.1 GENERALIZEDTIME. + as ASN.1 TIME. :return: ``None`` """ dt = _lib.X509_REVOKED_get0_revocationDate(self._revoked) @@ -1953,7 +1945,7 @@ class Revoked(object): """ Get the revocation timestamp. - :return: The timestamp of the revocation, as ASN.1 GENERALIZEDTIME. + :return: The timestamp of the revocation, as ASN.1 TIME. :rtype: bytes """ dt = _lib.X509_REVOKED_get0_revocationDate(self._revoked) @@ -2040,11 +2032,9 @@ class CRL(object): """ Set when the CRL was last updated. - The timestamp is formatted as an ASN.1 GENERALIZEDTIME:: + The timestamp is formatted as an ASN.1 TIME:: YYYYMMDDhhmmssZ - YYYYMMDDhhmmss+hhmm - YYYYMMDDhhmmss-hhmm .. versionadded:: 16.1.0 @@ -2057,11 +2047,9 @@ class CRL(object): """ Set when the CRL will next be udpated. - The timestamp is formatted as an ASN.1 GENERALIZEDTIME:: + The timestamp is formatted as an ASN.1 TIME:: YYYYMMDDhhmmssZ - YYYYMMDDhhmmss+hhmm - YYYYMMDDhhmmss-hhmm .. versionadded:: 16.1.0 |