eGenix pyOpenSSL Distribution 0.10.0-1.0.0a GA
Introduction
The eGenix.com pyOpenSSL Distribution includes everything you need to
get started with SSL in Python. It comes with an easy to use installer
that includes the most recent OpenSSL library versions in pre-compiled
form, making your application independent of OS provided OpenSSL libraries:
>>> eGenix pyOpenSSL Distribution Page
pyOpenSSL is an open-source Python add-on that allows writing SSL-aware networking applications as as certificate managment tools. It uses the OpenSSL library as performant and robust SSL engine.
OpenSSL is an open-source implementation of the SSL/TLS protocol.
News
This new release of the eGenix.com pyOpenSSL Distribution updates the included pyOpenSSL version to 0.10.0 and the included OpenSSL version to 1.0.0a.
Main new features in pyOpenSSL 0.10.0
- pyOpenSSL 0.10 exposes several more OpenSSL APIs, including support for running TLS connections over in-memory BIOs, access to the OpenSSL random number generator, the ability to pass subject and issuer parameters when creating an X509Extension instance, more control over PKCS12 creation and an API for exporting PKCS12 objects, and APIs for controlling the client CA list servers send to clients.
- Several bugs have also been fixed, including a crash when certain X509Extension instances are deallocated, a mis-handling of the OpenSSL error queue in the X509Name implementation, Windows build issues, and a possible double free when using a debug build.
New features in OpenSSL 1.0.0a since our last release for OpenSSL 0.9.8l
The main new features in OpenSSL 0.9.8m is the new support for RFC 5746, which addresses the SSL renegotiation problem found in earlier OpenSSL versions.
Version 0.9.8n fixes this vulnerability
(see http://www.openssl.org/news/secadv_20100324.txt):
- "Record of death" vulnerability in OpenSSL 0.9.8f through 0.9.8m
Version 1.0.0 adds many new features, including
(see http://www.openssl.org/news/news.html):
- Support for Whirlpool hash algorithm
- Support for GOST cipher
Version 1.0.0a fixes two security issues (see http://www.openssl.org/news/secadv_20100601.txt):
- Invalid ASN1 module definition for CMS.
- Invalid Return value check in pkey_rsa_verifyrecover
New features in the eGenix pyOpenSSL Distribution
- The embedded OpenSSL libs will now look for certificates in /etc/ssl on Unix platforms and /System/Library/OpenSSL on Mac OS X
Note that it's usually better to explicitly tell OpenSSL where to look for trusted certificates via .load_verify_locations(None, certs_dir) than to rely on the above defaults using context.set_default_verify_paths()
- Added support for Win64 and precompiled Python 2.6 compatible binaries for that platform (you can find the OpenSSL libs in openssl-win64/vc9)
- Added support for Mac OS X 10.6 on Intel x64.
- Added .egg Distributions for Python 2.4 as well (in order to support Plone 3).
As always, we provide binaries that include both pyOpenSSL and
the necessary OpenSSL libraries for all supported platforms: Windows
x86 and x64, Linux x86 and x64, Mac OS X PPC, x86 and x64.
Due to popular demand, we've also added .egg-file format versions of our eGenix.com pyOpenSSL Distribution for Windows, Linux and Mac OS X to the available download options. These make setups using e.g. zc.buildout and other egg-file based installers a lot easier.
Downloads
Please visit the eGenix pyOpenSSL Distribution page for downloads, instructions on installation and documentation of the package.
Upgrading
Before installing this version of pyOpenSSL, please make sure that you uninstall any previously installed pyOpenSSL version. Otherwise, you could end up not using the included OpenSSL libs.
More Information
For more information on the eGenix mx Distributions, licensing and download instructions, please write to sales@egenix.com.
Enjoy !
Marc-Andre Lemburg, eGenix.com