From Daniel.van.Eeden at myname.nl Thu Jan 2 18:42:02 2014 From: Daniel.van.Eeden at myname.nl (=?UTF-8?B?RGFuacOrbCB2YW4gRWVkZW4=?=) Date: Thu, 02 Jan 2014 18:42:02 +0100 Subject: [pyOpenSSL-Users] Support for various PEM format In-Reply-To: References: Message-ID: <52C5A4EA.8070208@myname.nl> Hello William, It looks like you want to click the 'Affects me' button for MySQL Bug #71271. http://bugs.mysql.com/bug.php?id=71271 Regards, Dani?l van Eeden From exarkun at twistedmatrix.com Thu Jan 16 13:41:43 2014 From: exarkun at twistedmatrix.com (exarkun at twistedmatrix.com) Date: Thu, 16 Jan 2014 12:41:43 -0000 Subject: [pyOpenSSL-Users] Announcing pyOpenSSL 0.14a2 Message-ID: <20140116124143.17936.1136247374.divmod.xquotient.168@top> Hello all, I'm happy to announce that pyOpenSSL 0.14a2, the second alpha of the 0.14 release cycle, is now available. A copy of these release notes and links to source archive downloads are available at . pyOpenSSL 0.14 will bring many improvements over the previous release, including: * Support for TLSv1.1 and TLSv1.2 * New flags, such as MODE_RELEASE_BUFFERS and OP_NO_COMPRESSION * Some APIs to access to the SSL session cache * A variety of bug fixes for error handling cases Additionally, there are three major changes to the project: First, the documentation has been converted from LaTeX (CPython's old documentation system) to Sphinx (CPython's new documentation system ;). Second, pyOpenSSL is no longer implemented in C as a collection of extension modules using the Python/C API. Instead, pyOpenSSL is now a pure-Python project with a dependency on a new project, , which provides (among other things) a cffi-based interface to OpenSSL. This change means that pyOpenSSL development is now more accessible to Python programmers with little or no experience with C. Finally, the project's code hosting has moved from Launchpad to Github. Many branches remain only on Launchpad along with their associated bug reports. Over the coming releases I hope that the fixes and features in these branches will be ported to Python and incorporated into the pyOpenSSL master development branch. Bug tracking has been disabled on Launchpad so that the amount of useful information hosted there can gradually dwindle to nothing. Please use Github for further development and bug reporting. As you might imagine, reimplementing all of pyOpenSSL in a new language has involved far more significant changes than I have ever included in a pyOpenSSL release before. I've also bent my own rule of not modifying untested code a bit. Because certain OpenSSL error cases are very difficult to trigger reliably (or even unreliably in some cases), not all such cases are covered by the automated test suite. In the past I've tried hard to avoid changing these parts of pyOpenSSL but that wasn't an option for this release. As such, testing of 0.14a2 is more important than ever before. Please do whatever you can to help out here. Run your test suite against it, play around with the new features, abuse it if you can, take a look at the implementation (the wonderful, wonderful Python implementation!), share this release announcement in other forums where it may be relevant, and anything else you can think of! Any reports of your results are appreciated, positive or negative. Thanks to all, Jean-Paul From bertovic.deni at gmail.com Tue Jan 28 15:38:37 2014 From: bertovic.deni at gmail.com (=?UTF-8?Q?Deni_Bertovi=C4=87?=) Date: Tue, 28 Jan 2014 15:38:37 +0100 Subject: [pyOpenSSL-Users] Announcing pyOpenSSL 0.14a2 In-Reply-To: <20140116124143.17936.1136247374.divmod.xquotient.168@top> References: <20140116124143.17936.1136247374.divmod.xquotient.168@top> Message-ID: This is the best news I've read this year! :) Thank you all for your efforts. -Deni On Thu, Jan 16, 2014 at 1:41 PM, wrote: > Hello all, > > I'm happy to announce that pyOpenSSL 0.14a2, the second alpha of the 0.14 > release cycle, is now available. > > A copy of these release notes and links to source archive downloads are > available at . > > pyOpenSSL 0.14 will bring many improvements over the previous release, > including: > > * Support for TLSv1.1 and TLSv1.2 > * New flags, such as MODE_RELEASE_BUFFERS and OP_NO_COMPRESSION > * Some APIs to access to the SSL session cache > * A variety of bug fixes for error handling cases > > Additionally, there are three major changes to the project: > > First, the documentation has been converted from LaTeX (CPython's old > documentation system) to Sphinx (CPython's new documentation system ;). > > Second, pyOpenSSL is no longer implemented in C as a collection of > extension modules using the Python/C API. Instead, pyOpenSSL is now a > pure-Python project with a dependency on a new project, < > http://github.com/pyca/cryptography>, which provides (among other things) > a cffi-based interface to OpenSSL. > > This change means that pyOpenSSL development is now more accessible to > Python programmers with little or no experience with C. > > Finally, the project's code hosting has moved from Launchpad to Github. > Many branches remain only on Launchpad along with their associated bug > reports. Over the coming releases I hope that the fixes and features in > these branches will be ported to Python and incorporated into the pyOpenSSL > master development branch. Bug tracking has been disabled on Launchpad so > that the amount of useful information hosted there can gradually dwindle to > nothing. Please use Github for further development and bug reporting. > > As you might imagine, reimplementing all of pyOpenSSL in a new language > has involved far more significant changes than I have ever included in a > pyOpenSSL release before. I've also bent my own rule of not modifying > untested code a bit. Because certain OpenSSL error cases are very > difficult to trigger reliably (or even unreliably in some cases), not all > such cases are covered by the automated test suite. In the past I've tried > hard to avoid changing these parts of pyOpenSSL but that wasn't an option > for this release. > > As such, testing of 0.14a2 is more important than ever before. Please do > whatever you can to help out here. Run your test suite against it, play > around with the new features, abuse it if you can, take a look at the > implementation (the wonderful, wonderful Python implementation!), share > this release announcement in other forums where it may be relevant, and > anything else you can think of! > > Any reports of your results are appreciated, positive or negative. > > Thanks to all, > Jean-Paul > _______________________________________________ > pyopenssl-users mailing list > pyopenssl-users at python.org > https://mail.python.org/mailman/listinfo/pyopenssl-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From info at egenix.com Tue Jan 28 17:47:35 2014 From: info at egenix.com (eGenix Team: M.-A. Lemburg) Date: Tue, 28 Jan 2014 17:47:35 +0100 Subject: [pyOpenSSL-Users] ANN: eGenix pyOpenSSL Distribution 0.13.3.1.0.1.6 Message-ID: <52E7DF27.7080201@egenix.com> ________________________________________________________________________ ANNOUNCING eGenix.com pyOpenSSL Distribution Version 0.13.3.1.0.1.6 An easy-to-install and easy-to-use distribution of the pyOpenSSL Python interface for OpenSSL - available for Windows, Mac OS X and Unix platforms This announcement is also available on our web-site for online reading: http://www.egenix.com/company/news/eGenix-pyOpenSSL-Distribution-0.13.3.1.0.1.6.html ________________________________________________________________________ INTRODUCTION The eGenix.com pyOpenSSL Distribution includes everything you need to get started with SSL in Python. It comes with an easy-to-use installer that includes the most recent OpenSSL library versions in pre-compiled form, making your application independent of OS provided OpenSSL libraries: http://www.egenix.com/products/python/pyOpenSSL/ pyOpenSSL is an open-source Python add-on that allows writing SSL/TLS- aware network applications as well as certificate management tools: https://launchpad.net/pyopenssl/ OpenSSL is an open-source implementation of the SSL/TLS protocol: http://www.openssl.org/ ________________________________________________________________________ NEWS This new release of the eGenix.com pyOpenSSL Distribution updates the included pyOpenSSL and OpenSSL versions: New in the eGenix pyOpenSSL Distribution ---------------------------------------- * Updated pyOpenSSL to the upstream trunk revision 171 (pyOpenSSL version 0.13.1+). * Added work-around for compiling pyOpenSSL trunk revision 171 on Windows with OpenSSL 1.0.0 and later. * Included support for TLS 1.1 and 1.2 in pyOpenSSL (rev 171). Please see the TLS support section in the documentation for details. http://www.egenix.com/products/python/pyOpenSSL/doc/#TLS_support * Added SSL.OP_NO_COMPRESSION and SSL.OP_SINGLE_ECDH_USE context options to be able to address the CRIME attack and allow for more secure elliptic curve Diffie-Hellman key exchange setups. * Added HTML Sphinx documentation from the pyOpenSSL trunk version to the package. An online version is available from our website: http://www.egenix.com/products/python/pyOpenSSL/doc/pyopenssl.html * Updated the included CA bundles to the latest Mozilla 2014-01-28 version. * Included ca-bundle*.crt files now have the same modification date as the Mozilla certdata.txt file from which they were generated. * Restored compatibility of the ca_bundle module with Python 2.4. * Enhanced the included https_client.py example to show case OpenSSL best practices: - server name parsing (RFC 2818 support will follow in one of the next releases) - SNI (support for TLS extension to support multiple SSL sites on a single host) - setup secure default SSL options - setup secure default SSL cipher suite - use TLS 1.0 - 1.2 only - disable SSL compression negotiation (prevent CRIME attack) New in OpenSSL -------------- * Updated included OpenSSL libraries from OpenSSL 1.0.1e to 1.0.1f. See http://www.openssl.org/news/news.html and http://www.openssl.org/news/vulnerabilities.html for a complete list of changes, most important: - CVE-2013-4353: A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL pointer exception. A malicious server could use this flaw to crash a connecting client. - CVE-2013-6450: A flaw in DTLS handling can cause an application using OpenSSL and DTLS to crash. - CVE-2013-6449: A flaw in OpenSSL can cause an application using OpenSSL to crash when using TLS version 1.2. As always, we provide binaries that include both pyOpenSSL and the necessary OpenSSL libraries for all supported platforms: Windows x86 and x64, Linux x86 and x64, Mac OS X PPC, x86 and x64. We've also added egg-file distribution versions of our eGenix.com pyOpenSSL Distribution for Windows, Linux and Mac OS X to the available download options. These make setups using e.g. zc.buildout and other egg-file based installers a lot easier. ________________________________________________________________________ DOWNLOADS The download archives and instructions for installing the package can be found at: http://www.egenix.com/products/python/pyOpenSSL/ ________________________________________________________________________ UPGRADING Before installing this version of pyOpenSSL, please make sure that you uninstall any previously installed pyOpenSSL version. Otherwise, you could end up not using the included OpenSSL libs. _______________________________________________________________________ SUPPORT Commercial support for these packages is available from eGenix.com. Please see http://www.egenix.com/services/support/ for details about our support offerings. ________________________________________________________________________ MORE INFORMATION For more information about the eGenix pyOpenSSL Distribution, licensing and download instructions, please visit our web-site or write to sales at egenix.com. Enjoy, -- Marc-Andre Lemburg eGenix.com Professional Python Services directly from the Source (#1, Jan 28 2014) >>> Python Projects, Consulting and Support ... http://www.egenix.com/ >>> mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/ >>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/ ________________________________________________________________________ ::::: Try our mxODBC.Connect Python Database Interface for free ! :::::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/