1.137.  m2crypto

closing a file object returned by m2urllib2 did not immediately close the underlying network connection. This could cause a process to run out of file handles. Closing a file object now closes the sockets associated with it and avoids leaking file descriptors. (BZ#460692)

the Python global interpreter lock was not released by blocking m2crypto functions, making it impossible to use m2crypto concurrently in a multi-threaded program. M2Crypto now uses the thread support in SWIG for functions that are likely to block. M2Crypto can now accept additional connections even when a different thread is still waiting for incoming data. (BZ#472690)

m2urllib2 used absolute URIs in HTTP requests instead of using only the selector part of the URI, which is not supported by some HTTP servers. Now, m2urllib2 makes requests with only the selector part of the URI, ensuring that the request is understood even by HTTP servers that do not support requests made with the absolute URI. (BZ#491674)

the M2Crypto SSL certificate checker incorrectly rejected certificates with a subjectAltName extension that did not contain a host name. M2Crypto now uses the certificate subject field instead of subjectAltName if subjectAltName does not contain a host name. (BZ#504060)

the OpenSSL locking callback in M2Crypto did not block on a lock when the lock was held by another thread. This could cause data corruption in multi-threaded applications. The locking callback now functions correctly, regardless of which thread holds the lock. (BZ#507903)