PyPI - pyOpenSSL - Versions diffs - 24.2.1__tar.gz → 24.3.0__tar.gz - Mend

pyOpenSSL 24.2.1tar.gz → 24.3.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (53) hide show

{pyopenssl-24.2.1 → pyopenssl-24.3.0}/CHANGELOG.rst RENAMED Viewed

@@ -4,6 +4,31 @@ Changelog
 Versions are year-based with a strict backward-compatibility policy.
 The third digit is only for regressions.
+24.3.0 (2024-11-27)
+-------------------
+Backward-incompatible changes:
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+- Removed the deprecated ``OpenSSL.crypto.CRL``, ``OpenSSL.crypto.Revoked``, ``OpenSSL.crypto.dump_crl``, and ``OpenSSL.crypto.load_crl``. ``cryptography.x509``'s CRL functionality should be used instead.
+- Removed the deprecated ``OpenSSL.crypto.sign`` and ``OpenSSL.crypto.verify``. ``cryptography.hazmat.primitives.asymmetric``'s signature APIs should be used instead.
+Deprecations:
+^^^^^^^^^^^^^
+- Deprecated ``OpenSSL.rand`` - callers should use ``os.urandom()`` instead.
+- Deprecated ``add_extensions`` and ``get_extensions`` on ``OpenSSL.crypto.X509Req`` and ``OpenSSL.crypto.X509``. These should have been deprecated at the same time ``X509Extension`` was. Users should use pyca/cryptography's X.509 APIs instead.
+- Deprecated ``OpenSSL.crypto.get_elliptic_curves`` and ``OpenSSL.crypto.get_elliptic_curve``, as well as passing the reult of them to ``OpenSSL.SSL.Context.set_tmp_ecdh``, users should instead pass curves from ``cryptography``.
+- Deprecated passing ``X509`` objects to ``OpenSSL.SSL.Context.use_certificate``, ``OpenSSL.SSL.Connection.use_certificate``, ``OpenSSL.SSL.Context.add_extra_chain_cert``, and ``OpenSSL.SSL.Context.add_client_ca``, users should instead pass ``cryptography.x509.Certificate`` instances. This is in preparation for deprecating pyOpenSSL's ``X509`` entirely.
+- Deprecated passing ``PKey`` objects to ``OpenSSL.SSL.Context.use_privatekey`` and ``OpenSSL.SSL.Connection.use_privatekey``, users should instead pass ``cryptography`` priate key instances. This is in preparation for deprecating pyOpenSSL's ``PKey`` entirely.
+Changes:
+^^^^^^^^
+* ``cryptography`` maximum version has been increased to 44.0.x.
+* ``OpenSSL.SSL.Connection.get_certificate``, ``OpenSSL.SSL.Connection.get_peer_certificate``, ``OpenSSL.SSL.Connection.get_peer_cert_chain``, and ``OpenSSL.SSL.Connection.get_verified_chain`` now take an ``as_cryptography`` keyword-argument. When ``True`` is passed then ``cryptography.x509.Certificate`` are returned, instead of ``OpenSSL.crypto.X509``. In the future, passing ``False`` (the default) will be deprecated.
 24.2.1 (2024-07-20)
 -------------------

{pyopenssl-24.2.1 → pyopenssl-24.3.0}/INSTALL.rst RENAMED Viewed

@@ -23,11 +23,6 @@ Supported OpenSSL Versions
 --------------------------
 pyOpenSSL supports the same platforms and releases as the upstream cryptography project `does <https://cryptography.io/en/latest/installation/#supported-platforms>`_.
-Currently that means:
-- 1.1.0
-- 1.1.1
-- 3.0
 You can always find out the versions of pyOpenSSL, cryptography, and the linked OpenSSL by running ``python -m OpenSSL.debug``.

{pyopenssl-24.2.1 → pyopenssl-24.3.0}/MANIFEST.in RENAMED Viewed

@@ -1,5 +1,5 @@
 include             LICENSE MANIFEST.in *.rst tox.ini .coveragerc src/OpenSSL/py.typed
-exclude             codecov.yml .readthedocs.yml mypy.ini
+exclude             .readthedocs.yml mypy.ini
 recursive-include   tests           *.py
 recursive-include   doc             *
 prune               doc/_build

