Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 4 to 5.
- [Release notes](https://github.com/dessant/lock-threads/releases)
- [Changelog](https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md)
- [Commits](dessant/lock-threads@v4...v5)

---
updated-dependencies:
- dependency-name: dessant/lock-threads
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

If someone is running `pip install -e` to develop on pyOpenSSL,
presumably they want to be able to run the tests too.

* Don't try to access X509_STORE_CTX after _cleanup

Although OpenSSL happens to leave the errors in there on
X509_STORE_CTX_cleanup, in no other OpenSSL API is accessing a cleaned
up object meaningful. Do it in the other order.

* Internal variables are internal

The underscore-prefixed variables were not intended to be exposed as
public API, so don't bother exposing it in the first place.

* Don't reuse X509_STORE_CTXs

There's a lot of history with X509_STORE_CTX's somewhat messy transition
from a stack-allocated type to a heap-allocated type. (This is why a
double X509_STORE_CTX_init used to leak memory.) We can avoid all this
mess by just making a new X509_STORE_CTX each time.

* Put mypy, coverage.py, pytest in pyproject

Signed-off-by: William Woodruff <william@trailofbits.com>

* tox: coverage[toml]

Signed-off-by: William Woodruff <william@trailofbits.com>

---------

Signed-off-by: William Woodruff <william@trailofbits.com>

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

The correct spelling is `equivalent`, not `equivilant`.

RSA-512 was factored in 1999. Since none of these tests are specific to
the size of the RSA key, best to test inputs that are representative of
real-world inputs, lest the underlying cryptography library start
enforcing post-1999 security levels.

If an SRTP profile was negotiated as part of the handshake, make it
possible to retrieve the name of the profile. This is needed to
determine which profiles were offered using `Context.set_tlsext_use_srtp`
was actually selected.

PR #1279 inadvertently appended the change to a past release, so fix
this.