Product SiteDocumentation Site

1.137.  m2crypto

1.137.1.  RHBA-2009:1351: bug fix update

An updated m2crypto package that fixes various bugs is now available.
The m2crypto package contains a Python module that makes it possible to call OpenSSL functions from Python scripts.
Bugs fixed in this updated package include:
  • closing a file object returned by m2urllib2 did not immediately close the underlying network connection. This could cause a process to run out of file handles. Closing a file object now closes the sockets associated with it and avoids leaking file descriptors. (BZ#460692)
  • the Python global interpreter lock was not released by blocking m2crypto functions, making it impossible to use m2crypto concurrently in a multi-threaded program. M2Crypto now uses the thread support in SWIG for functions that are likely to block. M2Crypto can now accept additional connections even when a different thread is still waiting for incoming data. (BZ#472690)
  • m2urllib2 used absolute URIs in HTTP requests instead of using only the selector part of the URI, which is not supported by some HTTP servers. Now, m2urllib2 makes requests with only the selector part of the URI, ensuring that the request is understood even by HTTP servers that do not support requests made with the absolute URI. (BZ#491674)
  • the M2Crypto SSL certificate checker incorrectly rejected certificates with a subjectAltName extension that did not contain a host name. M2Crypto now uses the certificate subject field instead of subjectAltName if subjectAltName does not contain a host name. (BZ#504060)
  • the OpenSSL locking callback in M2Crypto did not block on a lock when the lock was held by another thread. This could cause data corruption in multi-threaded applications. The locking callback now functions correctly, regardless of which thread holds the lock. (BZ#507903)
Users are advised to upgrade to this updated m2crypto package, which resolves these issues.

Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.