upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-05-28 04:34:11 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Deprecate parameter enforce_openssl_binary_usage (#10300)

Browse source 
Part of https://github.com/certbot/certbot/issues/10291
This commit is contained in:
Jacob Hoffman-Andrews 2025-05-29 13:28:48 -07:00 committed by GitHub
parent 7a27a67cdb
commit dbd0c6fce8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
certbot/CHANGELOG.md
View file

@ -18,6 +18,7 @@ Certbot adheres to [Semantic Versioning](https://semver.org/).
* Deprecated `acme.crypto_util.SSLSocket`
* Deprecated `acme.standalone.TLSServer`
* Deprecated `acme.standalone.TLSALPN01Server`
* Deprecated parameter `enforce_openssl_binary_usage` from certbot.ocsp.RevocationChecker.
* Dropped support for Python 3.9.0 and 3.9.1 for compatibility with newer
versions of the cryptography Python package. Python 3.9.2+ is still
supported.

5
certbot/src/certbot/ocsp.py
View file

@ -7,6 +7,7 @@ import subprocess
from subprocess import PIPE
from typing import Optional
from typing import Tuple
import warnings
from cryptography import x509
from cryptography.exceptions import InvalidSignature
@ -32,6 +33,10 @@ class RevocationChecker:
def __init__(self, enforce_openssl_binary_usage: bool = False) -> None:
self.broken = False
if enforce_openssl_binary_usage:
warnings.warn("enforce_openssl_binary_usage parameter is deprecated "
"and will be removed in an upcoming certbot major version update",
DeprecationWarning)
self.use_openssl_binary = enforce_openssl_binary_usage
if self.use_openssl_binary:

3
pytest.ini
View file

@ -25,6 +25,8 @@
# 6 - 11) Planning to remove unused TLS-ALPN support in acme.
# See https://github.com/certbot/certbot/issues/10266 and
# https://github.com/certbot/certbot/pull/10294.
# 12) Planning to remove support for checking OCSP via OpenSSL binary.
# See https://github.com/certbot/certbot/issues/10291.
filterwarnings =
error
ignore:.*rsyncdir:DeprecationWarning
@ -38,3 +40,4 @@ filterwarnings =
ignore:TLSALPN01Response is deprecated:DeprecationWarning
ignore:TLSALPN01 is deprecated:DeprecationWarning
ignore:TLSServer is deprecated:DeprecationWarning
ignore:enforce_openssl_binary_usage parameter is deprecated:DeprecationWarning