diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-12-31 17:52:35 -0500 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-12-31 17:52:35 -0500 |
commit | 46f4ab064a4cfcaf330e9cb5a037ed44d9a36818 (patch) | |
tree | 232333def522387ff7b0f11c61e53f4b9a7611f7 | |
parent | e22309c15e6e3725463d4884a1867c2f3089346b (diff) | |
parent | f23722aed85705f1a21cbf14da1bb8fc398ccd85 (diff) | |
download | cryptography-46f4ab064a4cfcaf330e9cb5a037ed44d9a36818.tar.gz cryptography-46f4ab064a4cfcaf330e9cb5a037ed44d9a36818.tar.bz2 cryptography-46f4ab064a4cfcaf330e9cb5a037ed44d9a36818.zip |
Merge pull request #2613 from reaperhulk/warn-on-openssl-lt-101
deprecationwarning for OpenSSL < 1.0.1 as upstream has dropped support
-rw-r--r-- | CHANGELOG.rst | 4 | ||||
-rw-r--r-- | src/cryptography/hazmat/bindings/openssl/binding.py | 9 |
2 files changed, 13 insertions, 0 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 07b4f5a8..717c9e71 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -17,6 +17,10 @@ Changelog * :class:`~cryptography.x509.CertificateIssuer` * :class:`~cryptography.x509.CRLReason` * :class:`~cryptography.x509.InvalidityDate` +* Deprecated support for OpenSSL 0.9.8 and 1.0.0. At this time there is no time + table for actually dropping support, however we strongly encourage all users + to upgrade, as those versions no longer receives support from the OpenSSL + project. * The :class:`~cryptography.x509.Certificate` class now has :attr:`~cryptography.x509.Certificate.signature` and :attr:`~cryptography.x509.Certificate.tbs_certificate_bytes` attributes. diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 07b6b9ac..8e419439 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -8,6 +8,7 @@ import collections import os import threading import types +import warnings from cryptography.exceptions import InternalError from cryptography.hazmat.bindings._openssl import ffi, lib @@ -180,3 +181,11 @@ class Binding(object): # condition registering the OpenSSL locks. On Python 3.4+ the import lock # is per module so this approach will not work. Binding.init_static_locks() + +if Binding.lib.SSLeay() < 0x10001000: + warnings.warn( + "OpenSSL versions less than 1.0.1 are no longer supported by the " + "OpenSSL project, please upgrade. A future version of cryptography " + "will drop support for these versions.", + DeprecationWarning + ) |