summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Add NOTICE to MANIFEST.inadd-noticeHynek Schlawack2019-07-291-1/+1
|
* Create NOTICEHynek Schlawack2019-07-291-0/+5
|
* Mark this test as flaky (#850)Alex Gaynor2019-07-061-0/+3
|
* Update SSL.py docstring (#849)Daniel Holth2019-07-051-1/+1
|
* Run tests in random order to weed out issues (#842)Alex Gaynor2019-06-022-1/+7
|
* Remove deleted files from MANIFEST.in (#841)Alex Gaynor2019-05-201-3/+0
|
* Delete .mention-bot (#840)Alex Gaynor2019-05-191-3/+0
|
* Delete examples/simple/ (#837)Alex Gaynor2019-05-193-184/+0
| | | | | | | | * Delete README * Delete client.py * Delete server.py
* Delete examples/sni/ (#838)Alex Gaynor2019-05-197-188/+0
| | | | | | | | | | | | | | | | * Delete README * Delete another.invalid.crt * Delete another.invalid.key * Delete client.py * Delete example.invalid.crt * Delete example.invalid.key * Delete server.py
* Delete README.rst (#839)Alex Gaynor2019-05-191-56/+0
|
* Delete SecureXMLRPCServer.py (#836)Alex Gaynor2019-05-191-115/+0
|
* Delete proxy.py (#835)Alex Gaynor2019-05-191-79/+0
|
* Delete certgen.py (#834)Alex Gaynor2019-05-191-84/+0
|
* Delete mk_simple_certs which is definitely not the pyca recommended way to ↵Alex Gaynor2019-05-191-50/+0
| | | | generate certs (#833)
* Remove tests of long functionality (#832)Alex Gaynor2019-05-191-117/+0
| | | These don't actually cover any code.
* Make test_ssl pass in an IPv6-only environment (#827)David Benjamin2019-04-151-20/+38
| | | | | | | | | | | | * Make test_ssl pass in an IPv6-only environment * Review comments * Update tests/test_ssl.py Co-Authored-By: davidben <davidben@davidben.net> * Wrap long line with parens.
* skip NPN tests if NPN is not available (#822)Paul Kehrer2019-02-261-0/+3
| | | | | | * skip NPN tests if NPN is not available * use the right name
* OpenSSL always has SNI (#821)Alex Gaynor2019-02-221-8/+0
|
* Deprecated NPN (#820)Alex Gaynor2019-02-222-1/+12
| | | | | | | | | | * Deprecated NPN * arithmetic is hard * oops * oops
* Raise an Error with "no cipher match" even with TLS 1.3 (#818)Mark Williams2019-02-142-12/+34
| | | | | | | | | | | * Raise an Error with "no cipher match" even with TLS 1.3 This makes Twisted's OpenSSLAcceptableCiphers.fromOpenSSLCipherString and seamlessly work with TLS 1.3: https://github.com/twisted/twisted/pull/1100/files/a5df2fb373ac67b0e3032acc9291ae88dfd0b3b1#diff-df501bac724aab523150498f84749b88R1767 * Split TestContext.test_set_cipher_list_wrong_args into two tests.
* Make all of the examples py3 syntax friendly (#816)Alex Gaynor2019-02-103-15/+21
|
* Removed deprecated Type aliases (#814)Alex Gaynor2019-02-075-150/+35
| | | | | | | | | | | | * Removed deprecated Type aliases * typo * typo * missed this somehow * Line wrap
* Update install docs for suppoted versions of OpenSSL (#813)Alex Gaynor2019-02-021-5/+1
|
* Update test for us not supporting 0.9.8 (#812)Alex Gaynor2019-02-021-4/+2
|
* Provide a valid digest option (#811)Wayne Werner2019-01-301-1/+1
| | | 2566 is not a valid digest, whoops!
* more infra changes (#809)Paul Kehrer2019-01-211-21/+14
| | | | | | | | | | | | * more infra changes * upgrade pypy * still run a test against 1.0.1 * we don't need this builder * ...
