[Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7 (original) (raw)
Antoine Pitrou solipsis at pitrou.net
Mon Mar 24 13:33:00 CET 2014
- Previous message: [Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7
- Next message: [Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Le 24/03/2014 10:10, M.-A. Lemburg a écrit :
On 23.03.2014 08:07, Nick Coghlan wrote:
Open Questions ==============
* What are the risks associated with allowing OpenSSL to be updated to new feature versions in the Windows and Mac OS X binary installers for maintenance releases? Currently we just upgrade to the appropriate OpenSSL maintenance releases, rather than switching to the latest feature release. In particular, is it possible Windows C extensions may be linking against the Python provided OpenSSL module? Python's ssl/hashlib modules link statically against OpenSSL in Python 2.7, so the OpenSSL DLLs are not exposed to other extensions.
I suppose you mean under Windows. Under Linux (and probably OS X too), the _ssl module is linked dynamically with OpenSSL:
$ ldd build/lib.linux-x86_64-2.7-pydebug/_ssl.so linux-vdso.so.1 => (0x00007fff3f1de000) libssl.so.1.0.0 => /lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x00007fd8853ea000) libcrypto.so.1.0.0 => /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (0x00007fd885010000) libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007fd884df1000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fd884a2b000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fd884827000) /lib64/ld-linux-x86-64.so.2 (0x00007fd885868000)
Regards
Antoine.
- Previous message: [Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7
- Next message: [Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]