Drop OpenSSL 0.9.8 (#2978)
* Drop OpenSSL 0.9.8
* Drop this test, it's not relevant any longer
* unused import
* Remove CRYPTOGRAPHY_ALLOW_OPENSSL_098=1 from our tox
* removed unused code for Cryptography_HAS_PKEY_CTX
* return unused code for _AESCTRCipherContext
* syntax :-(
* remove some unused tests and skips
* remove unused code for Cryptography_HAS_PBKDF2_HMAC
* Revert "return unused code for _AESCTRCipherContext"
This reverts commit 7d149729205aa4c9735eb322414b167a75b302df.
* Remove unused RSA code
* Remove unused test code for conditional bindings
* Remove unused dsa code
* unused import
* Remove unused x509 extension code
* Remove unused EC code
* Attempt to remove unused DER key loading code
* document this
* grammar
* Added back this paragraph
* Update docs
diff --git a/docs/faq.rst b/docs/faq.rst
index 76dc4f3..2ddc5db 100644
--- a/docs/faq.rst
+++ b/docs/faq.rst
@@ -40,8 +40,8 @@
appear to be at fault, it's possible that this is a bug in ``cryptography``.
Please file an `issue`_ with instructions on how to reproduce it.
-Importing cryptography causes a ``RuntimeError`` about OpenSSL 0.9.8
---------------------------------------------------------------------
+Installing cryptography with OpenSSL 0.9.8 fails
+------------------------------------------------
The OpenSSL project has dropped support for the 0.9.8 release series. Since it
is no longer receiving security patches from upstream, ``cryptography`` is also
@@ -49,9 +49,9 @@
version of OpenSSL (1.0.1 or later). This may require you to upgrade to a newer
operating system.
-For the 1.4 release, you can set the ``CRYPTOGRAPHY_ALLOW_OPENSSL_098``
-environment variable. Please note that this is *temporary* and will be removed
-in ``cryptography`` 1.5.
+In ``cryptography`` 1.4, you can set the ``CRYPTOGRAPHY_ALLOW_OPENSSL_098``
+environment variable. Please note that this is *temporary* and is removed in
+``cryptography`` 1.5.
.. _`NaCl`: https://nacl.cr.yp.to/
.. _`PyNaCl`: https://pynacl.readthedocs.io
diff --git a/docs/hazmat/backends/openssl.rst b/docs/hazmat/backends/openssl.rst
index f488a8b..8bc7dac 100644
--- a/docs/hazmat/backends/openssl.rst
+++ b/docs/hazmat/backends/openssl.rst
@@ -3,9 +3,8 @@
OpenSSL backend
===============
-The `OpenSSL`_ C library. Cryptography supports version ``0.9.8e`` (present in
-Red Hat Enterprise Linux 5) and greater. Earlier versions may work but are
-**not tested or supported**.
+The `OpenSSL`_ C library. Cryptography supports OpenSSL version ``1.0.0`` and
+greater.
.. data:: cryptography.hazmat.backends.openssl.backend
diff --git a/docs/hazmat/bindings/openssl.rst b/docs/hazmat/bindings/openssl.rst
index 8935093..8aef488 100644
--- a/docs/hazmat/bindings/openssl.rst
+++ b/docs/hazmat/bindings/openssl.rst
@@ -6,8 +6,7 @@
.. currentmodule:: cryptography.hazmat.bindings.openssl.binding
These are `CFFI`_ bindings to the `OpenSSL`_ C library. Cryptography supports
-version ``0.9.8e`` (present in Red Hat Enterprise Linux 5) and greater. Earlier
-versions may work but are **not tested or supported**.
+OpenSSL version ``1.0.0`` and greater.
.. class:: cryptography.hazmat.bindings.openssl.binding.Binding()
diff --git a/docs/installation.rst b/docs/installation.rst
index cb876b8..a2455c2 100644
--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -13,7 +13,7 @@
Currently we test ``cryptography`` on Python 2.6, 2.7, 3.3, 3.4, 3.5, and PyPy
2.6+ on these operating systems.
-* x86-64 CentOS 7.x, 6.4 and CentOS 5.x
+* x86-64 CentOS 7.x, 6.4
* x86-64 FreeBSD 10
* OS X 10.11 El Capitan, 10.10 Yosemite, 10.9 Mavericks, 10.8 Mountain Lion,
and 10.7 Lion
@@ -28,8 +28,6 @@
We test compiling with ``clang`` as well as ``gcc`` and use the following
OpenSSL releases:
-* ``OpenSSL 0.9.8e-fips-rhel5`` (``RHEL/CentOS 5``)
-* ``OpenSSL 0.9.8k``
* ``OpenSSL 1.0.0-fips`` (``RHEL/CentOS 6.4``)
* ``OpenSSL 1.0.1``
* ``OpenSSL 1.0.1e-fips`` (``RHEL/CentOS 7``)
@@ -38,9 +36,8 @@
* ``OpenSSL 1.0.2-latest``
.. warning::
- OpenSSL versions 0.9.8 and 1.0.0 are no longer supported by the OpenSSL
- project. Cryptography 1.4 has dropped support for OpenSSL 0.9.8, see the
- :doc:`FAQ </faq>` for more details.
+ OpenSSL 1.0.0 is no longer supported by the OpenSSL project. Cryptography
+ will drop support for it in a future release.
On Windows
----------