diff options
author | Aaron Gable <aaron@aarongable.com> | 2021-11-25 01:46:11 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-11-25 01:46:11 +0300 |
commit | 7d3a344d4314a19f49c706f6c82959ba6ce93451 (patch) | |
tree | d1ba14b9a73bf896a8532dd269341638f5fad361 | |
parent | 250d7b15420e96a09dbb8d615054530a42b1bf30 (diff) |
Update py cryptography to >=2.5.0 (#9110)
* Update py cryptography to >=2.5.0
* Review feedback
-rw-r--r-- | acme/setup.py | 2 | ||||
-rw-r--r-- | certbot/certbot/ocsp.py | 11 | ||||
-rw-r--r-- | certbot/setup.py | 2 | ||||
-rw-r--r-- | certbot/tests/ocsp_test.py | 12 | ||||
-rwxr-xr-x | letstest/scripts/test_sdists.sh | 1 | ||||
-rw-r--r-- | tools/oldest_constraints.txt | 73 | ||||
-rw-r--r-- | tools/pinning/oldest/pyproject.toml | 2 |
7 files changed, 43 insertions, 60 deletions
diff --git a/acme/setup.py b/acme/setup.py index 86870abae..bf37e6804 100644 --- a/acme/setup.py +++ b/acme/setup.py @@ -6,7 +6,7 @@ from setuptools import setup version = '1.22.0.dev0' install_requires = [ - 'cryptography>=2.1.4', + 'cryptography>=2.5.0', 'josepy>=1.9.0', 'PyOpenSSL>=17.3.0', 'pyrfc3339', diff --git a/certbot/certbot/ocsp.py b/certbot/certbot/ocsp.py index 84068ebf1..51d486b6b 100644 --- a/certbot/certbot/ocsp.py +++ b/certbot/certbot/ocsp.py @@ -14,6 +14,7 @@ from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import serialization +from cryptography.x509 import ocsp import pytz import requests @@ -23,14 +24,6 @@ from certbot import util from certbot.compat.os import getenv from certbot.interfaces import RenewableCert # pylint: disable=unused-import -try: - # Only cryptography>=2.5 has ocsp module - # and signature_hash_algorithm attribute in OCSPResponse class - from cryptography.x509 import ocsp # pylint: disable=ungrouped-imports - getattr(ocsp.OCSPResponse, 'signature_hash_algorithm') -except (ImportError, AttributeError): # pragma: no cover - ocsp = None # type: ignore - logger = logging.getLogger(__name__) @@ -40,7 +33,7 @@ class RevocationChecker: def __init__(self, enforce_openssl_binary_usage: bool = False) -> None: self.broken = False - self.use_openssl_binary = enforce_openssl_binary_usage or not ocsp + self.use_openssl_binary = enforce_openssl_binary_usage if self.use_openssl_binary: if not util.exe_exists("openssl"): diff --git a/certbot/setup.py b/certbot/setup.py index 5a6823053..0fb00c058 100644 --- a/certbot/setup.py +++ b/certbot/setup.py @@ -50,7 +50,7 @@ install_requires = [ # in which we added 2.6 support (see #2243), so we relax the requirement. 'ConfigArgParse>=0.9.3', 'configobj>=5.0.6', - 'cryptography>=2.1.4', + 'cryptography>=2.5.0', 'distro>=1.0.1', 'josepy>=1.9.0', 'parsedatetime>=2.4', diff --git a/certbot/tests/ocsp_test.py b/certbot/tests/ocsp_test.py index e47b99f3b..c102667bc 100644 --- a/certbot/tests/ocsp_test.py +++ b/certbot/tests/ocsp_test.py @@ -10,6 +10,7 @@ from cryptography.exceptions import InvalidSignature from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes +from cryptography.x509 import ocsp as ocsp_lib import pytz from certbot import errors @@ -21,15 +22,6 @@ except ImportError: # pragma: no cover from unittest import mock -try: - # Only cryptography>=2.5 has ocsp module - # and signature_hash_algorithm attribute in OCSPResponse class - from cryptography.x509 import ocsp as ocsp_lib # pylint: disable=import-error - getattr(ocsp_lib.OCSPResponse, 'signature_hash_algorithm') -except (ImportError, AttributeError): # pragma: no cover - ocsp_lib = None # type: ignore - - out = """Missing = in header key=value ocsp: Use -help for summary. """ @@ -139,8 +131,6 @@ class OCSPTestOpenSSL(unittest.TestCase): self.assertEqual(mock_log.info.call_count, 1) -@unittest.skipIf(not ocsp_lib, - reason='This class tests functionalities available only on cryptography>=2.5.0') class OSCPTestCryptography(unittest.TestCase): """ OCSP revokation tests using Cryptography >= 2.4.0 diff --git a/letstest/scripts/test_sdists.sh b/letstest/scripts/test_sdists.sh index 562169524..addc59095 100755 --- a/letstest/scripts/test_sdists.sh +++ b/letstest/scripts/test_sdists.sh @@ -29,7 +29,6 @@ if [ -f /etc/redhat-release ] && [ "$(. /etc/os-release 2> /dev/null && echo "$V sed -i 's|pyopenssl==.