summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Drop OpenSSL 1.0.1drop-1.0.1Alex Gaynor2020-04-065-236/+198
|
* Remove asserts (#904)Adrián Chaves2020-03-312-5/+5
|
* Uhhh, fix twisted tests to actually run twisted (wat) (#906)Alex Gaynor2020-03-301-2/+3
| | | | | * Uhhh, fix twisted tests to actually run twisted (wat) * Update tox.ini
* Run twisted tests under py3 (#905)Alex Gaynor2020-03-301-2/+2
|
* Fix PKey.check for some broken keys (#897)Mrmaxmeier2020-03-112-1/+15
| | | | | | | | | * fix PKey.check for some broken keys RSA_check_key is documented to return 1 for valid keys. It (currently) returns 0 or -1 for invalid ones. The previous code accepted invalid keys if RSA_check_key returns -1! * add test
* Make tests pass in the future (now the present) (#888)Alex Gaynor2020-01-121-3/+5
|
* Drop support for Python 3.4, since cryptography dropped it (#884)Alex Gaynor2019-12-154-10/+3
|
* Make the code slightly resillient to python4 (#880)Alex Gaynor2019-11-181-2/+2
|
* Random cleanup around our usage of binary_type (#879)Alex Gaynor2019-11-183-14/+10
|
* reopen master, call it 20.0 because let's be honest with ourselves (#878)Paul Kehrer2019-11-182-1/+22
|
* version bump for 19.1 release (#877)19.1.0Paul Kehrer2019-11-172-2/+2
|
* ALPN: complete handshake without accepting a client's protocols. (#876)Mark Williams2019-11-184-11/+114
| | | | | | | | | | | | | | | | | | | | | | | | | * ALPN: complete handshake without accepting a client's protocols. The callback passed to `SSL_CTX_set_alpn_select_cb` can return `SSL_TLSEXT_ERR_NOACK` to allow the handshake to continue without accepting any of the client's offered protocols. This commit introduces `NO_OVERLAPPING_PROTOCOLS`, which the Python callback passed to `Context.set_alpn_select_callback` can return to achieve the same thing. It does not change the previous meaning of an empty string, which still terminates the handshake. * Update src/OpenSSL/SSL.py Co-Authored-By: Alex Gaynor <alex.gaynor@gmail.com> * Address @alex's review. * Use recorded value in test, fix lint error. * Cover TypeError branch in _ALPNHelper.callback
* use _ffi.from_buffer() to support bytearray (#852)Daniel Holth2019-11-185-40/+92
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * use _ffi.from_buffer(buf) in send, to support bytearray * add bytearray test * update CHANGELOG.rst * move from_buffer before 'buffer too long' check * context-managed from_buffer + black * don't shadow buf in send() * test return count for sendall * test sending an array * fix test * also use from_buffer in bio_write * de-format _util.py * formatting * add simple bio_write tests * wrap line
* bump the minimum cryptography version (#875)Paul Kehrer2019-11-173-2/+4
| | | | | | | Users with older cryptography (and hence potentially older asn1crypto, a transitive dependency) are seeing a serious bug on macOS catalina due to the way older asn1crypto loads a shared library. While this isn't a pyOpenSSL bug bumping this dep might prevent the bug from impacting some users.
* Fixes #868 -- test on py38 (#870)Alex Gaynor2019-10-203-1/+9
|
* Fix for Python 4 (#862)Hugo van Kemenade2019-08-293-15/+15
| | | | | | * Fix for Python 4 * Fix for Python 4
* Expose OP_NO_TLSv1_3 (#861)Nathaniel J. Smith2019-08-022-0/+6
| | | | | | * Expose OP_NO_TLSv1_3 * Support openssl <1.1.1
* Stop lawyers from emailing Hynek (#856)Hynek Schlawack2019-07-291-2/+0
| | | | | | * Stop lawyers from emailing Hynek * Update setup.py
* Mark this test as flaky (#850)Alex Gaynor2019-07-061-0/+3
|
* Update SSL.py docstring (#849)Daniel Holth2019-07-051-1/+1
|
* Run tests in random order to weed out issues (#842)Alex Gaynor2019-06-022-1/+7
|
* Remove deleted files from MANIFEST.in (#841)Alex Gaynor2019-05-201-3/+0
|
* Delete .mention-bot (#840)Alex Gaynor2019-05-191-3/+0
|
* Delete examples/simple/ (#837)Alex Gaynor2019-05-193-184/+0
| | | | | | | | * Delete README * Delete client.py * Delete server.py
* Delete examples/sni/ (#838)Alex Gaynor2019-05-197-188/+0
| | | | | | | | | | | | | | | | * Delete README * Delete another.invalid.crt * Delete another.invalid.key * Delete client.py * Delete example.invalid.crt * Delete example.invalid.key * Delete server.py
* Delete README.rst (#839)Alex Gaynor2019-05-191-56/+0
|
* Delete SecureXMLRPCServer.py (#836)Alex Gaynor2019-05-191-115/+0
|
* Delete proxy.py (#835)Alex Gaynor2019-05-191-79/+0
|
* Delete certgen.py (#834)Alex Gaynor2019-05-191-84/+0
|
* Delete mk_simple_certs which is definitely not the pyca recommended way to ↵Alex Gaynor2019-05-191-50/+0
| | | | generate certs (#833)
* Remove tests of long functionality (#832)Alex Gaynor2019-05-191-117/+0
| | | These don't actually cover any code.
