[Python-modules-commits] [python-cryptography] 01/05: Import python-cryptography_1.5.2.orig.tar.gz
Tristan Seligmann
mithrandi at moszumanska.debian.org
Sat Oct 1 15:39:11 UTC 2016
This is an automated email from the git hooks/post-receive script.
mithrandi pushed a commit to branch master
in repository python-cryptography.
commit 4f82f6706d10cf0d6bdf8b5a280da80b74b11210
Author: Tristan Seligmann <mithrandi at debian.org>
Date: Sat Oct 1 17:19:27 2016 +0200
Import python-cryptography_1.5.2.orig.tar.gz
---
CHANGELOG.rst | 17 +++++++++++++++++
PKG-INFO | 2 +-
src/_cffi_src/openssl/cryptography.py | 4 ++++
src/_cffi_src/openssl/ssl.py | 5 ++++-
src/cryptography.egg-info/PKG-INFO | 2 +-
src/cryptography/__about__.py | 2 +-
src/cryptography/hazmat/backends/__init__.py | 8 +++++++-
.../hazmat/backends/commoncrypto/backend.py | 2 +-
src/cryptography/hazmat/backends/openssl/backend.py | 2 +-
src/cryptography/hazmat/backends/openssl/ciphers.py | 4 ++--
src/cryptography/hazmat/backends/openssl/ec.py | 2 +-
src/cryptography/hazmat/backends/openssl/encode_asn1.py | 4 ++++
src/cryptography/hazmat/backends/openssl/rsa.py | 2 +-
tests/hazmat/backends/test_openssl.py | 6 +++---
14 files changed, 48 insertions(+), 14 deletions(-)
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 6aeba4f..0bfd328 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -1,6 +1,23 @@
Changelog
=========
+1.5.2 - 2016-09-26
+~~~~~~~~~~~~~~~~~~
+
+* Updated Windows and OS X wheels to be compiled against OpenSSL 1.0.2j.
+
+
+1.5.1 - 2016-09-22
+~~~~~~~~~~~~~~~~~~
+
+* Updated Windows and OS X wheels to be compiled against OpenSSL 1.0.2i.
+* Resolved a ``UserWarning`` when used with cffi 1.8.3.
+* Fixed a memory leak in name creation with X.509.
+* Added a workaround for old versions of setuptools.
+* Fixed an issue preventing ``cryptography`` from compiling against
+ OpenSSL 1.0.2i.
+
+
1.5 - 2016-08-26
~~~~~~~~~~~~~~~~
diff --git a/PKG-INFO b/PKG-INFO
index 570d7a5..3c67042 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: cryptography
-Version: 1.5
+Version: 1.5.2
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: https://github.com/pyca/cryptography
Author: The cryptography developers
diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py
index 6982401..2ab1375 100644
--- a/src/_cffi_src/openssl/cryptography.py
+++ b/src/_cffi_src/openssl/cryptography.py
@@ -32,6 +32,8 @@ INCLUDES = """
(OPENSSL_VERSION_NUMBER < 0x10002000)
#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_102BETA3 \
(OPENSSL_VERSION_NUMBER < 0x10002003)
+#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I \
+ (OPENSSL_VERSION_NUMBER < 0x1000209fL)
#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 \
(OPENSSL_VERSION_NUMBER < 0x10100000)
#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 \
@@ -51,6 +53,8 @@ static const int CRYPTOGRAPHY_OPENSSL_110_OR_GREATER;
static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_101;
+static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I;
+
static const int CRYPTOGRAPHY_IS_LIBRESSL;
"""
diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py
index 6e59d85..db884b3 100644
--- a/src/_cffi_src/openssl/ssl.py
+++ b/src/_cffi_src/openssl/ssl.py
@@ -664,7 +664,10 @@ static const long Cryptography_HAS_SET_CERT_CB = 1;
#endif
-#if defined(OPENSSL_NO_COMP) || defined(LIBRESSL_VERSION_NUMBER)
+/* In OpenSSL 1.0.2i+ the handling of COMP_METHOD when OPENSSL_NO_COMP was
+ changed and we no longer need to typedef void */
+#if (defined(OPENSSL_NO_COMP) && CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I) || \
+ defined(LIBRESSL_VERSION_NUMBER)
static const long Cryptography_HAS_COMPRESSION = 0;
typedef void COMP_METHOD;
#else
diff --git a/src/cryptography.egg-info/PKG-INFO b/src/cryptography.egg-info/PKG-INFO
index 570d7a5..3c67042 100644
--- a/src/cryptography.egg-info/PKG-INFO
+++ b/src/cryptography.egg-info/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: cryptography
-Version: 1.5
+Version: 1.5.2
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: https://github.com/pyca/cryptography
Author: The cryptography developers
diff --git a/src/cryptography/__about__.py b/src/cryptography/__about__.py
index 3c38986..02d6494 100644
--- a/src/cryptography/__about__.py
+++ b/src/cryptography/__about__.py
@@ -14,7 +14,7 @@ __summary__ = ("cryptography is a package which provides cryptographic recipes"
" and primitives to Python developers.")
