| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
| |
And also whatever supports the protocol.
Way more pythonic now!
|
|
|
| |
It has been a no-op (when called from an _instance_ of Binding) since 3.3
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2.3.0...v2.3.1)
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2.2.2 to 2.3.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2.2.2...v2.3.0)
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
* use more functions guaranteed available in cryptography 35.0
* these are also guaranteed
|
|
|
|
| |
They are a noop on 1.1.0+ and pyOpenSSL only supports 1.1.0+ now due to
cryptography versions
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.5 to 2.4.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.3.5...v2.4.0)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Expose DTLS_METHOD and friends
* Expose OP_NO_RENEGOTIATION
* Expose DTLS MTU-related functions
* Expose DTLSv1_listen and associated callbacks
* Add a basic DTLS test
* Cope with old versions of openssl/libressl
* blacken
* Soothe flake8
* Add temporary hack to skip DTLS test on old cryptography versions
* Update for cryptography v35 release
* Add changelog entry
* Fix versionadded::
* get_cleartext_mtu doesn't exist on decrepit old openssl
* Rewrite DTLS test to work around stupid OpenSSL misbehavior
* flake8 go away
* minor tidying
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Setuptools v54.1.0 introduces a warning that the use of dash-separated
options in 'setup.cfg' will not be supported in a future version [1].
Get ahead of the issue by replacing the dashes with underscores. Without
this, we see 'UserWarning' messages like the following on new enough
versions of setuptools:
UserWarning: Usage of dash-separated 'build-requires' will not be
supported in future versions. Please use the underscore name
'build_requires' instead
UserWarning: Usage of dash-separated 'doc-files' will not be
supported in future versions. Please use the underscore name
'doc_files' instead
[1] https://github.com/pypa/setuptools/commit/a2e9ae4cb
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
|
|
|
|
|
| |
* Check for invalid ALPN lists before calling OpenSSL, for consistency
Fixes gh-1043
* Soothe flake8
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.4 to 2.3.5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.3.4...v2.3.5)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* py27 going, going, gone
* black
* more black
* ok then
* forgot to remove pypy2
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Misc CI cleanups
- Update branch names to match upstream
- Drop py2 testing
* Appease stricter checking in latest Sphinx to get CI passing again
* Don't accidentally delete an important line from tox.ini
* Give py2 support a brief stay of execution
As requested by @reaperhulk on IRC
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Bump dessant/lock-threads from 2.1.2 to 3
Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 2.1.2 to 3.
- [Release notes](https://github.com/dessant/lock-threads/releases)
- [Changelog](https://github.com/dessant/lock-threads/blob/master/CHANGELOG.md)
- [Commits](https://github.com/dessant/lock-threads/compare/v2.1.2...v3)
---
updated-dependencies:
- dependency-name: dessant/lock-threads
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update lock.yml
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
|
|
|
|
|
|
|
|
| |
While the tests currently pass without it, this is because OpenSSL's
encoder doesn't notice that it is emitting garbage. See
https://github.com/openssl/openssl/issues/16538
Fill in a placeholder validity period so the tests both better mirror
real X.509 signing code and do not rely on this bug.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A default-constructed X509_REQ or NETSCAPE_SPKI contains empty values
for all its fields, notably the OIDs in public keys. This initial state
is incomplete and not yet a valid object. The ASN.1 structures make the
public key mandatory. When serializing, OpenSSL would previously
silently omit the field, which doesn't actually produce a valid
structure.
As of https://github.com/openssl/openssl/pull/16027, OpenSSL will notice
this and return an error rather than serialize garbage. Sadly, that had
to be reverted on 1.1.1, but it is present in the 3.0 branch. With that
change, some of pyOpenSSL's tests fail.
The bug here is in pyOpenSSL: pyOpenSSL tests are trying to serialize
incomplete objects. Instead, fill in the public key. While not
syntactically necessary (the empty string is a BIT STRING), also fill in
the signature for NetscapeSPKI, to better align with real code.
Tested by running pyOpenSSL tests against a copy of OpenSSL 1.1.1's dev
branch, prior to the changes getting reverted.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/dessant/lock-threads/releases)
- [Changelog](https://github.com/dessant/lock-threads/blob/master/CHANGELOG.md)
- [Commits](https://github.com/dessant/lock-threads/compare/v2.1.1...v2.1.2)
---
updated-dependencies:
- dependency-name: dessant/lock-threads
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 2.0.3 to 2.1.1.
- [Release notes](https://github.com/dessant/lock-threads/releases)
- [Changelog](https://github.com/dessant/lock-threads/blob/master/CHANGELOG.md)
- [Commits](https://github.com/dessant/lock-threads/compare/v2.0.3...v2.1.1)
---
updated-dependencies:
- dependency-name: dessant/lock-threads
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 2 to 2.0.3.
- [Release notes](https://github.com/dessant/lock-threads/releases)
- [Changelog](https://github.com/dessant/lock-threads/blob/master/CHANGELOG.md)
- [Commits](https://github.com/dessant/lock-threads/compare/v2...v2.0.3)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
| |
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 2.2.2.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v2.2.2)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
| |
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 2.3.4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v2.3.4)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
| |
|
| |
|
|
|
|
|
| |
* Attempt to test with system OpenSSL on recent Ubuntu
* attempted fix for this test
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add Context.set_*_proto_version, fix #860
* docs: add new openssl tls methods
* accept the fact that nothing can be taken for granted
* bump minimum required cryptography version to 3.3
* drop support for Python 3.5
* use binary wheels for cryptography
* Revert "use binary wheels for cryptography"
This reverts commit 91a04c612ed1d0dd9fd541dfefe21cac7c25b1c1.
* docker ci: compile cryptography with rust
|
|
|
|
|
| |
Deprecated under OpenSSL 1.1
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
| |
* fix rtd docs build
* manifest
|
|
|
|
|
|
|
| |
* check return code of SSL_CTX_set_alpn_protos, fix #992
* paint it black!
* fix line lengths as well :upside_down_face:
|
|
|
|
|
| |
* rename main branch
* travis is gone, link GHA
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
* Test on OpenSSL 1.1.0 w/ Debian stretch
* Make pyOpenSSL compatible with openssl 1.1.0 again
Co-authored-by: Shane Harvey <shnhrv@gmail.com>
|
|
|
|
|
| |
* remove py2 w/ cryptography master
* Update ci.yml
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Tox.ini; Test on Python 3.9 and make flake8 stricter
* max-line-length = 88
* Remove unused import
* Update tox.ini
* Use PEP8 line length
* Use PEP8 line length
|
| |
|
| |
|
|
|
|
|
| |
* fix a memleak
* black
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Keep reference to SSL verify_call in Connection object
If a set_verify is used on a context before and after a Connection
the reference in the SSL* object still points to the old _verify_helper
object. Since this object has no longer any references to it, the
callback can result in a segfault.
This commit fixes the issues by ensuring that as long as the
Connection object/SSL* object lives a reference to the callback
function is held.
* Add Unit test for set_verify_callback deference
|