[Python-Dev] ssl improvements and testing question

Antoine Pitrou solipsis at pitrou.net
Thu Jun 13 20:56:26 CEST 2013

On Fri, 07 Jun 2013 00:37:01 +0200
Christian Heimes <christian at python.org> wrote:
> I'm also thinking about OCSP support and X509v3 extension support for
> _decode_certificate(). Both are a PITB ... Python has an easier and
> better documented C API.

Yes, OpenSSL's documentation is often a joke, unfortunately.

> Question:
> What's the minimum version of OpenSSL Python 3.4 is going to support?

Judging by the kind of machines we run on, I would say 0.9.7something.
Basically I don't think we should remove any existing #ifdef for 3.4.

> Do
> we have an easy way to compile and link Python against a custom
> installation of OpenSSL or do I have to fiddle around with CPPFLAGS and

You have to fiddle around, sadly.
(and you will also have to fiddle around with LD_LIBRARY_PATH)
If you find a way to improve that, your contribution is much
welcome :-)



More information about the Python-Dev mailing list