[Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7 (original) (raw)

M.-A. Lemburg mal at egenix.com
Mon Mar 24 13:39:07 CET 2014

• Previous message: [Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7
• Next message: [Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 24.03.2014 13:33, Antoine Pitrou wrote:

Le 24/03/2014 10:10, M.-A. Lemburg a écrit :

On 23.03.2014 08:07, Nick Coghlan wrote:

Open Questions ==============

* What are the risks associated with allowing OpenSSL to be updated to new feature versions in the Windows and Mac OS X binary installers for maintenance releases? Currently we just upgrade to the appropriate OpenSSL maintenance releases, rather than switching to the latest feature release. In particular, is it possible Windows C extensions may be linking against the Python provided OpenSSL module? Python's ssl/hashlib modules link statically against OpenSSL in Python 2.7, so the OpenSSL DLLs are not exposed to other extensions. I suppose you mean under Windows.

Yes. Should have included that detail in the email :-)

Under Linux (and probably OS X too), the ssl module is linked dynamically with OpenSSL:

$ ldd build/lib.linux-x8664-2.7-pydebug/ssl.so linux-vdso.so.1 => (0x00007fff3f1de000) libssl.so.1.0.0 => /lib/x8664-linux-gnu/libssl.so.1.0.0 (0x00007fd8853ea000) libcrypto.so.1.0.0 => /lib/x8664-linux-gnu/libcrypto.so.1.0.0 (0x00007fd885010000) libpthread.so.0 => /lib/x8664-linux-gnu/libpthread.so.0 (0x00007fd884df1000) libc.so.6 => /lib/x8664-linux-gnu/libc.so.6 (0x00007fd884a2b000) libdl.so.2 => /lib/x8664-linux-gnu/libdl.so.2 (0x00007fd884827000) /lib64/ld-linux-x86-64.so.2 (0x00007fd885868000)

Right, and it's using the system library, not a private copy - which can be both good and bad depending on how recent the system's library version is.

-- Marc-Andre Lemburg eGenix.com

Professional Python Services directly from the Source (#1, Mar 24 2014)

Python Projects, Consulting and Support ... http://www.egenix.com/ mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/ mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/

2014-03-29: PythonCamp 2014, Cologne, Germany ... 5 days to go 2014-04-09: PyCon 2014, Montreal, Canada ... 16 days to go 2014-04-29: Python Meeting Duesseldorf ... 36 days to go

eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/

• Previous message: [Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7
• Next message: [Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list