__uri__ = "https://github.com/pyca/cryptography"
-__version__ = "1.5"
+__version__ = "1.5.2"
__author__ = "The cryptography developers"
__email__ = "cryptography-dev at python.org"
diff --git a/src/cryptography/hazmat/backends/__init__.py b/src/cryptography/hazmat/backends/__init__.py
index 96a431d..e66f9e1 100644
--- a/src/cryptography/hazmat/backends/__init__.py
+++ b/src/cryptography/hazmat/backends/__init__.py
@@ -17,7 +17,13 @@ def _available_backends():
if _available_backends_list is None:
_available_backends_list = [
- ep.resolve()
+ # DeprecatedIn16
+ # setuptools 11.3 deprecated support for the require parameter to
+ # load(), and introduced the new resolve() method instead.
+ # We previously removed this fallback, but users are having issues
+ # where Python loads an older setuptools due to various syspath
+ # weirdness.
+ ep.resolve() if hasattr(ep, "resolve") else ep.load(require=False)
for ep in pkg_resources.iter_entry_points(
"cryptography.backends"
)
diff --git a/src/cryptography/hazmat/backends/commoncrypto/backend.py b/src/cryptography/hazmat/backends/commoncrypto/backend.py
index 1205b6a..838e572 100644
--- a/src/cryptography/hazmat/backends/commoncrypto/backend.py
+++ b/src/cryptography/hazmat/backends/commoncrypto/backend.py
@@ -133,7 +133,7 @@ class Backend(object):
def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations,
key_material):
alg_enum = self._supported_pbkdf2_hmac_algorithms[algorithm.name]
- buf = self._ffi.new("char[]", length)
+ buf = self._ffi.new("uint8_t[]", length)
res = self._lib.CCKeyDerivationPBKDF(
self._lib.kCCPBKDF2,
key_material,
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index a1de1a8..11812eb 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -292,7 +292,7 @@ class Backend(object):
def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations,
key_material):
- buf = self._ffi.new("char[]", length)
+ buf = self._ffi.new("unsigned char[]", length)
evp_md = self._lib.EVP_get_digestbyname(
algorithm.name.encode("ascii"))
self.openssl_assert(evp_md != self._ffi.NULL)
diff --git a/src/cryptography/hazmat/backends/openssl/ciphers.py b/src/cryptography/hazmat/backends/openssl/ciphers.py
index 9e074db..f908f92 100644
--- a/src/cryptography/hazmat/backends/openssl/ciphers.py
+++ b/src/cryptography/hazmat/backends/openssl/ciphers.py
@@ -185,8 +185,8 @@ class _AESCTRCipherContext(object):
cipher.key, len(cipher.key) * 8, self._key
)
self._backend.openssl_assert(res == 0)
- self._ecount = self._backend._ffi.new("char[]", 16)
- self._nonce = self._backend._ffi.new("char[16]", mode.nonce)
+ self._ecount = self._backend._ffi.new("unsigned char[]", 16)
+ self._nonce = self._backend._ffi.new("unsigned char[16]", mode.nonce)
self._num = self._backend._ffi.new("unsigned int *", 0)
def update(self, data):
diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py
index 1e45e40..aa5267b 100644
--- a/src/cryptography/hazmat/backends/openssl/ec.py
