[PYTHON-CRYPTO] ANN: M2Crypto 0.19

Heikki Toivonen hjtoi at COMCAST.NET
Mon Oct 6 06:41:41 CEST 2008

I am happy to announce the M2Crypto 0.19 release!

M2Crypto is the most complete Python wrapper for OpenSSL featuring RSA,
DSA, DH, HMACs, message digests, symmetric ciphers (including AES); SSL
functionality to implement clients and servers; HTTPS extensions to
Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing
AuthCookies for web session management; FTP/TLS client and server;
S/MIME; ZServerSSL: A HTTPS server for Zope and ZSmime: An S/MIME
messenger for Zope. M2Crypto can also be used to provide SSL for Twisted.

Note: Python 2.6 shipped with optional timeout parameters to many
network modules; there is no support for these in M2Crypto 0.19.
Otherwise 2.6 is supported.


- OpenSSL OBJ_* functions wrapped by Pavel Shramov
- OpenSSL ENGINE interface wrapped, providing support for smart cards,
  by Martin Paljak and Pavel Shramov
- EVP.PKey.get_rsa() now returns RSA_pub, which fixes segmentation fault
  when trying to encrypt using public key from X509 certificate,
  by Ben Timby
- httpslib.ProxyHTTPSConnection now sends the required Host header,
  by Karl Grindley
- Use the proxied User-Agent value in CONNECT requests, by James Antill
  and Miloslav Trmac
- Fixed m2urllib.build_opener when optional handlers were in use,
  affected Python 2.5 and later, by Miloslav Trmac
- Reverted the incorrect GIL change done in 0.18 to
  m2.passphrase_callback, which caused a deadlock when called from
  mod_python for example. Thanks to Michal Kochel and Keith Jackson.
- SSL.Connection.accept() passed wrong certificate to
  postConnectionCheck callback
- httpslib.HTTPSConnection now raises ValueError for illegal keyword
- m2.pkey_write_pem[_no_cipher] changed to use the recommended (more
  secure) PEM_write_bio_PKCS8PrivateKey (used by
- X509.load_cert, load_cert_bio, load_cert_der_string,
  new_stack_from_der, load_request and load_crl now raise X509Error for
  invalid data. Previously some of these raised a string as an error,
  some did not raise but caused strange errors later, for example
  x509.verify() would return -1.
- Fixed SSL.Connection.get_socket_read_timeout and
  set_socket_read_timeout on 64bit platforms by adding
  SSL.timeout.struct_size() and using it instead of
  hardcoded size for socket.getsockopt
- X509_Store.load_info now returns the value from the underlying
  m2.x509_store_load_locations call, and in case of error raises
- Fixed SMIME.verify to raise the correct PKCS7_Error (used to raise
  SMIME_Error) when verification fails with Python 2.6


* Python 2.3 or newer
  o m2urllib2 requires Python 2.4 or newer
* OpenSSL 0.9.7 or newer
  o Some optional new features will require OpenSSL 0.9.8 or newer
* SWIG 1.3.24 or newer required for building
  o SWIG 1.3.30 or newer may be required with Python 2.5 or newer and
  Python 2.4 with Py_ssize_t patches

Download link available from the M2Crypto homepage:

Or use easy_install (may not work on all systems): easy_install M2Crypto

  Heikki Toivonen - http://heikkitoivonen.net

More information about the python-crypto mailing list