[Twisted-Python] [Twisted-web] Compatibility issues with Twisted and OpenSSL 1.0.2f

Eric P. Mangold teratorn at gmail.com
Tue Feb 9 06:16:54 MST 2016 

Hi Amber,

Are you aware of anyone trying to use Twisted with PyOpenSSL/LibreSSL ?
Just curious.

Cheers,
-E

On Tue, Feb 9, 2016 at 12:56 AM, Amber "Hawkie" Brown <
hawkowl at atleastfornow.net> wrote:

> Hi everyone,
>
> There's a known issue with Twisted + PyOpenSSL>=0.13 using OpenSSL version
> 1.0.2f. Please note, this only potentially affects you if:
>
> - You use Windows or OS X -- Cryptography 1.2.2's wheels have a bundled
> 1.0.2f.
> OR
> - You use a Linux or FreeBSD distribution which has OpenSSL 1.0.2f. If you
> are using a released distribution of Ubuntu or Debian, you most likely have
> a *patched* (so, still secure) past version (like Ubuntu 15.10, which has a
> patched 1.0.2d). If you are using Fedora 23, you may have 1.0.2f. You can
> check by running "openssl version".
>
> There is also an unrelated issue with CFFI that causes Cryptography 1.2
> wheels for Windows/OS X to cause CPython to crash on interpreter shutdown.
>
> The current highest working Cryptography version that causes a test suite
> pass is 1.2.2 on Linux with OpenSSL versions other than 1.0.2f, 1.1.2 on
> Windows & OS X without an unreleased CFFI patch, and 1.2.1 once the CFFI
> patch is released. Our Windows and OS X builders have their Cryptography
> dependencies pinned to 1.1.2 until these problems are solved.
>
> Please note, this doesn't mean your applications may or may not work in
> practice with OpenSSL 1.0.2f! It just means the test suite does not pass,
> so we can't be absolutely sure that 1.0.2f will not cause problems for you.
> The latest patched versions of OpenSSL are strongly recommended from a
> security standpoint.
>
> The relevant issues are:
>
> - Make tests pass on 1.0.2f (Twisted,
> https://twistedmatrix.com/trac/ticket/8189)
> - Crash during interpreter shutdown when using static callbacks (CFFI,
> https://bitbucket.org/cffi/cffi/issues/246/crash-during-interpreter-shutdown-when
> )
>
> Regards,
>
> Amber Brown
> Twisted Release Manager
>
> _______________________________________________
> Twisted-web mailing list
> Twisted-web at twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20160209/6b948196/attachment-0002.html>

More information about the Twisted-Python mailing list