pkgsrc/security/py-tlslite/distinfo

$NetBSD: distinfo,v 1.3 2017/01/01 21:50:30 schmonz Exp $

SHA1 (tlslite-0.4.8.tar.gz) = b20f2a35fe0510a8ee9d1fed2bc1ed6a03a8baba
RMD160 (tlslite-0.4.8.tar.gz) = 8d470941fe4cabd714b12c76a681d19450c3be1d
SHA512 (tlslite-0.4.8.tar.gz) = 03cf5d661f6eff3cd2810146387ce4cc80b45f244129afd0a2c69c4df3428d4a98ce31c4238621e74ca10d07eca3f992c2e5d73441f7a97aa2043f4ca51082a9
Size (tlslite-0.4.8.tar.gz) = 93256 bytes
SHA1 (patch-setup.py) = fdb3ce8d0ce0bbee4e10ef76e768d83d3a180189
SHA1 (patch-tests_httpsserver.sh) = 65f583fa3bbac36cccd5239142219e9551d87549
SHA1 (patch-tests_tlstest.py) = abd577315a1f690fb280b9ed58f0e73e6ebbdf4d
Update to 0.4.8. From the changelog: 0.4.8 - 11/12/2014 - Added more acknowledgements and security considerations 0.4.7 - 11/12/2014 - Added TLS 1.2 support (Yngve Pettersen and Paul Sokolovsky) - Don't offer SSLv3 by default (e.g. POODLE) - Fixed bug with PyCrypto_RSA integration - Fixed harmless bug that added non-prime into sieves list - Added "make test" and "make test-dev" targets (Hubert Kario) 0.4.5 - 3/20/2013 - API CHANGE: TLSClosedConnectionError instead of ValueError when writing to a closed connection. This inherits from socket.error, so should interact better with SocketServer (see http://bugs.python.org/issue14574) and other things expecting a socket.error in this situation. - Added support for RC4-MD5 ciphersuite (if enabled in settings) - This is allegedly necessary to connect to some Internet servers. - Added TLSConnection.unread() function - Switched to New-style classes (inherit from 'object') - Minor cleanups 0.4.4 - 2/25/2013 - Added Python 3 support (Martin von Loewis) - Added NPN client support (Marcelo Fernandez) - Switched to RC4 as preferred cipher - faster in Python, avoids "Lucky 13" timing attacks - Fixed bug when specifying ciphers for anon ciphersuites - Made RSA hashAndVerify() tolerant of sigs w/o encoded NULL AlgorithmParam - (this function is not used for TLS currently, and this tolerance may not even be necessary) 0.4.3 - 9/27/2012 - Minor bugfix (0.4.2 doesn't load tackpy) 0.4.2 - 9/25/2012 - Updated TACK (compatible with tackpy 0.9.9) 0.4.1 - 5/22/2012 - Fixed RSA padding bugs (w/help from John Randolph) - Updated TACK (compatible with tackpy 0.9.7) - Added SNI - Added NPN server support (Sam Rushing/Google) - Added AnonDH (Dimitris Moraitis) - Added X509CertChain.parsePemList - Improved XML-RPC (Kees Bos) 0.4.0 - 2/11/2012 - Fixed pycrypto support - Fixed python 2.6 problems 0.3.9.x - 2/7/2012 Much code cleanup, in particular decomposing the handshake functions so they are readable. The main new feature is support for TACK, an experimental authentication method that provides a new way to pin server certificates (See https://github.com/moxie0/Convergence/wiki/TACK ). Also: - Security Fixes - Sends SCSV ciphersuite as per RFC 5746, to signal non-renegotiated Client Hello. Does not support renegotiation (never has). - Change from e=3 to e=65537 for generated RSA keys, not strictly necessary but mitigates risk of sloppy verifier. - 1/(n-1) countermeasure for BEAST. - Behavior changes: - Split cmdline into tls.py and tlstest.py, improved options. - Formalized LICENSE. - Defaults to closing socket after sending close_notify, fixes hanging. problem that would occur sometime when waiting for other party's close_notify. - Update SRP to RFC 5054 compliance. - Removed client handshake "callbacks", no longer support the SRP re-handshake idiom within a single handshake function. - Bugfixes - Added hashlib support, removes Deprecation Warning due to sha and md5. - Handled GeneratorExit exceptions that are a new Python feature, and interfere with the async code if not handled. - Removed: - Shared keys (it was based on an ancient I-D, not TLS-PSK). - cryptlib support, it wasn't used much, we have enough other options. - cryptoIDs (TACK is better). - win32prng extension module, as os.urandom is now available. - Twisted integration (unused?, slowed down loading). - Jython code (ancient, didn't work). - Compat support for python versions < 2.7. - Additions - Support for TACK via TACKpy. - Support for CertificateRequest.certificate_authorities ("reqCAs") - Added TLSConnection.shutdown() to better mimic socket. - Enabled Session resumption for XMLRPCTransport. 2017-01-01 22:50:30 +01:00			$NetBSD: distinfo,v 1.3 2017/01/01 21:50:30 schmonz Exp $
