Add OpenSSL.SSL.X509StoreFlags.PARTIAL_CHAIN constant to allow for users
to perform certificate verification on partial certificate chains.
[#1166](https://github.com/pyca/pyopenssl/issues/1166) <https://github.com/pyca/pyopenssl/pull/1166>_
cryptography maximum version has been increased to 39.0.x.
The minimum cryptography version is now 38.0.x (and we now pin releases
against cryptography major versions to prevent future breakage)
The OpenSSL.crypto.X509StoreContextError exception has been refactored,
changing its internal attributes.
[#1133](https://github.com/pyca/pyopenssl/issues/1133) <https://github.com/pyca/pyopenssl/pull/1133>_
Deprecations:
^^^^^^^^^^^^^
OpenSSL.SSL.SSLeay_version is deprecated in favor of
OpenSSL.SSL.OpenSSL_version. The constants OpenSSL.SSL.SSLEAY_* are
deprecated in favor of OpenSSL.SSL.OPENSSL_*.
Changes:
^^^^^^^^
Add OpenSSL.SSL.Connection.set_verify and OpenSSL.SSL.Connection.get_verify_mode
to override the context object's verification flags.
[#1073](https://github.com/pyca/pyopenssl/issues/1073) <https://github.com/pyca/pyopenssl/pull/1073>_
Add OpenSSL.SSL.Connection.use_certificate and OpenSSL.SSL.Connection.use_privatekey
to set a certificate per connection (and not just per context) [#1121](https://github.com/pyca/pyopenssl/issues/1121) <https://github.com/pyca/pyopenssl/pull/1121>_.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps pyopenssl from 22.0.0 to 23.0.0.
Changelog
Sourced from pyopenssl's changelog.
Commits
f7e6a4d
23.0.0 version bump (#1175)3052995
fixes #1173 (#1174)d2f0aec
Fix CRL nextUpdate handling. (#1169)4aae795
Fix some memory leaks in CRL.export (#1170)1cafac4
Add support for X509_V_FLAG_PARTIAL_CHAIN (#1166)81c9eb1
fixes for tox4 (#1167)6c0772a
Bump dessant/lock-threads from 3 to 4 (#1165)8a75898
Make some handshakes in tests less flaky. (#1163)8ba3392
run Python 3.6 CI on Ubuntu 20.04 (#1164)3da4d1d
Add support for Python 3.11 (#1161)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)