Issue 14543: Upgrade OpenSSL on Windows to 0.9.8u

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/58748

classification

Title:	Upgrade OpenSSL on Windows to 0.9.8u
Type:	behavior	Stage:
Components:	Extension Modules	Versions:	Python 3.2, Python 3.3, Python 2.7

process

Status:	closed	Resolution:	fixed
Dependencies:		Superseder:
Assigned To:		Nosy List:	benjamin.peterson, dino.viehland, georg.brandl, loewis, pitrou, vstinner
Priority:	release blocker	Keywords:

Created on 2012-04-10 23:17 by dino.viehland, last changed 2022-04-11 14:57 by admin. This issue is now closed.

Files
File name	Uploaded	Description	Edit
repro.py	dino.viehland, 2012-04-10 23:17	Simple repro using httplib, but not standalone.

Messages (6)
msg157995 - (view)	Author: Dino Viehland (dino.viehland) *	Date: 2012-04-10 23:17
OpenSSL has had many fixes since the 0.9.8l version, and in particular there is one issue which prevents it from connecting with SSL with a client certificate: the end result is the SSL connection hangs or times out. Updating the OpenSSL version will fix this and enable better compatibility across platforms. I've attached my repro but if you want to try it you'll need a different server + private key pair to authenticate with. I've also confirmed re-building Python with 0.9.8m fixes the problem and Python currently ships with 0.9.8l.
msg157996 - (view)	Author: STINNER Victor (vstinner) *	Date: 2012-04-10 23:20
Why not upgrading to OpenSSL 1.0, at least for Python 3.3?
msg157997 - (view)	Author: Antoine Pitrou (pitrou) *	Date: 2012-04-10 23:31
Well, 3.3 already links with openssl-1.0.0a. However, updating to the latest 1.0.x would probably be good.
msg157998 - (view)	Author: Dino Viehland (dino.viehland) *	Date: 2012-04-10 23:38
A 1.0 version would be fine w/ me (I tested it with one of those and it worked as well) - I was just thinking a bug fix release might want to stick w/ a bug fix release of OpenSSL too.
msg157999 - (view)	Author: Antoine Pitrou (pitrou) *	Date: 2012-04-10 23:43
> A 1.0 version would be fine w/ me (I tested it with one of those and > it worked as well) - I was just thinking a bug fix release might want > to stick w/ a bug fix release of OpenSSL too. Agreed, I was replying to Victor about 3.3.
msg161051 - (view)	Author: Martin v. Löwis (loewis) *	Date: 2012-05-18 14:37
I have now upgraded OpenSSL to 0.9.8x for 2.7, to 1.0.0j for 3.2, and to 1.0.1c for 3.3.

History
Date	User	Action	Args
2022-04-11 14:57:29	admin	set	github: 58748
2012-05-18 14:37:56	loewis	set	status: open -> closed resolution: fixed
2012-05-18 14:37:45	loewis	set	nosy: + loewis messages: + msg161051
2012-04-10 23:43:17	pitrou	set	messages: + msg157999
2012-04-10 23:38:00	dino.viehland	set	messages: + msg157998
2012-04-10 23:31:39	pitrou	set	nosy: + georg.brandl messages: + msg157997 versions: + Python 3.2, Python 3.3
2012-04-10 23:20:25	vstinner	set	nosy: + vstinner messages: + msg157996
2012-04-10 23:19:09	vstinner	set	nosy: + pitrou
2012-04-10 23:17:48	dino.viehland	create