From marcodasilva at gmail.com  Sat Dec  6 20:12:24 2008
From: marcodasilva at gmail.com (Marco da Silva)
Date: Sat, 06 Dec 2008 19:12:24 +0000
Subject: [pyOpenSSL] Validating server certificate with CAcert
Message-ID: <493ACE98.50109@gmail.com>

Hy all!

I''ve just started using OpenSSL and Python-OpenSSL in the past days for a project in my university.

I have a client-server app, and the server has a cert that is used to cypher the communication between client-server. (clients have no cert)

My question is, how can I validate the server cert with the CA cert ? I'm a bit lost with this, I already found how to do it directly with OpenSSL in the shell, but how do I do this in python-openssl?

This is my socket creation code, hope its ok.

Server Socket :

        self.context = SSL.Context(SSL.SSLv3_METHOD)
        self.context.use_privatekey_file('key.pem')
        self.context.use_certificate_file('cert.pem')
        self.server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        self.server = SSL.Connection(self.context, self.server)
        self.server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

Client socket :

            self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            self.ctx = SSL.Context(SSL.SSLv3_METHOD)
            self.ctx.set_verify(SSL.VERIFY_NONE, verify_cb)
            self.sock = SSL.Connection(self.ctx,self.sock)
            self.sock.connect((self.host, self.port))


Thanks all

Marco da Silva




From info at egenix.com  Fri Dec 19 11:04:34 2008
From: info at egenix.com (eGenix Team: M.-A. Lemburg)
Date: Fri, 19 Dec 2008 11:04:34 +0100
Subject: [pyOpenSSL] ANN: eGenix pyOpenSSL Distribution 0.8.0-0.9.8i-1
Message-ID: <494B71B2.80507@egenix.com>

________________________________________________________________________

ANNOUNCING

                   eGenix.com pyOpenSSL Distribution

                        Version 0.8.0-0.9.8i-1


             An easy to install and use repackaged distribution
               of the pyOpenSSL Python interface for OpenSSL -
                  available on Windows and Unix platforms


This announcement is also available on our web-site for online reading:
http://www.egenix.com/company/news/eGenix-pyOpenSSL-Distribution-0.8.0-0.9.8i-1-GA.html

________________________________________________________________________

INTRODUCTION

The eGenix.com pyOpenSSL Distribution includes everything you need to
get started with SSL in Python. It comes with an easy to use installer
that includes the most recent OpenSSL library versions in pre-compiled
form.

pyOpenSSL is an open-source Python add-on (http://pyopenssl.sf.net/)
that allows writing SSL aware networking applications as well as
certificate management tools.

OpenSSL is an open-source implementation of the SSL protocol
(http://www.openssl.org/).

For more information, please see the product page:

    http://www.egenix.com/products/python/pyOpenSSL/

________________________________________________________________________

NEWS

This third release of the eGenix.com pyOpenSSL Distribution upgrades
pyOpenSSL to version 0.8, which includes a few bug fixes related to
threading.

Please note that OpenSSL, the underlying SSL engine, does not allow
sharing connections between threads. This is a little known fact which
could in the past cause pyOpenSSL to crash Python. Jean-Paul Calderone,
the maintainer of pyOpenSSL, has added fixes in 0.8 to prevent those
crashes.

We have also fixed several compiler warnings found in the code. The
version of pyOpenSSL you find in the source release has those patches
applied.

Binaries are available for Linux x86 and x64 as well as Windows x86 and
include pyOpenSSL 0.8.0 as well as the OpenSSL 0.9.8i libraries.

________________________________________________________________________

DOWNLOADS

The download archives and instructions for installing the package can
be found at:

    http://www.egenix.com/products/python/pyOpenSSL/

________________________________________________________________________

UPGRADING

Before installing this version of pyOpenSSL, please make sure that
you uninstall any previously installed pyOpenSSL version. Otherwise,
you could end up not using the included OpenSSL libs.

_______________________________________________________________________

SUPPORT

Commercial support for these packages is available from eGenix.com.
Please see

    http://www.egenix.com/services/support/

for details about our support offerings.

Enjoy,
-- 
Marc-Andre Lemburg
eGenix.com

Professional Python Services directly from the Source  (#1, Dec 19 2008)
>>> Python/Zope Consulting and Support ...        http://www.egenix.com/
>>> mxODBC.Zope.Database.Adapter ...             http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/
________________________________________________________________________
2008-12-02: Released mxODBC.Connect 1.0.0      http://python.egenix.com/

::: Try our new mxODBC.Connect Python Database Interface for free ! ::::


   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
           Registered at Amtsgericht Duesseldorf: HRB 46611
               http://www.egenix.com/company/contact/