+++ b/src/cryptography/hazmat/backends/openssl/ec.py
@@ -102,7 +102,7 @@ class _ECDSASignatureContext(object):
max_size = self._backend._lib.ECDSA_size(ec_key)
self._backend.openssl_assert(max_size > 0)
- sigbuf = self._backend._ffi.new("char[]", max_size)
+ sigbuf = self._backend._ffi.new("unsigned char[]", max_size)
siglen_ptr = self._backend._ffi.new("unsigned int[]", 1)
res = self._backend._lib.ECDSA_sign(
0,
diff --git a/src/cryptography/hazmat/backends/openssl/encode_asn1.py b/src/cryptography/hazmat/backends/openssl/encode_asn1.py
index 944dedc..467aa88 100644
--- a/src/cryptography/hazmat/backends/openssl/encode_asn1.py
+++ b/src/cryptography/hazmat/backends/openssl/encode_asn1.py
@@ -85,6 +85,10 @@ def _encode_name(backend, attributes):
subject = backend._lib.X509_NAME_new()
for attribute in attributes:
name_entry = _encode_name_entry(backend, attribute)
+ # X509_NAME_add_entry dups the object so we need to gc this copy
+ name_entry = backend._ffi.gc(
+ name_entry, backend._lib.X509_NAME_ENTRY_free
+ )
res = backend._lib.X509_NAME_add_entry(subject, name_entry, -1, 0)
backend.openssl_assert(res == 1)
return subject
diff --git a/src/cryptography/hazmat/backends/openssl/rsa.py b/src/cryptography/hazmat/backends/openssl/rsa.py
index a85f7da..ba830dd 100644
--- a/src/cryptography/hazmat/backends/openssl/rsa.py
+++ b/src/cryptography/hazmat/backends/openssl/rsa.py
@@ -103,7 +103,7 @@ def _enc_dec_rsa_pkey_ctx(backend, key, data, padding_enum, padding):
backend.openssl_assert(res > 0)
outlen = backend._ffi.new("size_t *", buf_size)
- buf = backend._ffi.new("char[]", buf_size)
+ buf = backend._ffi.new("unsigned char[]", buf_size)
res = crypt(pkey_ctx, buf, outlen, data, len(data))
if res <= 0:
_handle_rsa_enc_dec_error(backend, key)
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index 4ec8d84..db3c19b 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -182,7 +182,7 @@ class TestOpenSSL(object):
assert size == length
return sample_data
monkeypatch.setattr(os, "urandom", notrandom)
- buf = backend._ffi.new("char[]", length)
+ buf = backend._ffi.new("unsigned char[]", length)
backend._lib.RAND_bytes(buf, length)
assert backend._ffi.buffer(buf)[0:length] == sample_data
@@ -247,7 +247,7 @@ class TestOpenSSLRandomEngine(object):
def test_osrandom_sanity_check(self):
# This test serves as a check against catastrophic failure.
- buf = backend._ffi.new("char[]", 500)
+ buf = backend._ffi.new("unsigned char[]", 500)
res = backend._lib.RAND_bytes(buf, 500)
assert res == 1
assert backend._ffi.buffer(buf)[:] != "\x00" * 500
@@ -729,7 +729,7 @@ class TestGOSTCertificate(object):
backend
)
if (
- not backend._lib.CRYPTOGRAPHY_OPENSSL_110_OR_GREATER or
+ backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I or
backend._lib.CRYPTOGRAPHY_IS_LIBRESSL
):
with pytest.raises(ValueError) as exc:
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-cryptography.git
More information about the Python-modules-commits
mailing list