*|pyopenssl==19.1.0|g' "$CONSTRAINTS" fi - PLUGINS="certbot-apache certbot-nginx" # build sdists for pkg_dir in acme certbot $PLUGINS; do diff --git a/tools/oldest_constraints.txt b/tools/oldest_constraints.txt index 9cdf9f81d..819cbfda6 100644 --- a/tools/oldest_constraints.txt +++ b/tools/oldest_constraints.txt @@ -2,10 +2,10 @@ # that script. apacheconfig==0.3.2 asn1crypto==0.24.0 -astroid==2.7.3; python_version >= "3.6" and python_version < "4.0" +astroid==2.8.6; python_version >= "3.6" and python_version < "4.0" atomicwrites==1.4.0; python_version >= "3.6" and python_full_version < "3.0.0" and sys_platform == "win32" or sys_platform == "win32" and python_version >= "3.6" and python_full_version >= "3.4.0" attrs==21.2.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" -backports.entry-points-selectable==1.1.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.5.0" +backports.entry-points-selectable==1.1.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.5.0" bcrypt==3.2.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" boto3==1.4.7 botocore==1.7.41 @@ -16,10 +16,10 @@ cloudflare==1.5.1 colorama==0.4.4; python_version >= "3.6" and python_full_version < "3.0.0" and sys_platform == "win32" or python_full_version >= "3.5.0" and python_version >= "3.6" and sys_platform == "win32" or python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4.0" and sys_platform == "win32" or python_version >= "3.6" and python_version < "4.0" and sys_platform == "win32" and python_full_version >= "3.5.0" configargparse==0.10.0 configobj==5.0.6 -coverage==5.5; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version < "4" and python_version >= "3.6" -cryptography==2.1.4 +coverage==6.1.2; python_version >= "3.6" or python_version >= "3.6" +cryptography==3.2.1; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.5.0") cython==0.29.24; (python_version >= "2.6" and python_full_version < "3.0.0") or (python_full_version >= "3.3.0") -distlib==0.3.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.5.0" +distlib==0.3.3; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.5.0" distro==1.0.1 dns-lexicon==3.2.1 dnspython==1.15.0 @@ -28,21 +28,21 @@ docker-pycreds==0.4.0; python_version >= "3.6" and python_full_version < "3.0.0" docker==3.7.3; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" dockerpty==0.4.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" docopt==0.6.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" -docutils==0.17.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" +docutils==0.18.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" execnet==1.9.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" -filelock==3.0.12; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.5.0" or python_version >= "3.6" +filelock==3.4.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.5.0" or python_version >= "3.6" funcsigs==0.4 future==0.18.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.3.0" and python_version >= "3.6" google-api-python-client==1.5.5 httplib2==0.9.2 idna==2.6 -importlib-metadata==4.8.1; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "3.8" or python_version >= "3.6" and python_full_version >= "3.5.0" and python_version < "3.8" or python_version < "3.8" and python_version >= "3.6" -importlib-resources==5.2.2; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "3.7" or python_version >= "3.6" and python_full_version >= "3.5.0" and python_version < "3.7" +importlib-metadata==4.8.2; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "3.8" or python_version >= "3.6" and python_full_version >= "3.5.0" and python_version < "3.8" or python_version < "3.8" and python_version >= "3.6" +importlib-resources==5.4.0; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "3.7" or python_version >= "3.6" and python_full_version >= "3.5.0" and python_version < "3.7" iniconfig==1.1.1; python_version >= "3.6" ipaddress==1.0.16 isort==5.8.0; python_version >= "3.6" and python_version < "4.0" jmespath==0.10.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.3.0" and python_version >= "3.6" -josepy==1.9.0; python_version >= "3.6" +josepy==1.11.0; python_version >= "3.6" jsonschema==2.6.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" lazy-object-proxy==1.6.0; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4.0" or python_version >= "3.6" and python_version < "4.0" and python_full_version >= "3.6.0" logger==1.4; python_version >= "3.6" @@ -52,65 +52,66 @@ mypy-extensions==0.4.3; python_version >= "3.6" mypy==0.910; python_version >= "3.6" ndg-httpsclient==0.3.2 oauth2client==4.0.0 -packaging==21.0; python_version >= "3.6" -paramiko==2.4.3; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" +packaging==21.3; python_version >= "3.6" +paramiko==2.8.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" parsedatetime==2.4 pbr==1.8.0 -pip==21.2.4; python_version >= "3.6" -platformdirs==2.3.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.5.0" or python_version >= "3.6" and python_version < "4.0" +pip==21.3.1; python_version >= "3.6" +platformdirs==2.4.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.5.0" or python_version >= "3.6" and python_version < "4.0" pluggy==1.0.0; python_version >= "3.6" ply==3.4 -py==1.10.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" or python_full_version >= "3.5.0" and python_version >= "3.6" +py==1.11.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" pyasn1-modules==0.0.10; python_version >= "3.6" pyasn1==0.1.9 pycparser==2.14 -pylint==2.10.2; python_version >= "3.6" and python_version < "4.0" +pylint==2.11.1; python_version >= "3.6" and python_version < "4.0" pynacl==1.4.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" pyopenssl==17.3.0 pyparsing==2.2.0 pypiwin32==223; sys_platform == "win32" and python_version >= "3.6" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6") pyrfc3339==1.0 -pytest-cov==2.12.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" +pytest-cov==3.0.0; python_version >= "3.6" or python_version >= "3.6" pytest-forked==1.3.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" -pytest-xdist==2.3.0; python_version >= "3.6" or python_version >= "3.6" +pytest-xdist==2.4.0; python_version >= "3.6" or python_version >= "3.6" pytest==6.2.5; python_version >= "3.6" or python_version >= "3.6" or python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" python-augeas==0.5.0 python-dateutil==2.8.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.3.0" and python_version >= "3.6" python-digitalocean==1.11 pytz==2012c -pywin32==301; sys_platform == "win32" and python_version >= "3.6" or sys_platform == "win32" and python_version >= "3.6" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6") +pywin32==302; sys_platform == "win32" and python_version >= "3.6" or sys_platform == "win32" and python_version >= "3.6" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6") pyyaml==3.13; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" or python_version >= "3.6" requests-file==1.5.1; python_version >= "3.6" requests-toolbelt==0.9.1; python_version >= "3.6" requests==2.14.2 -rsa==4.7.2; python_version >= "3.6" and python_version < "4" +rsa==4.8; python_version >= "3.6" and python_version < "4" s3transfer==0.1.13; python_version >= "3.6" setuptools==39.0.1; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.3.0") six==1.11.0 texttable==0.9.