Initial import of py-tlslite 0.3.8. TLS Lite is a free python library that implements SSL 3.0, TLS 1.0, and TLS 1.1. TLS Lite supports non-traditional authentication methods such as SRP, shared keys, and cryptoIDs in addition to X.509 certificates. TLS Lite is pure Python, however it can access OpenSSL, cryptlib, pycrypto, and GMPY for faster crypto operations. TLS Lite integrates with httplib, xmlrpclib, poplib, imaplib, smtplib, SocketServer, asyncore, and Twisted. 2007-02-28 06:34:25 +01:00
Update to 0.4.8. From the changelog: 0.4.8 - 11/12/2014 - Added more acknowledgements and security considerations 0.4.7 - 11/12/2014 - Added TLS 1.2 support (Yngve Pettersen and Paul Sokolovsky) - Don't offer SSLv3 by default (e.g. POODLE) - Fixed bug with PyCrypto_RSA integration - Fixed harmless bug that added non-prime into sieves list - Added "make test" and "make test-dev" targets (Hubert Kario) 0.4.5 - 3/20/2013 - API CHANGE: TLSClosedConnectionError instead of ValueError when writing to a closed connection. This inherits from socket.error, so should interact better with SocketServer (see http://bugs.python.org/issue14574) and other things expecting a socket.error in this situation. - Added support for RC4-MD5 ciphersuite (if enabled in settings) - This is allegedly necessary to connect to some Internet servers. - Added TLSConnection.unread() function - Switched to New-style classes (inherit from 'object') - Minor cleanups 0.4.4 - 2/25/2013 - Added Python 3 support (Martin von Loewis) - Added NPN client support (Marcelo Fernandez) - Switched to RC4 as preferred cipher - faster in Python, avoids "Lucky 13" timing attacks - Fixed bug when specifying ciphers for anon ciphersuites - Made RSA hashAndVerify() tolerant of sigs w/o encoded NULL AlgorithmParam - (this function is not used for TLS currently, and this tolerance may not even be necessary) 0.4.3 - 9/27/2012 - Minor bugfix (0.4.2 doesn't load tackpy) 0.4.2 - 9/25/2012 - Updated TACK (compatible with tackpy 0.9.9) 0.4.1 - 5/22/2012 - Fixed RSA padding bugs (w/help from John Randolph) - Updated TACK (compatible with tackpy 0.9.7) - Added SNI - Added NPN server support (Sam Rushing/Google) - Added AnonDH (Dimitris Moraitis) - Added X509CertChain.parsePemList - Improved XML-RPC (Kees Bos) 0.4.0 - 2/11/2012 - Fixed pycrypto support - Fixed python 2.6 problems 0.3.9.x - 2/7/2012 Much code cleanup, in particular decomposing the handshake functions so they are readable. The main new feature is support for TACK, an experimental authentication method that provides a new way to pin server certificates (See https://github.com/moxie0/Convergence/wiki/TACK ). Also: - Security Fixes - Sends SCSV ciphersuite as per RFC 5746, to signal non-renegotiated Client Hello. Does not support renegotiation (never has). - Change from e=3 to e=65537 for generated RSA keys, not strictly necessary but mitigates risk of sloppy verifier. - 1/(n-1) countermeasure for BEAST. - Behavior changes: - Split cmdline into tls.py and tlstest.py, improved options. - Formalized LICENSE. - Defaults to closing socket after sending close_notify, fixes hanging. problem that would occur sometime when waiting for other party's close_notify. - Update SRP to RFC 5054 compliance. - Removed client handshake "callbacks", no longer support the SRP re-handshake idiom within a single handshake function. - Bugfixes - Added hashlib support, removes Deprecation Warning due to sha and md5. - Handled GeneratorExit exceptions that are a new Python feature, and interfere with the async code if not handled. - Removed: - Shared keys (it was based on an ancient I-D, not TLS-PSK). - cryptlib support, it wasn't used much, we have enough other options. - cryptoIDs (TACK is better). - win32prng extension module, as os.urandom is now available. - Twisted integration (unused?, slowed down loading). - Jython code (ancient, didn't work). - Compat support for python versions < 2.7. - Additions - Support for TACK via TACKpy. - Support for CertificateRequest.certificate_authorities ("reqCAs") - Added TLSConnection.shutdown() to better mimic socket. - Enabled Session resumption for XMLRPCTransport. 2017-01-01 22:50:30 +01:00			`SHA1 (tlslite-0.4.8.tar.gz) = b20f2a35fe0510a8ee9d1fed2bc1ed6a03a8baba`
			`RMD160 (tlslite-0.4.8.tar.gz) = 8d470941fe4cabd714b12c76a681d19450c3be1d`
			`SHA512 (tlslite-0.4.8.tar.gz) = 03cf5d661f6eff3cd2810146387ce4cc80b45f244129afd0a2c69c4df3428d4a98ce31c4238621e74ca10d07eca3f992c2e5d73441f7a97aa2043f4ca51082a9`
			`Size (tlslite-0.4.8.tar.gz) = 93256 bytes`
			`SHA1 (patch-setup.py) = fdb3ce8d0ce0bbee4e10ef76e768d83d3a180189`
			`SHA1 (patch-tests_httpsserver.sh) = 65f583fa3bbac36cccd5239142219e9551d87549`
			`SHA1 (patch-tests_tlstest.py) = abd577315a1f690fb280b9ed58f0e73e6ebbdf4d`