Skip to content

fix(deps): update dependency pyopenssl to v24 - autoclosed

Renovate Bot requested to merge renovate/pyopenssl-24.x into develop

This MR contains the following updates:

Package Change Age Adoption Passing Confidence
pyopenssl (source) ~22.0 -> ~24.0 age adoption passing confidence

Release Notes

pyca/pyopenssl

v24.0.0

Compare Source

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • Added OpenSSL.SSL.Connection.get_selected_srtp_profile to determine which SRTP profile was negotiated. #&#8203;1279 <https://github.com/pyca/pyopenssl/pull/1279>_.

v23.3.0

Compare Source

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Dropped support for Python 3.6.
  • The minimum cryptography version is now 41.0.5.
  • Removed OpenSSL.crypto.loads_pkcs7 and OpenSSL.crypto.loads_pkcs12 which had been deprecated for 3 years.
  • Added OpenSSL.SSL.OP_LEGACY_SERVER_CONNECT to allow legacy insecure renegotiation between OpenSSL and unpatched servers. #&#8203;1234 <https://github.com/pyca/pyopenssl/pull/1234>_.

Deprecations: ^^^^^^^^^^^^^

  • Deprecated OpenSSL.crypto.PKCS12 (which was intended to have been deprecated at the same time as OpenSSL.crypto.load_pkcs12).
  • Deprecated OpenSSL.crypto.NetscapeSPKI.
  • Deprecated OpenSSL.crypto.CRL
  • Deprecated OpenSSL.crypto.Revoked
  • Deprecated OpenSSL.crypto.load_crl and OpenSSL.crypto.dump_crl
  • Deprecated OpenSSL.crypto.sign and OpenSSL.crypto.verify
  • Deprecated OpenSSL.crypto.X509Extension

Changes: ^^^^^^^^

  • Changed OpenSSL.crypto.X509Store.add_crl to also accept cryptography's x509.CertificateRevocationList arguments in addition to the now deprecated OpenSSL.crypto.CRL arguments.
  • Fixed test_set_default_verify_paths test so that it is skipped if no network connection is available.

v23.2.0

Compare Source

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Removed X509StoreFlags.NOTIFY_POLICY. #&#8203;1213 <https://github.com/pyca/pyopenssl/pull/1213>_.

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • cryptography maximum version has been increased to 41.0.x.
  • Invalid versions are now rejected in OpenSSL.crypto.X509Req.set_version.
  • Added X509VerificationCodes to OpenSSL.SSL. #&#8203;1202 <https://github.com/pyca/pyopenssl/pull/1202>_.

v23.1.1

Compare Source

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • Worked around an issue in OpenSSL 3.1.0 which caused X509Extension.get_short_name to raise an exception when no short name was known to OpenSSL. #&#8203;1204 <https://github.com/pyca/pyopenssl/pull/1204>_.

v23.1.0

Compare Source

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • cryptography maximum version has been increased to 40.0.x.
  • Add OpenSSL.SSL.Connection.DTLSv1_get_timeout and OpenSSL.SSL.Connection.DTLSv1_handle_timeout to support DTLS timeouts #&#8203;1180 <https://github.com/pyca/pyopenssl/pull/1180>_.

v23.0.0

Compare Source

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • Add OpenSSL.SSL.X509StoreFlags.PARTIAL_CHAIN constant to allow for users to perform certificate verification on partial certificate chains. #&#8203;1166 <https://github.com/pyca/pyopenssl/pull/1166>_
  • cryptography maximum version has been increased to 39.0.x.

v22.1.0

Compare Source

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Remove support for SSLv2 and SSLv3.
  • The minimum cryptography version is now 38.0.x (and we now pin releases against cryptography major versions to prevent future breakage)
  • The OpenSSL.crypto.X509StoreContextError exception has been refactored, changing its internal attributes. #&#8203;1133 <https://github.com/pyca/pyopenssl/pull/1133>_

Deprecations: ^^^^^^^^^^^^^

  • OpenSSL.SSL.SSLeay_version is deprecated in favor of OpenSSL.SSL.OpenSSL_version. The constants OpenSSL.SSL.SSLEAY_* are deprecated in favor of OpenSSL.SSL.OPENSSL_*.

Changes: ^^^^^^^^

  • Add OpenSSL.SSL.Connection.set_verify and OpenSSL.SSL.Connection.get_verify_mode to override the context object's verification flags. #&#8203;1073 <https://github.com/pyca/pyopenssl/pull/1073>_
  • Add OpenSSL.SSL.Connection.use_certificate and OpenSSL.SSL.Connection.use_privatekey to set a certificate per connection (and not just per context) #&#8203;1121 <https://github.com/pyca/pyopenssl/pull/1121>_.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports