Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency pyOpenSSL to v24 - autoclosed #68

Closed
wants to merge 1 commit into from
Closed

Update dependency pyOpenSSL to v24 - autoclosed #68

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 25, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
pyOpenSSL (source) ==22.1.0 -> ==24.3.0 age adoption passing confidence

Release Notes

pyca/pyopenssl (pyOpenSSL)

v24.3.0

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Removed the deprecated OpenSSL.crypto.CRL, OpenSSL.crypto.Revoked, OpenSSL.crypto.dump_crl, and OpenSSL.crypto.load_crl. cryptography.x509's CRL functionality should be used instead.
  • Removed the deprecated OpenSSL.crypto.sign and OpenSSL.crypto.verify. cryptography.hazmat.primitives.asymmetric's signature APIs should be used instead.

Deprecations:
^^^^^^^^^^^^^

  • Deprecated OpenSSL.rand - callers should use os.urandom() instead.
  • Deprecated add_extensions and get_extensions on OpenSSL.crypto.X509Req and OpenSSL.crypto.X509. These should have been deprecated at the same time X509Extension was. Users should use pyca/cryptography's X.509 APIs instead.
  • Deprecated OpenSSL.crypto.get_elliptic_curves and OpenSSL.crypto.get_elliptic_curve, as well as passing the reult of them to OpenSSL.SSL.Context.set_tmp_ecdh, users should instead pass curves from cryptography.
  • Deprecated passing X509 objects to OpenSSL.SSL.Context.use_certificate, OpenSSL.SSL.Connection.use_certificate, OpenSSL.SSL.Context.add_extra_chain_cert, and OpenSSL.SSL.Context.add_client_ca, users should instead pass cryptography.x509.Certificate instances. This is in preparation for deprecating pyOpenSSL's X509 entirely.
  • Deprecated passing PKey objects to OpenSSL.SSL.Context.use_privatekey and OpenSSL.SSL.Connection.use_privatekey, users should instead pass cryptography priate key instances. This is in preparation for deprecating pyOpenSSL's PKey entirely.

Changes:
^^^^^^^^

  • cryptography maximum version has been increased to 44.0.x.
  • OpenSSL.SSL.Connection.get_certificate, OpenSSL.SSL.Connection.get_peer_certificate, OpenSSL.SSL.Connection.get_peer_cert_chain, and OpenSSL.SSL.Connection.get_verified_chain now take an as_cryptography keyword-argument. When True is passed then cryptography.x509.Certificate are returned, instead of OpenSSL.crypto.X509. In the future, passing False (the default) will be deprecated.

v24.2.1

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^

  • Fixed changelog to remove sphinx specific restructured text strings.

v24.1.0

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Removed the deprecated OpenSSL.crypto.PKCS12 and
    OpenSSL.crypto.NetscapeSPKI. OpenSSL.crypto.PKCS12 may be replaced
    by the PKCS#12 APIs in the cryptography package.

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^

v24.0.0

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^

  • Added OpenSSL.SSL.Connection.get_selected_srtp_profile to determine which SRTP profile was negotiated.
    #&#8203;1279 <https://github.com/pyca/pyopenssl/pull/1279>_.

v23.3.0

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Dropped support for Python 3.6.
  • The minimum cryptography version is now 41.0.5.
  • Removed OpenSSL.crypto.loads_pkcs7 and OpenSSL.crypto.loads_pkcs12 which had been deprecated for 3 years.
  • Added OpenSSL.SSL.OP_LEGACY_SERVER_CONNECT to allow legacy insecure renegotiation between OpenSSL and unpatched servers.
    #&#8203;1234 <https://github.com/pyca/pyopenssl/pull/1234>_.

Deprecations:
^^^^^^^^^^^^^

  • Deprecated OpenSSL.crypto.PKCS12 (which was intended to have been deprecated at the same time as OpenSSL.crypto.load_pkcs12).
  • Deprecated OpenSSL.crypto.NetscapeSPKI.
  • Deprecated OpenSSL.crypto.CRL
  • Deprecated OpenSSL.crypto.Revoked
  • Deprecated OpenSSL.crypto.load_crl and OpenSSL.crypto.dump_crl
  • Deprecated OpenSSL.crypto.sign and OpenSSL.crypto.verify
  • Deprecated OpenSSL.crypto.X509Extension

Changes:
^^^^^^^^

  • Changed OpenSSL.crypto.X509Store.add_crl to also accept
    cryptography's x509.CertificateRevocationList arguments in addition
    to the now deprecated OpenSSL.crypto.CRL arguments.
  • Fixed test_set_default_verify_paths test so that it is skipped if no
    network connection is available.

v23.2.0

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Removed X509StoreFlags.NOTIFY_POLICY.
    #&#8203;1213 <https://github.com/pyca/pyopenssl/pull/1213>_.

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^

  • cryptography maximum version has been increased to 41.0.x.
  • Invalid versions are now rejected in OpenSSL.crypto.X509Req.set_version.
  • Added X509VerificationCodes to OpenSSL.SSL.
    #&#8203;1202 <https://github.com/pyca/pyopenssl/pull/1202>_.

v23.1.1

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^

  • Worked around an issue in OpenSSL 3.1.0 which caused X509Extension.get_short_name to raise an exception when no short name was known to OpenSSL.
    #&#8203;1204 <https://github.com/pyca/pyopenssl/pull/1204>_.

v23.1.0

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^

  • cryptography maximum version has been increased to 40.0.x.
  • Add OpenSSL.SSL.Connection.DTLSv1_get_timeout and OpenSSL.SSL.Connection.DTLSv1_handle_timeout
    to support DTLS timeouts #&#8203;1180 <https://github.com/pyca/pyopenssl/pull/1180>_.

v23.0.0

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^

  • Add OpenSSL.SSL.X509StoreFlags.PARTIAL_CHAIN constant to allow for users
    to perform certificate verification on partial certificate chains.
    #&#8203;1166 <https://github.com/pyca/pyopenssl/pull/1166>_
  • cryptography maximum version has been increased to 39.0.x.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch from 8fc2c4b to 9ce272f Compare March 26, 2024 18:49
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch from 9ce272f to efe3137 Compare April 14, 2024 11:53
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch 2 times, most recently from a2faee1 to eee1e93 Compare May 15, 2024 18:26
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch from eee1e93 to 415e611 Compare May 27, 2024 20:33
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch from 415e611 to 9182311 Compare July 7, 2024 00:46
@renovate renovate bot changed the base branch from main to dev July 7, 2024 00:46
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch from 9182311 to 797a918 Compare July 7, 2024 23:50
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch from 797a918 to 17a9e7b Compare July 20, 2024 19:36
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch from 17a9e7b to d14f64a Compare August 6, 2024 08:51
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch from d14f64a to 6153a84 Compare August 22, 2024 19:33
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch 2 times, most recently from 6f50f45 to fcf6abe Compare November 20, 2024 14:57
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch from fcf6abe to d96058c Compare November 27, 2024 23:09
@renovate renovate bot force-pushed the renovate/pyopenssl-24.x branch from d96058c to b69bf33 Compare December 17, 2024 01:51
@renovate renovate bot changed the title Update dependency pyOpenSSL to v24 Update dependency pyOpenSSL to v24 - autoclosed Dec 17, 2024
@renovate renovate bot closed this Dec 17, 2024
@renovate renovate bot deleted the renovate/pyopenssl-24.x branch December 17, 2024 02:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants