Tryag File Manager
Home
-
Turbo Force
Current Path :
/
proc
/
self
/
root
/
usr
/
share
/
doc
/
m2crypto-0.16
/
Upload File :
New :
File
Dir
//proc/self/root/usr/share/doc/m2crypto-0.16/CHANGES
0.16 ---- - Minimum requirements updated: Python 2.3+, OpenSSL 0.9.7+, SWIG 1.3.24+ - Optional features from OpenSSL 0.9.8 and newer - Enhancements to EVP and X509 to allow proxy certificate handling, by Matt Rodriguez - SSLBio and related additions to help do SSL with BIOs directly, by Matt Rodriguez - Added --openssl option to build command which can be used to specify where OpenSSL is installed, by Matt Rodriguez - Added sign and verify to RSA class, and get_rsa to PKey class, by Matt Rodriguez - ECDSA signatures and ECDH key agreement, requires OpenSSL 0.9.8+, by Arno Bakker - Fix non-hashable type problems in SSL._ctxmap and users, by Michael Weiser - Fixed SSLServer.handle_error to take the correct number of arguments, by Dan Williams - Various DSA enhancements by Larry Bugbee - Added sha224, sha256, sha384 and sha512, by Larry Bugbee - Added serialNumber, SN, surname, GN and givenName fields to X509_Name, by Martin Paljak - m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT is the fourth certificate verification error that will be allowed when unknown CAs are allowed - post connection checks in Connection.accept() and connect() fixed (these were broken in 0.15) - Fixed EVP.Cipher to work with aes_* ciphers (used to crash Python). The actual problem was in m2.bytes_to_key. - SMIME methods and functions raise correct exceptions - Raise ValueError instead of AttributeError when a non-existing hash algorithm or SSL version is asked for - ssl_ctx_set_tmp_(dh|rsa) now return value, and the rsa version calls the rsa function instead of the dh function - digest_update and verify_update return type changed to int, which allows better error reporting; EVP.MessageDigest.update and EVP.PKey.verify_update likewise changed - X509_Name and ASN1_String as_text (new for ASN1_String) take optional parameters to control formatting. - Cipher_Stack, X509_Stack and X509_Extension_Stack are iterable - EVP.MessageDigest now properly cleans up the underlying data when the object gets deleted - It is now possible to set and get non-nid values to X509_Name (previously only set worked) - SSL.Connection.set_client_CA_list_from_file now uses the actual implementd function instead of raising exception - Multithreaded SSL no longer uses the SSL_set/get_app_data to set and restore thread state, but uses the standard PyGILState_STATE instead. - m2urllib no longer outputs the HTTP headers (there was an erronous call to set_debuglevel(1)) - Removed RCS_id, RCS_ID and _RCS_id from Python files - All known memory leaks fixed - SWIG and compiler warning fixes - More and better Epydoc formatted docstrings - More than doubled the number of unit tests, also made many demos into tests 0.15 ---- - Support OpenSSL 0.9.8, Python 2.4.1, SWIG 1.3.24 - Fixed multiple memory leaks - Twisted integration - Safer defaults for SSL context and post connection check for clients - Eliminated C pointers from interfaces (some may still remain in callbacks) - Many cases where Python interpreter crashed have been fixed - Improved thread safety of many callbacks - And of course more of the OpenSSL API is covered, new docstrings and tests have been written Changes since 0.13 -------------------- - Fixed memory leak due to circular reference in SSL.Connection. Thanks to Michael Dunstan. Oops, patch is ZServerSSL-specific. Andre Reitz provided a generalised fix. Thanks Andre. - Fixed __getattr__ error in DSA. Thanks to Igor Belyi. - Added rand_poll, rand_screen and rand_win32_event functions to M2Crypto.Rand. - Updated ZServerSSL files to match Zope 2.7.0 versions. - Integrated (overlapping) patches by Peter Teniz and Heikki Toivonen covering operations on X.509-related structures that gives M2Crypto PKI functionality. Thanks Peter and Heikki. - Peter Teniz contributed demo2004/pki/x509auth.py. - Created demo2004/ directory that will contain new or updated demos. - Added verify_[init|update|final] in _evp.i. Patch by Zachery Corbiere. Thanks Zac. Changes