saymrwulf/cryptography
1
0
Fork 0
mirror of https://github.com/saymrwulf/cryptography.git synced 2026-05-15 20:40:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

closes #6663 -- deprecate openssl 1.1.0 support (#6667)

Browse source
This commit is contained in:
Alex Gaynor 2021-11-27 22:12:47 -06:00 committed by GitHub
parent f16a1600ac
commit bd7e6ad653
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 27 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
CHANGELOG.rst
View file

@ -8,8 +8,11 @@ Changelog
.. note:: This version is not yet released and is under active development.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x. The new
minimum LibreSSL version is 3.1+.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x.
The new minimum LibreSSL version is 3.1+.
* Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by
the OpenSSL project. Support for compiling with OpenSSL 1.1.0 will be
removed in a future release.
.. _v36-0-0:

4
docs/installation.rst
View file

@ -36,6 +36,10 @@ OpenSSL releases:
In addition we test against several versions of LibreSSL and the latest commit
in BoringSSL.
.. warning::
Cryptography 37.0.0 has deprecated support for OpenSSL 1.1.0.
Building cryptography on Windows
--------------------------------

17
src/cryptography/hazmat/bindings/openssl/binding.py
View file

@ -7,6 +7,7 @@ import collections
import threading
import types
import typing
import warnings
import cryptography
from cryptography import utils
@ -179,6 +180,20 @@ class Binding(object):
cls._ensure_ffi_initialized()
def _verify_openssl_version(lib):
if (
lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_111
and not lib.CRYPTOGRAPHY_IS_LIBRESSL
and not lib.CRYPTOGRAPHY_IS_BORINGSSL
):
warnings.warn(
"OpenSSL version 1.1.0 is no longer supported by the OpenSSL "
"project, please upgrade. A future version of cryptography will "
"drop support for it.",
utils.DeprecatedIn37,
)
def _verify_package_version(version):
# Occasionally we run into situations where the version of the Python
# package does not match the version of the shared object that is loaded.
@ -203,3 +218,5 @@ def _verify_package_version(version):
_verify_package_version(cryptography.__version__)
Binding.init_static_locks()
_verify_openssl_version(Binding.lib)

1
src/cryptography/utils.py
View file

@ -25,6 +25,7 @@ PersistentlyDeprecated2017 = CryptographyDeprecationWarning
PersistentlyDeprecated2019 = CryptographyDeprecationWarning
DeprecatedIn35 = CryptographyDeprecationWarning
DeprecatedIn36 = CryptographyDeprecationWarning
DeprecatedIn37 = CryptographyDeprecationWarning
def _check_bytes(name: str, value: bytes) -> None: