[PYTHON-CRYPTO] ANN: M2Crypto 0.18beta1

Thomas D. Uram turam at MCS.ANL.GOV
Wed Jul 11 18:23:49 CEST 2007

(Responding here since 0.18beta1 is not in bugzilla)

With Python < 2.4, setup.py fails with:

File "setup.py", line 113, in swig_sources
NameError: global name 'swig_opts_str' is not defined

The following patch fixes this problem by using self.swig_opts instead 
of swig_opts_str which is required with the recent reorganization of the 
command-line options:

--- setup.py    (revision 571)
+++ setup.py    (working copy)
@@ -110,7 +110,7 @@
         if self.swig_cpp:
-        swig_cmd.append(swig_opts_str)
+        swig_cmd += self.swig_opts
         for source in swig_sources:
             target = swig_targets[source]


On 7/10/07 1:12 PM, Heikki Toivonen wrote:
> M2Crypto is the most complete Python wrapper for OpenSSL featuring RSA,
> DSA, DH, HMACs, message digests, symmetric ciphers (including AES); SSL
> functionality to implement clients and servers; HTTPS extensions to
> Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing
> AuthCookies for web session management; FTP/TLS client and server;
> S/MIME; ZServerSSL: A HTTPS server for Zope and ZSmime: An S/MIME
> messenger for Zope.
> This is the first beta of the 0.18 release cycle. Final release is
> scheduled for the end of July 2007. Please test this out and report any
> issues. Download links and bug filing instructions on the homepage at
> http://chandlerproject.org/Projects/MeTooCrypto.
> Changelog:
> - Added EVP.pbkdf2 to derive key from password
> - X509_Store_Context.get1_chain added
> - Added X509_Name.__iter__, __getitem__, get_entries_by_nid which allow
>   iterating over all X509_Name_Entries or getting just all commonName
> entries,
>   for example
> - Added X509_Name_Entry.get_object, get_data, set_data
> - Added back PKCS7.get0_signers (was removed in 0.16)
> - X509_Extension.get_value accepts flag and indent parameters.
> - support multiple dNSName fields in subjectAltName
> - support multiple commonName fields for SSL peer hostname checking
> - Checking for erroneous returns from more OpenSSL EVP_* functions, which
>   means that certain things that used to fail silently will now raise an
>   EVP.EVPError; affected m2 functions are: digest_final, cipher_init,
>   cipher_update, cipher_final and sign_update. sign_final will now raise
>   EVP.EVPError instead of SystemError as well.
> - Fixed Pkey.verify_final to take a sign parameter
> - If a subjectAltName extension of type dNSName is present in peer
> certificate,
>   use only the dNSNames when checking peer certificate hostname, as
> specified
>   by RFC 2818. If no dNSNames are present, use subject commonName.
> - Fixed memory leaks in m2 functions ec_key_new_by_curve_name,
>   pkey_get_modulus, ecdsa_verify, threading_init and
>   X509.X509.verify, X509.X509_Stack (which manifested for example when
>   calling X509.new_stack_from_der), SSL.Connection (which manifested
> with some
>   connection errors or when connect was never called), twisted wrapper,
>   SSL.Connection.makefile (in BIO.IOBuffer really)
> - Fixed threading regressions introduced in 0.16,
>   by Aaron Reizes and Keith Jackson
> - Added SSL session caching support to HTTPSConnection, by Keith Jackson
> - Added the ability to save and load DER formatted X509 certificates and
>   certificate requests, by Keith Jackson
> - m2xmlrpclib.py fixed to work with Python 2.5, by Miloslav Trmac
> - 64-bit correctness fixes, by Miloslav Trmac
> - Added X509_Name.as_hash, by Thomas Uram
> - Moved --openssl option from general setup.py option to build_ext option,
>   meaning you need to do: python setup.py build build_ext --openssl=/path,
>   by Philip Kershaw
> - Fixed build problem affecting certain systems where OpenSSL was built
> without
>   EC support
> - M2CRYPTO_TEST_SSL_SLEEP environment variable controls how long to sleep
>   after starting the test SSL server. Default is 0.5, but 0.1 or even 0.05
>   might work with modern computers. Makes tests finish significantly faster.

More information about the python-crypto mailing list