since 0.12/0.11 ------------------------- - Patches from Artur Frysiak <wiget@pld-linux.org>. Thanks Artur. = Allow using a passphrase callback in class SMIME. = Added method get0_signers to class PKCS7, which retrieves signers' certificates from a PKCS7 blob. = Added methods as_pem and save_pem to class X509. = Added file version.py. = Allow SSL.Context.load_verify_locations to accept both 'cafile' and 'capath'. - Fixed BIO.read() not reading until EOF. Thanks to Egil Muller <redhog@redhog.org> for suggestion. - Honour 'mode' parameter in SSL.Connection.makefile. Thanks again to Egil Muller. - Roger Binns contributed epydoc-generated docs for M2Crypto. Thanks Roger. - Peter Teniz contributed patches to create X.509 requests and certificates. Thanks Peter. - Updated Medusa to 0.54. - Make various OpenSSL bignum functions (written long ago) available to Python. Changes since 0.11 -------------------- - ZServerSSL with client certificate-based authentication rides again. - Created Makefile for Python 2.3. - Modified LICENCE: changed my name to the generic "the author" in the all-caps disclaimer paragraph. - Allow to save RSA key pair in the clear. - ZServerSSL for Zope 2.7. - Excluded RC5. IDEA was taken out several releases ago. This should allow M2Crypto to build with stock OpenSSL on various Linuxen. - Added ssl_set_tmp_dh_callback. - Added ssl_set_tmp_rsa and ssl_set_tmp_rsa_callback to support weak-cipher browsers. - ZServerSSL exports SSL_CIPHER request header (a la mod_ssl) to Zope applications. - Perform distutils's SWIG .i search path tweaking within setup.py. setup.py should now work "out of the box". - Added contrib/smimeplus.py, a high-level S/MIME interface, contributed by Bernard Yue <bernie@3captus.com>. Thanks Bernard. - Added in long forms of nid's in X509_Name. Thanks to William K Volkman <development@netshark.com> for patch. - Updated Mac OS X build instructions. Thanks to Larry Bugbee <bugbee@seanet.com>. Changes since 0.10 -------------------- - Dave Berkeley <dave@rotwang.freeserve.co.uk> contributed fixes to SSL.Context-related memory leaks and code to set the size of the SSL session cache. - Brent Chun <bnc@intel-research.net> contributed the following: + Fixes to memory leaks. + Code to expose X.509 certificate chain operations. + Code to expose set/get operations on the SSL session cache. - Changed swig/ to SWIG/, for the convenience of people who don't read INSTALL. Some Makefiles may break because of this. setup.py continues to work, of course. - ZServerSSL tested with Zope 2.6.1. There is now a HOWTO. - Updated README and INSTALL. - Filled doc/ with stuff that went missing in several past releases. Changes since 0.09 -------------------- - Updated to OpenSSL 0.9.7. Thanks to Toby Allsopp <toby@MI6.GEN.NZ> for patches. - Added functionality to create a basic certificate request. Also contributed by Toby Allsopp. - Finally, AES! Changes since 0.08 -------------------- - Replaced demo/Zope/ZServer/__init__.py with the correct version for Zope 2.6.0. - Added a sample starts.bat for ZServerSSL. - Incoporated a patch by prashanth@jibe.biz that handled the new-in-Python-2.2.2 "strict" parameter for the various HTTP[S] connection classes in httplib.py. Thanks prashanth. This fixes M2Crypto's XMLRPC support for Python 2.2.2. (Apparently it was working for Python 2.2.1.) - Incorporated some cosmetic patches from Adam Karpierz <karpierz@zope.pl>. Thanks Adam. Changes since 0.07 snapshot #3 -------------------------------- - Updated to SWIG 1.3.17. - Excluded IDEA. - Tested with OpenSSL 0.9.6h. - ZServerSSL rides again for Zope 2.6.0. - setup.py does! - Removed Makefiles for Windows and Unix. (Makefile.osx remains.) - Included in contrib/ Isaac Salzberg's application of Mihai Ibanescu's patch that allows IIS interoperability thru an authenticating proxy. Thanks Isaac. - Included in contrib/ patch by Dave Brueck <dave@pythonaprocrypha.com> that has smarter non-blocking behaviour. Thanks Dave. Changes since 0.06 ----------------------- - test_ssl_win.py. (Requires Mark Hammond's Win32 extensions.) - Renamed demo/https to demo/medusa; updated Medusa to 2001 Jun release. - Improved _ssl.i's and M2Crypto.SSL.Connection's accept/connect methods. - M2Crypto.ftpslib for client-side FTP/TLS. - demo/medusa/ftps_server.py for server-side FTP/TLS. - Improved thread-safety. - Cleaned up echo client and servers. - Fixed missing import in m2urllib. - Fixed m2urllib to handle HTTP redirects. - Python 2.2 compatibility. - AuthCookie - secure authenticator cookies. Changes since 0.05 ----------------------- - Handled the cases where Python callbacks raised exceptions. - Fixed a NULL-deref bug in _ssl.i which crashes Medusa https when IE or Opera comes a-calling. - ZServerSSL rides again - a more robust ZServerSSL for Zope 2.3.0. - Added the MIME type 'application/x-x509-ca-cert' to demo/ssl/https_srv.py. This facilitates installing self-generated certificates into your browser. - ZSmime and GuardedFile bundled. - Documentation! A HOWTO on operating your own CA. - Documentation! A HOWTO on S/MIME. Examples are in demo/smime.howto. - Python 2.1 compatibility. - Fixed demo/https/https_server.py's CPU-spinning. (As per ZServerSSL.) - Fixed m2urllib's unexpected eof - demo/ssl/urllib_cli.py now works. - Renamed xmlrpclib2.py to m2xmlrpclib.py. - Kludged SSL.ssl_dispatcher to do blocking connect()'s: see demo/ssl/https_cli_async.py. - SWIG 1.3.6 does! Thanks to Keith Jackson <krjackson@lbl.gov>. Changes since 0.04 ----------------------- - Fixed a silly reversed-logic bug in M2Crypto.SSL.Connection.setblocking(). - Fixed yet more memory leaks. Thanks to Ray Suorsa <res@loudcloud.com>. - Build instructions for Borland BC++ 5.5 free compiler suite. - Bundles the June 2000 unencumbered release of Medusa. - SSL callback thread-safety. Thanks again to Ray Suorsa for insights and patches. - Renamed M2Crypto.M2Crypto to M2Crypto.m2 to prevent package/module loading confusion. - SSL.Session and a demo in demo/ssl/sess.py. - https_srv.py, an enhanced, https version of SimpleHTTPServer.py. - Interface change: SMIME.load_pkcs7_bio() is renamed SMIME.smime_load_pkcs7_bio(), similarly SMIME.load_pkcs7() to SMIME.smime_load_pkcs7(); these load PKCS7 objects generated by S/MIME. - Interface change: SMIME.load_pkcs7_bio() now loads a PKCS7 PEM file, i.e., a file of the format "-----BEGIN PKCS7-----". - Works with both Python 2.0 and Python 1.5.2. - OpenSSL 0.9.6. (Possibly incompatible with earlier OpenSSL releases.) - Unit tests with PyUnit. - Improved C code: = Custom Python exceptions. = Diligent error checking. = Fixed memory leaks. - Renamed M2Crypto.urllib2 to M2Crypto.m2urllib. - HTTPS clients of Python 1.5.2's and Python 2.0's httplib and urllib. Changes since 0.03 ----------------------- - SSL certificate-based authentication with Python callback. - More robust SSL.Connection - raises exceptions, not dumps core. - Fixed (some) memory leaks and multiple-free()s. - Cleaned up EVP.HMAC and EVP.PKey. - More X.509 certificate manipulation. - An interface to create SSL sessions. - Unified SSL read() and write() for synchronous and asynchronous operation. - S/MIME and PKCS #7. - Integrated with OpenSSL 0.9.5. - Enhanced the PRNG interface. Changes since 0.02 ----------------------- 1. Ephemeral DH for SSL. 2. ThreadingSSLServer now does. 3. XMLrpc over https. 4. ZServerSSL for Zope 2.1.3. 5. Encrypting monitor for Zope 2.1.3. 6. Beginnings of PGP2 support. 7. Replaced eval() calls with other (hopefully) safe ones. 8. Miscellaneous enhancements and bug fixes. Changes since 0.01 ----------------------- 1. Beginnings of SSL support. For building servers, blocking i/o: - An SSLServer modeled after SocketServer. - A ForkingSSLServer that seems to work well. - A ThreadingSSLServer that runs one thread at a time. (!) ;-) For building servers, nonblocking i/o: - An ssl_dispatcher modeled after asyncore.dispatcher. A HTTPS server based on Medusa. For client-side web programming: - httpslib - urllib2 2. Support for some BIO objects. 3. Reduced per-module name space pollution. 4. Have Swig check for NULL pointers: reduced .i cut-&-paste. 5. Standardise on MPINT for passing big integers between Python and OpenSSL. 6. Removed MD5, SHA1, RIPEMD160. Just use EVP.MessageDigest. 7. Removed HMAC. Just use EVP.HMAC.