I am happy to announce the M2Crypto 0.19 release!
M2Crypto is the most complete Python wrapper for OpenSSL featuring RSA,
DSA, DH, HMACs, message digests, symmetric ciphers (including AES); SSL
functionality to implement clients and servers; HTTPS extensions to
Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing
AuthCookies for web session management; FTP/TLS client and server;
S/MIME; ZServerSSL: A HTTPS server for Zope and ZSmime: An S/MIME
messenger for Zope. M2Crypto can also be used to provide SSL for Twisted.
Note: Python 2.6 shipped with optional timeout parameters to many
network modules; there is no support for these in M2Crypto 0.19.
Otherwise 2.6 is supported.
Changes:
- OpenSSL OBJ_* functions wrapped by Pavel Shramov
- OpenSSL ENGINE interface wrapped, providing support for smart cards,
by Martin Paljak and Pavel Shramov
- EVP.PKey.get_rsa() now returns RSA_pub, which fixes segmentation fault
when trying to encrypt using public key from X509 certificate,
by Ben Timby
- httpslib.ProxyHTTPSConnection now sends the required Host header,
by Karl Grindley
- Use the proxied User-Agent value in CONNECT requests, by James Antill
and Miloslav Trmac
- Fixed m2urllib.build_opener when optional handlers were in use,
affected Python 2.5 and later, by Miloslav Trmac
- Reverted the incorrect GIL change done in 0.18 to
m2.passphrase_callback, which caused a deadlock when called from
mod_python for example. Thanks to Michal Kochel and Keith Jackson.
- SSL.Connection.accept() passed wrong certificate to
postConnectionCheck callback
- httpslib.HTTPSConnection now raises ValueError for illegal keyword
argument
- m2.pkey_write_pem[_no_cipher] changed to use the recommended (more
secure) PEM_write_bio_PKCS8PrivateKey (used by
PEM_write_bio_PrivateKey).
- X509.load_cert, load_cert_bio, load_cert_der_string,
new_stack_from_der, load_request and load_crl now raise X509Error for
invalid data. Previously some of these raised a string as an error,
some did not raise but caused strange errors later, for example
x509.verify() would return -1.
- Fixed SSL.Connection.get_socket_read_timeout and
set_socket_read_timeout on 64bit platforms by adding
SSL.timeout.struct_size() and using it instead of
hardcoded size for socket.getsockopt
- X509_Store.load_info now returns the value from the underlying
m2.x509_store_load_locations call, and in case of error raises
X509Error
- Fixed SMIME.verify to raise the correct PKCS7_Error (used to raise
SMIME_Error) when verification fails with Python 2.6
Requirements:
* Python 2.3 or newer
o m2urllib2 requires Python 2.4 or newer
* OpenSSL 0.9.7 or newer
o Some optional new features will require OpenSSL 0.9.8 or newer
* SWIG 1.3.24 or newer required for building
o SWIG 1.3.30 or newer may be required with Python 2.5 or newer and
Python 2.4 with Py_ssize_t patches
Download link available from the M2Crypto homepage:
http://chandlerproject.org/Projects/MeTooCrypto
Or use easy_install (may not work on all systems): easy_install M2Crypto
--
Heikki Toivonen - http://www.heikkitoivonen.net
