[Twisted-Python] PLEASE TEST: the new pyOpenSSL alpha release is a major change, and if you use TLS at all with Twisted you should test it

Matt Haggard haggardii at gmail.com
Tue Jan 21 15:56:06 MST 2014


Okay, glyph, since you're shouting :)

When installing, I ran into not having libffi-dev installed (ubuntu).
It wasn't hard to overcome -- just a new dependency I don't typically
install.  (I'm not even gonna try on OS X 10.6.8)

I ran the functional tests of some of our stuff here at work with the
new version and didn't have any failures/changes.  We don't do
anything beyond listenSSL and connectSSL though.

Thanks for doing this.

Matt

On Tue, Jan 21, 2014 at 2:45 PM, Glyph Lefkowitz
<glyph at twistedmatrix.com> wrote:
> Hi everyone,
>
> Since this particular detail was in the middle of Jean-Paul's release
> announcement, I feel like it's important to draw attention to it.
>
> The new pyOpenSSL v0.14 is a substantial rewrite of all of pyOpenSSL's
> bindings to OpenSSL: while this rewrite should be a vast improvement,
> because eliminates lots of error-prone hand-written C code, replacing it
> with much smaller, much safer declarative C bindings via cffi, it also means
> that things are different now.
>
> Different means “possibly broken” so please test any Twisted applications
> that use TLS with this pre-release.
>
> Sorry for all the bold text and capital letters, but this is both a big
> change and also a change to a particularly security-sensitive area of the
> Twisted stack.  If there were ever a change that you should really test
> before it's marked as “final release”, this is it.
>
> -glyph
>
>
> _______________________________________________
> Twisted-Python mailing list
> Twisted-Python at twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>



More information about the Twisted-Python mailing list