{pyopenssl-24.2.1 → pyopenssl-24.3.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: pyOpenSSL
-Version: 24.2.1
+Version: 24.3.0
 Summary: Python wrapper module around the OpenSSL library
 Home-page: https://pyopenssl.org/
 Author: The pyOpenSSL developers
@@ -20,6 +20,7 @@ Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
 Classifier: Programming Language :: Python :: Implementation :: CPython
 Classifier: Programming Language :: Python :: Implementation :: PyPy
 Classifier: Topic :: Security :: Cryptography
@@ -27,7 +28,7 @@ Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Classifier: Topic :: System :: Networking
 Requires-Python: >=3.7
 License-File: LICENSE
-Requires-Dist: cryptography<44,>=41.0.5
+Requires-Dist: cryptography<45,>=41.0.5
 Provides-Extra: test
 Requires-Dist: pytest-rerunfailures; extra == "test"
 Requires-Dist: pretend; extra == "test"
@@ -47,10 +48,6 @@ pyOpenSSL -- A Python wrapper around the OpenSSL library
 .. image:: https://github.com/pyca/pyopenssl/workflows/CI/badge.svg?branch=main
    :target: https://github.com/pyca/pyopenssl/actions?query=workflow%3ACI+branch%3Amain
-.. image:: https://codecov.io/github/pyca/pyopenssl/branch/main/graph/badge.svg
-   :target: https://codecov.io/github/pyca/pyopenssl
-   :alt: Test coverage
 **Note:** The Python Cryptographic Authority **strongly suggests** the use of `pyca/cryptography`_
 where possible. If you are using pyOpenSSL for anything other than making a TLS connection
 **you should move to cryptography and drop your pyOpenSSL dependency**.
@@ -87,6 +84,31 @@ You can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get invol
 Release Information
 ===================
+24.3.0 (2024-11-27)
+-------------------
+Backward-incompatible changes:
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+- Removed the deprecated ``OpenSSL.crypto.CRL``, ``OpenSSL.crypto.Revoked``, ``OpenSSL.crypto.dump_crl``, and ``OpenSSL.crypto.load_crl``. ``cryptography.x509``'s CRL functionality should be used instead.
+- Removed the deprecated ``OpenSSL.crypto.sign`` and ``OpenSSL.crypto.verify``. ``cryptography.hazmat.primitives.asymmetric``'s signature APIs should be used instead.
+Deprecations:
+^^^^^^^^^^^^^
+- Deprecated ``OpenSSL.rand`` - callers should use ``os.urandom()`` instead.
+- Deprecated ``add_extensions`` and ``get_extensions`` on ``OpenSSL.crypto.X509Req`` and ``OpenSSL.crypto.X509``. These should have been deprecated at the same time ``X509Extension`` was. Users should use pyca/cryptography's X.509 APIs instead.
+- Deprecated ``OpenSSL.crypto.get_elliptic_curves`` and ``OpenSSL.crypto.get_elliptic_curve``, as well as passing the reult of them to ``OpenSSL.SSL.Context.set_tmp_ecdh``, users should instead pass curves from ``cryptography``.
+- Deprecated passing ``X509`` objects to ``OpenSSL.SSL.Context.use_certificate``, ``OpenSSL.SSL.Connection.use_certificate``, ``OpenSSL.SSL.Context.add_extra_chain_cert``, and ``OpenSSL.SSL.Context.add_client_ca``, users should instead pass ``cryptography.x509.Certificate`` instances. This is in preparation for deprecating pyOpenSSL's ``X509`` entirely.
+- Deprecated passing ``PKey`` objects to ``OpenSSL.SSL.Context.use_privatekey`` and ``OpenSSL.SSL.Connection.use_privatekey``, users should instead pass ``cryptography`` priate key instances. This is in preparation for deprecating pyOpenSSL's ``PKey`` entirely.
+Changes:
+^^^^^^^^
+* ``cryptography`` maximum version has been increased to 44.0.x.
+* ``OpenSSL.SSL.Connection.get_certificate``, ``OpenSSL.SSL.Connection.get_peer_certificate``, ``OpenSSL.SSL.Connection.get_peer_cert_chain``, and ``OpenSSL.SSL.Connection.get_verified_chain`` now take an ``as_cryptography`` keyword-argument. When ``True`` is passed then ``cryptography.x509.Certificate`` are returned, instead of ``OpenSSL.crypto.X509``. In the future, passing ``False`` (the default) will be deprecated.
 24.2.1 (2024-07-20)
 -------------------

{pyopenssl-24.2.1 → pyopenssl-24.3.0}/README.rst RENAMED Viewed

@@ -9,10 +9,6 @@ pyOpenSSL -- A Python wrapper around the OpenSSL library
 .. image:: https://github.com/pyca/pyopenssl/workflows/CI/badge.svg?branch=main
    :target: https://github.com/pyca/pyopenssl/actions?query=workflow%3ACI+branch%3Amain
-.. image:: https://codecov.io/github/pyca/pyopenssl/branch/main/graph/badge.svg
-   :target: https://codecov.io/github/pyca/pyopenssl
-   :alt: Test coverage
 **Note:** The Python Cryptographic Authority **strongly suggests** the use of `pyca/cryptography`_
 where possible. If you are using pyOpenSSL for anything other than making a TLS connection
 **you should move to cryptography and drop your pyOpenSSL dependency**.