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" tldextract==3.1.2; python_version >= "3.6" -toml==0.10.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.3.0" and python_version >= "3.6" or python_full_version >= "3.5.0" and python_version >= "3.6" or python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4.0" or python_version >= "3.6" and python_version < "4.0" and python_full_version >= "3.3.0" +toml==0.10.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.3.0" and python_version >= "3.6" or python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4.0" or python_version >= "3.6" and python_version < "4.0" and python_full_version >= "3.3.0" +tomli==1.2.2; python_version >= "3.6" tox==1.9.2; python_version >= "3.6" typed-ast==1.4.3; python_version >= "3.6" and python_version < "3.8" or implementation_name == "cpython" and python_version < "3.8" and python_version >= "3.6" -types-cryptography==3.3.5; python_version >= "3.6" -types-enum34==1.1.0; python_version >= "3.6" -types-ipaddress==1.0.0; python_version >= "3.6" -types-mock==4.0.1; python_version >= "3.6" -types-pyopenssl==20.0.6; python_version >= "3.6" -types-pyrfc3339==0.1.2; python_version >= "3.6" -types-python-dateutil==2.8.0; python_version >= "3.6" -types-pytz==2021.1.2; python_version >= "3.6" -types-requests==2.25.6; python_version >= "3.6" -types-setuptools==57.0.2; python_version >= "3.6" -types-six==1.16.1; python_version >= "3.6" -typing-extensions==3.10.0.2; python_version >= "3.6" or python_version < "3.8" and python_version >= "3.6" +types-cryptography==3.3.9; python_version >= "3.6" +types-enum34==1.1.1; python_version >= "3.6" +types-ipaddress==1.0.1; python_version >= "3.6" +types-mock==4.0.3; python_version >= "3.6" +types-pyopenssl==21.0.1; python_version >= "3.6" +types-pyrfc3339==1.1.0; python_version >= "3.6" +types-python-dateutil==2.8.3; python_version >= "3.6" +types-pytz==2021.3.1; python_version >= "3.6" +types-requests==2.26.0; python_version >= "3.6" +types-setuptools==57.4.3; python_version >= "3.6" +types-six==1.16.2; python_version >= "3.6" +typing-extensions==4.0.0; python_version >= "3.6" or python_version >= "3.6" and python_version < "3.10" or python_version < "3.8" and python_version >= "3.6" uritemplate==3.0.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" urllib3==1.10.2 -virtualenv==20.7.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.5.0" +virtualenv==20.10.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.5.0" websocket-client==0.59.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" wheel==0.33.6; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.4.0") -wrapt==1.12.1; python_version >= "3.6" and python_version < "4.0" -zipp==3.5.0; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "3.7" or python_version >= "3.6" and python_full_version >= "3.5.0" and python_version < "3.7" or python_version < "3.8" and python_version >= "3.6" +wrapt==1.13.3; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4.0" or python_version >= "3.6" and python_version < "4.0" and python_full_version >= "3.5.0" +zipp==3.6.0; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "3.7" or python_version >= "3.6" and python_full_version >= "3.5.0" and python_version < "3.7" or python_version < "3.8" and python_version >= "3.6" zope.component==4.1.0 zope.event==4.0.3 zope.hookable==4.0.4 diff --git a/tools/pinning/oldest/pyproject.toml b/tools/pinning/oldest/pyproject.toml index 70ec89729..601b4d185 100644 --- a/tools/pinning/oldest/pyproject.toml +++ b/tools/pinning/oldest/pyproject.toml @@ -60,7 +60,7 @@ cffi = "1.9.1" chardet = "2.2.1" cloudflare = "1.5.1" configobj = "5.0.6" -cryptography = "2.1.4" +cryptography = "3.2.1" distro = "1.0.1" dns-lexicon = "3.2.1" dnspython = "1.15.0" |