[Twisted-Python] INCOMPATIBLE CHANGE: removing dependency on PyCrypto
Zooko Wilcox-OHearn
zooko at leastauthority.com
Sun Nov 1 15:07:55 MST 2015
Yay for removing the dependency on PyCrypto! This would allow these
Twisted tickets to be closed:
* https://twistedmatrix.com/trac/ticket/4633# allow applications to
"bring their own crypto" to avoid the dependency of conch on PyCrypto
* https://twistedmatrix.com/trac/ticket/5577# Using manhole_tap ends
up requiring pycryto, even though only using telnet manhole
* https://twistedmatrix.com/trac/ticket/5805#
twisted.test.test_strcred fails on Python without pycrypto
And this Tahoe-LAFS tickets:
* https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2094# rebuild (if
necessary) PyCrypto eggs to use libgmp >= 5, to mitigate RSA timing
attack
Possibly also this Tahoe-LAFS ticket:
* https://tahoe-lafs.org/trac/tahoe-lafs/ticket/774# pycrypto package
is required for manhole
And it allows us to remove this warning label about potential timing
attacks against the SFTP connection:
https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/frontends/FTP-and-SFTP.rst#configuring-sftp-access
Regards,
Zooko
More information about the Twisted-Python
mailing list