* Reopen master for 19.1 (#810)Alex Gaynor2019-01-212-1/+25
|
* release 19.0.0 (#808)19.0.0Paul Kehrer2019-01-212-2/+2
|
* changelog and call it 19 now (#807)Paul Kehrer2019-01-212-3/+7
|
* upgrade macos builders to newer travis image (#806)Paul Kehrer2019-01-211-2/+2
|
* add key types consts (#776)Igr2019-01-211-0/+2
|
* Fixes incorrect rtype in documentation (#802)Gaurav Malhotra2019-01-211-2/+2
| | | | | rtype for the following was incorrect: X509Req.from_cryptography X509.from_cryptography
* Handle NULL bytes in get_components() values (#804)Romuald Brunet2019-01-212-5/+16
| | | | | | | | | | | * Handle NULL bytes in get_components() values Some old software may generate "bogus" CN with each character preceded by a NULL. This is already handled in commonName, but wasn't in get_components() * review fixes (fix py3 test & avoid unpack/cast)
* Hypothetically fixes pyOpenSSL tests (#805)Paul Kehrer2019-01-215-32/+52
| | | | | | | | | | | | | | | * fix openssl CLI testing for 1.1.1 * various 1.1.1 related fixes some of which are just admitting TLS 1.3 is fundamentally different and pinning the tests to TLS 1.2 * flake8 fixes * allow travis_infra env var through * fix twisted
* Update OpenSSL manpage link to x509v3_config (#789)Cyril Stoller2018-08-271-1/+1
|
* Add note on zero-based certificate version value (#790)Cyril Stoller2018-08-271-1/+2
|
* X509Store.add_cert no longer raises an error on duplicate cert (#787)Paul Kehrer2018-08-233-7/+16
| | | | | | * X509Store.add_cert no longer raises an error on duplicate cert * move changelog entry
* Fixes #784 -- bump minimum cryptography version (#785)Alex Gaynor2018-08-102-2/+2
|
* fix wantWriteError to error even with big socket buffers (#782)catern2018-08-091-1/+1
| | | | | | | My system apparently has larger socket buffers than this test assumes, so it fails. (Debian 9, Linux 4.16, Python 3.7) So let's increase the size of the buffers such that it works for me. This was the smallest power of 2 that worked.
* Added py37 (#772)Alex Gaynor2018-07-043-1/+15
| | | | | | | | * Added py37 to travis * Added py37 trove classifier * Added py37 to tox
* Only allocate exponent in the TYPE_RSA path. (#767)David Benjamin2018-06-051-5/+5
| | | Not much point in making it otherwise.
* Tone down the comment around SSL_set_tlsext_status_ocsp_resp. (#764)David Benjamin2018-05-221-7/+2
| | | | | | | | | The ownership semantics of SSL_set_tlsext_status_ocsp_resp are not as complex as the comment suggests. There's no leak or complex lifetime. It's an ownership transfer of an OPENSSL_malloc'd buffer. The documentation is lacking, and making the copy internally would have been tidier (though less efficient if the OCSP response where generated by i2d_OCSP_RESPONSE), but this sort of thing has precedent in OpenSSL's API.
* Fix SSL_CTX_set_tlsext_servername_callback type signature. (#763)David Benjamin2018-05-221-1/+1
| | | | | | See also https://github.com/pyca/cryptography/pull/4227. I suspect this is a no-op since cffi is probably just generating its own function stubs and every ABI makes const and non-const pointers the same. Still, better to match things.
* reopen master for 18.1 (#761)Paul Kehrer2018-05-162-1/+25
| | | | | | * reopen master for 18.1 * there are four dashes
* 18.0.0 release time (#760)18.0.0Paul Kehrer2018-05-162-2/+2
|
* tell people to stop using this where possible (#759)Paul Kehrer2018-05-161-1/+5
| | | | | | | | * tell people to stop using this where possible * links require actual linking * bolding
* Add Connection.get_certificate method (#733)Jeremy Lainé2018-05-163-0/+39
| | | | | | | | This makes it possible to retrieve the local certificate (if any) for a Connection. An example where this is useful is when negotiating a DTLS-SRTP connection, the fingerprint of the local certificate needs to be communicated to the remote party out-of-band via SDP.
* Make sure a NotImplementedError is always raised on Connection.makefile() (#744)Ayke2018-05-161-1/+1
| | | | | | | | | | | * Make sure a NotImplementedError is always raised on Connection.makefile With this patch, code which calls (for example) conn.makefile('rb') will get a NotImplementedError instead of a confusing TypeError: TypeError: makefile() takes 1 positional argument but 2 were given * ignore any args/kwargs passed
* Add Context.set_tlsext_use_srtp (#734)Jeremy Lainé2018-05-163-0/+46
| | | | This allows negotiating SRTP keying material, which is useful when using DTLS-SRTP, as WebRTC does for example.
* make codecov stop commenting (#756)Paul Kehrer2018-05-142-1/+2
| | | | | | * make codecov stop commenting * *shakes fist at manifest.in*
View Lorry Controller Status