[egenix-users] egenix-pyopenssl and OpenSSL 1.0.2

M.-A. Lemburg mal at egenix.com
Tue Feb 3 10:30:47 CET 2015

Dear Users,

as you may have heard, OpenSSL has started a new version 1.0.2

We will eventually switch egenix-pyopenssl to this new version,
but after the investigation we did following a user request,
this won't happen for first 1.0.2 release.

There are two problems with this release.

One is related to pyOpenSSL defining a function which OpenSSL
now provides itself, causing a conflict between the two:
X509_REVOKED_dup(). This is easy to fix in pyOpenSSL by renaming
the API.

The second one is more severe. There's a bug in OpenSSL 1.0.2
which causes pyOpenSSL's cert.has_expired() to return the exact
opposite of what it should return, rendering the method
completely broken:


It reports certificates as expired which are not and accepts
certificates which are expired.

So we'll skip 1.0.2 and wait for at least another OpenSSL
release before switching.

Marc-Andre Lemburg

Professional Python Services directly from the Source  (#1, Feb 03 2015)
>>> Python Projects, Coaching and Consulting ...  http://www.egenix.com/
>>> mxODBC Plone/Zope Database Adapter ...       http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/

::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::

   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
           Registered at Amtsgericht Duesseldorf: HRB 46611

More information about the egenix-users mailing list