• Home
• Services
  • Custom Python Development Projects
  • Python Training
  • Python Coaching
  • Python Consulting
  • Python and Product Support
• Products
  • Python
  • · mxODBC – Python Database Interface
  • · mxODBC Connect – Remote DB Interface
  •   
  • · eGenix PyRun – Tiny Python Runtime
  • · eGenix pyOpenSSL – SSL Interface
  •   
  • · eGenix mx Base
  •   · mxDateTime – Date/Time Library
  •   · mxTextTools – Fast Text Parsing
  •   · mxBeeBase – BTree+ On-disk DB
  •   · mxTools – Fast Python Helpers
  •   · mxProxy – Python Object Proxy
  •   · mxURL – URL Library
  •   · mxUID – UID Library
  •   · mxStack – Stack Data Type
  •   · mxQueue – Queue Data Type
  •   
  • · eGenix mx Experimental
  •   · mxNumber – High Precision Numbers
  •   · mxTidy – HTML Cleaner
  •   
  • Plone / Zope
  • · mxODBC Plone/Zope Database Adapter
  • · mxODBC Database Adapter for Plone
  • · eGenix ThreadLock Distribution
• Solutions
  • EMail Newsletters
  • SMS Text Alerts
• Support
  • General Python Support
  • Product Support
  • Product Updates
  • Mailing Lists
• Community
  • Talks & Videos
  • Python Meeting Düsseldorf (PyDDF)
  • All Things Python Blog
  • eGenix YouTube Channel
  • MoinMoin Library
  • Telegram Antispam Bot
• Company
  • About
  • Contact
  • News
  • Press
  • Legal
• Shop

eGenix pyOpenSSL Distribution 0.13.10 GA

Introduction

The eGenix.com pyOpenSSL Distribution includes everything you need to get started with SSL in Python. It comes with an easy to use installer that includes the most recent OpenSSL library versions in pre-compiled
form, making your application independent of OS provided OpenSSL libraries:

>>>   eGenix pyOpenSSL Distribution Page

pyOpenSSL is an open-source Python add-on that allows writing SSL-aware networking applications as as certificate managment tools. It uses the OpenSSL library as performant and robust SSL engine.

OpenSSL is an open-source implementation of the SSL/TLS protocol.

News

This new release of the eGenix.com pyOpenSSL Distribution includes the following updates:

New in OpenSSL

• Updated included OpenSSL libraries from OpenSSL 1.0.1n to 1.0.1o, which fixes an ABI incompatibility introduced in OpenSSL 1.0.1n.

These were the updates in eGenix pyOpenSSL 0.13.9, which we released on 2015-06-12:

New in eGenix pyOpenSSL

• Fixed a bug in the build process which resulted in the CA bundle files not get installed in the OpenSSL/ package dir.
• Added a work-around for recent pip versions not showing the installer output, causing an apparently hanging installation process. The installer will now use a timeout when entering the crypto confirmation and report how to fix the problem (by using an environment variable EGENIX_CRYPTO_CONFIRM for confirmation).
• Updated the Mozilla CA root bundle to version 2015-04-22.
• Various minor fixes to the web installer to make installations on Linux and FreeBSD more robust, having pip uninstall not remove the .pyc/.pyo files, intermittent error causing a source installation in some rare cases.
  

New in OpenSSL

• Updated included OpenSSL libraries from OpenSSL 1.0.1m to 1.0.1n. See https://www.openssl.org/news/secadv_20150611.txt ​for a complete list of changes. The following fixes are relevant for pyOpenSSL applications:
• Logjam attack: OpenSSL 1.0.1n includes DHE man-in-the-middle downgrade protection.
  
• CVE-2015-1788: Possible infinite loop during client authentication, which can be used for Denial of Service (DoS) attacks.
  
• CVE-2015-1789: X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds, which can lead to a segmentation fault.
• CVE-2015-1790: The PKCS#7 parsing code does not handle missing inner EncryptedContent correctly, which can lead to a NULL pointer dereference on parsing.
• CVE-2015-1792: When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID.
• CVE-2015-1791: If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data.

Please see the product changelog for the full set of changes.

pyOpenSSL / OpenSSL Binaries Included

In addition to providing sources, we make binaries available that include both pyOpenSSL and the necessary OpenSSL libraries for all supported platforms: Windows, Linux, Mac OS X and FreeBSD, for x86 and x64.

To simplify installation, we have uploaded a web installer to PyPI which will automatically choose the right binary for your platform, so a simple

pip install egenix-pyopenssl

will get you the package with OpenSSL libraries installed. Please see our installation instructions for details.

We have also added .egg-file distribution versions of our eGenix.com pyOpenSSL Distribution for Windows, Linux and Mac OS X to the available download options. These make setups using e.g. zc.buildout and other egg-file based installers a lot easier.

Downloads

Please visit the eGenix pyOpenSSL Distribution page for downloads, instructions on installation and documentation of the package.

Upgrading

Before installing this version of pyOpenSSL, please make sure that you uninstall any previously installed pyOpenSSL version. Otherwise, you could end up not using the included OpenSSL libs.

More Information

For more information on the eGenix pyOpenSSL Distribution, licensing and download instructions, please write to sales@egenix.com.

Enjoy !

Marc-Andre Lemburg, eGenix.com