* Make test_ssl pass in an IPv6-only environment (#827)David Benjamin2019-04-151-20/+38
| | | | | | | | | | | | * Make test_ssl pass in an IPv6-only environment * Review comments * Update tests/test_ssl.py Co-Authored-By: davidben <davidben@davidben.net> * Wrap long line with parens.
* skip NPN tests if NPN is not available (#822)Paul Kehrer2019-02-261-0/+3
| | | | | | * skip NPN tests if NPN is not available * use the right name
* OpenSSL always has SNI (#821)Alex Gaynor2019-02-221-8/+0
|
* Deprecated NPN (#820)Alex Gaynor2019-02-222-1/+12
| | | | | | | | | | * Deprecated NPN * arithmetic is hard * oops * oops
* Raise an Error with "no cipher match" even with TLS 1.3 (#818)Mark Williams2019-02-142-12/+34
| | | | | | | | | | | * Raise an Error with "no cipher match" even with TLS 1.3 This makes Twisted's OpenSSLAcceptableCiphers.fromOpenSSLCipherString and seamlessly work with TLS 1.3: https://github.com/twisted/twisted/pull/1100/files/a5df2fb373ac67b0e3032acc9291ae88dfd0b3b1#diff-df501bac724aab523150498f84749b88R1767 * Split TestContext.test_set_cipher_list_wrong_args into two tests.
* Make all of the examples py3 syntax friendly (#816)Alex Gaynor2019-02-103-15/+21
|
* Removed deprecated Type aliases (#814)Alex Gaynor2019-02-075-150/+35
| | | | | | | | | | | | * Removed deprecated Type aliases * typo * typo * missed this somehow * Line wrap
* Update install docs for suppoted versions of OpenSSL (#813)Alex Gaynor2019-02-021-5/+1
|
* Update test for us not supporting 0.9.8 (#812)Alex Gaynor2019-02-021-4/+2
|
* Provide a valid digest option (#811)Wayne Werner2019-01-301-1/+1
| | | 2566 is not a valid digest, whoops!
* more infra changes (#809)Paul Kehrer2019-01-211-21/+14
| | | | | | | | | | | | * more infra changes * upgrade pypy * still run a test against 1.0.1 * we don't need this builder * ...
* Reopen master for 19.1 (#810)Alex Gaynor2019-01-212-1/+25
|
* release 19.0.0 (#808)19.0.0Paul Kehrer2019-01-212-2/+2
|
* changelog and call it 19 now (#807)Paul Kehrer2019-01-212-3/+7
|
* upgrade macos builders to newer travis image (#806)Paul Kehrer2019-01-211-2/+2
|
* add key types consts (#776)Igr2019-01-211-0/+2
|
* Fixes incorrect rtype in documentation (#802)Gaurav Malhotra2019-01-211-2/+2
| | | | | rtype for the following was incorrect: X509Req.from_cryptography X509.from_cryptography
* Handle NULL bytes in get_components() values (#804)Romuald Brunet2019-01-212-5/+16
| | | | | | | | | | | * Handle NULL bytes in get_components() values Some old software may generate "bogus" CN with each character preceded by a NULL. This is already handled in commonName, but wasn't in get_components() * review fixes (fix py3 test & avoid unpack/cast)
* Hypothetically fixes pyOpenSSL tests (#805)Paul Kehrer2019-01-215-32/+52
| | | | | | | | | | | | | | | * fix openssl CLI testing for 1.1.1 * various 1.1.1 related fixes some of which are just admitting TLS 1.3 is fundamentally different and pinning the tests to TLS 1.2 * flake8 fixes * allow travis_infra env var through * fix twisted
View Lorry Controller Status