{pyopenssl-24.2.1 → pyopenssl-24.3.0}/doc/api/crypto.rst RENAMED Viewed

@@ -6,7 +6,9 @@
 .. py:module:: OpenSSL.crypto
    :synopsis: Generic cryptographic module
-.. note::
+.. danger::
+    **This module is pending deprecation, use pyca/cryptography instead.**
     `pyca/cryptography`_ is likely a better choice than using this module.
     It contains a complete set of cryptographic primitives as well as a significantly better and more powerful X509 API.
@@ -61,20 +63,6 @@ Public keys
 .. autofunction:: load_publickey
-Certificate revocation lists
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-.. autofunction:: dump_crl
-.. autofunction:: load_crl
-Signing and verifying signatures
---------------------------------
-.. autofunction:: sign
-.. autofunction:: verify
 .. _openssl-x509:
@@ -170,24 +158,6 @@ X509Extension objects
                :special-members:
                :exclude-members: __weakref__
-.. _crl:
-CRL objects
------------
-.. autoclass:: CRL
-               :members:
-               :special-members:
-               :exclude-members: __weakref__
-.. _revoked:
-Revoked objects
----------------
-.. autoclass:: Revoked
-               :members:
 Exceptions
 ----------

{pyopenssl-24.2.1 → pyopenssl-24.3.0}/doc/api/ssl.rst RENAMED Viewed

@@ -150,22 +150,12 @@ Context, Connection.
 .. autofunction:: OpenSSL_version
-.. py:data:: ContextType
-    See :py:class:`Context`.
 .. autoclass:: Context
    :noindex:
 .. autoclass:: Session
-.. py:data:: ConnectionType
-    See :py:class:`Connection`.
 .. py:class:: Connection(context, socket)
    :noindex:

{pyopenssl-24.2.1 → pyopenssl-24.3.0}/doc/conf.py RENAMED Viewed

@@ -122,13 +122,14 @@ pygments_style = "sphinx"
 # The theme to use for HTML and HTML Help pages.  See the documentation for
 # a list of builtin themes.
-on_rtd = os.environ.get("READTHEDOCS", None) == "True"
+if os.environ.get("READTHEDOCS", None) == "True":
+    html_baseurl = os.environ.get("READTHEDOCS_CANONICAL_URL", "")
-if not on_rtd:  # only import and set the theme if we're building docs locally
-    import sphinx_rtd_theme
+    if "html_context" not in globals():
+        html_context = {}
+    html_context["READTHEDOCS"] = True
-    html_theme = "sphinx_rtd_theme"
-    html_theme_path = [sphinx_rtd_theme.get_html_theme_path()]
+html_theme = "sphinx_rtd_theme"
 # Theme options are theme-specific and customize the look and feel of a theme
 # further.  For a list of options available for each theme, see the

{pyopenssl-24.2.1 → pyopenssl-24.3.0}/pyproject.toml RENAMED Viewed

@@ -1,12 +1,15 @@
 [tool.coverage.run]
 branch = true
+relative_files = true
 source = ["OpenSSL", "tests/"]
 [tool.coverage.paths]
 source = [
     "src/OpenSSL",
-    ".tox/*/lib/python*/site-packages/OpenSSL",
-    ".tox/pypy/site-packages/OpenSSL",
+    "*.tox/*/lib/python*/site-packages/OpenSSL",
+    "*.tox/*/lib/pypy*/site-packages/OpenSSL",
+    "*.tox/pypy/site-packages/OpenSSL",
+    "*.tox\\*\\Lib\\site-packages\\OpenSSL",
 ]
 [tool.coverage.report]
@@ -39,6 +42,8 @@ testpaths = ["tests"]
 [tool.ruff]
 lint.select = ['E', 'F', 'I', 'W', 'UP', 'RUF']
 line-length = 79
+# Remove if/when we move setup.py python-requires metadata to pyproject.toml
+target-version = "py37"
 [tool.ruff.lint.isort]
 known-first-party = ["OpenSSL", "tests"]

{pyopenssl-24.2.1 → pyopenssl-24.3.0}/setup.py RENAMED Viewed

@@ -83,6 +83,7 @@ if __name__ == "__main__":
             "Programming Language :: Python :: 3.10",
             "Programming Language :: Python :: 3.11",
             "Programming Language :: Python :: 3.12",
+            "Programming Language :: Python :: 3.13",
             "Programming Language :: Python :: Implementation :: CPython",
             "Programming Language :: Python :: Implementation :: PyPy",
             "Topic :: Security :: Cryptography",
@@ -93,7 +94,7 @@ if __name__ == "__main__":
         packages=find_packages(where="src"),
         package_dir={"": "src"},
         install_requires=[
-            "cryptography>=41.0.5,<44",
+            "cryptography>=41.0.5,<45",
         ],
         extras_require={
             "test": ["pytest-rerunfailures", "pretend", "pytest>=3.0.1"],

pyOpenSSL 24.2.1__tar.gz → 24.3.0__tar.gz

pyOpenSSL 24.2.1tar.gz → 24.3.0tar.gz