[eGenix.com] ANN: eGenix pyOpenSSL Distribution 0.13.5

egenix-announcements at egenix.com egenix-announcements at egenix.com
Fri Oct 24 11:07:56 CEST 2014


                   eGenix.com pyOpenSSL Distribution

                             Version 0.13.5

             An easy-to-install and easy-to-use distribution
             of the pyOpenSSL Python interface for OpenSSL -
            available for Windows, Mac OS X and Unix platforms

This announcement is also available on our web-site for online reading:


The eGenix.com pyOpenSSL Distribution includes everything you need to
get started with SSL in Python.

It comes with an easy-to-use installer that includes the most recent
OpenSSL library versions in pre-compiled form, making your application
independent of OS provided OpenSSL libraries:


pyOpenSSL is an open-source Python add-on that allows writing SSL/TLS-
aware network applications as well as certificate management tools:


OpenSSL is an open-source implementation of the SSL/TLS protocol:



This new release of the eGenix.com pyOpenSSL Distribution updates the
included OpenSSL version to the latest OpenSSL 1.0.1h version and adds
a few more context options:

New in OpenSSL

 * Updated included OpenSSL libraries from OpenSSL 1.0.1i to
   1.0.1j. See https://www.openssl.org/news/secadv_20141015.txt for a
   complete list of changes. The following fixes are relevant for
   pyOpenSSL applications:

   - CVE-2014-3567: Memory leak in OpenSSL session ticket management.

   - OpenSSL has added support for TLS_FALLBACK_SCSV to allow
     applications to block the ability for a MITM attacker to force a
     protocol downgrade, e.g. to enable a POODLE (CVE-2014-3566)
     attack by forcing a downgrade to SSLv3. This is enabled
     automatically for servers.

   - CVE-2014-3568: OpenSSL configured with "no-ssl3" would still
     allow a complete SSL 3.0 handshake to run.

New in pyOpenSSL

 * Dropped zlib support from OpenSSL builds to more easily prevent the
   CRIME attack without having to use special SSL context options.

 * Disabled the SSLv2 support in OpenSSL builds. SSLv2 has long been
   broken and this simplifies writing secure servers/clients.

 * Updated the included CA root certificate bundles to Mozilla's
   2014-08-26 update.

 * Improved cipher list in https_client.py example which prefers the
   newer AES128-GCM and elliptic curve DH over over ciphers.

 * Added new context flag MODE_SEND_FALLBACK_SCSV. Documented
   previously undocumented MODE_RELEASE_BUFFERS and removed
   non-existing MODE_NO_COMPRESSION from the documentation.

 * Added web installer package to the Python Package Index (PyPI)
   which simplifies installation.

 * In addition to the usual ways of installing eGenix pyOpenSSL, we
   have uploaded a web installer to PyPI, so that it is now also
   possible to use one of these installation methods on all supported
   platforms (Windows, Linux, Mac OS X):

   - easy_install egenix-pyopenssl via PyPI
   - pip install egenix-pyopenssl via PyPI
   - egg reference in zc.buildout via PyPI
   - running "python setup.py install" in the unzipped web installer
     archive directory

   The web installer will automatically detect the platform and choose
   the right binary download package for you. All downloads are
   verified before installation.

 * Resolved a problem with a pyOpenSSL test for certificate
   extensions: OpenSSL 1.0.1i+ wants a signature algorithm to be
   defined when loading PEM certificates.

 * Moved eGenix additions to pyOpenSSL to a new extras/ dir in the
   source distribution.

 * In previous releases, we also added the OpenSSL version number to
   the package version. Since this causes very long version numbers,
   we have dropped the OpenSSL version starting with 0.13.5 and will
   only increase the main version number from now on. In the future,
   we plan to switch to a new version scheme that is compatible with
   our normal version number scheme for products.

pyOpenSSL / OpenSSL Binaries Included

In addition to providing sources, we make binaries available that
include both pyOpenSSL and the necessary OpenSSL libraries for all
supported platforms: Windows x86 and x64, Linux x86 and x64, Mac OS X
PPC, x86 and x64.

We've also added egg-file distribution versions of our eGenix.com
pyOpenSSL Distribution for Windows, Linux and Mac OS X to the
available download options. These make setups using e.g. zc.buildout
and other egg-file based installers a lot easier.


The download archives and instructions for installing the package can
be found at:



Before installing this version of pyOpenSSL, please make sure that
you uninstall any previously installed pyOpenSSL version. Otherwise,
you could end up not using the included OpenSSL libs.


Commercial support for these packages is available from eGenix.com.
Please see


for details about our support offerings.


For more information about the eGenix pyOpenSSL Distribution, licensing
and download instructions, please visit our web-site or write to
sales at egenix.com.

Marc-Andre Lemburg

Professional Python Services directly from the Source  (#1, Oct 24 2014)
>>> Python Projects, Consulting and Support ...   http://www.egenix.com/
>>> mxODBC.Zope/Plone.Database.Adapter ...       http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/

::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::

   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
           Registered at Amtsgericht Duesseldorf: HRB 46611

More information about the egenix-announcements mailing list