Building Python with SSL support in non-standard location
You need to edit Modules/Setup.dist
to specify the location of OpenSSL if it is not in the standard location. From Getting SSL Support in Python 2.5.1:
If you find yourself on a linux box needing ssl support in python (to
use a client in things like httplib.HTTPSConnection or
imaplib.IMAP4_SSL), then let me save you a couple of hours of hunting
around the web (of course if you have found this then that means
you've done some level hunting already!).You'll know if you need ssl support compiled into your python
installation if you get the following exception message:
AttributeError: 'module' object has no attribute 'ssl'In order to make that go away so you can continue happily slinging
python code, you'll need to first make sure you have OpenSSL
installed. By default it is installed from source at: /usr/local/sslIf that directory doesn't exist, then grab the source package.
Do the standard:
tar zxf openssl-0.9.8g.tar.gz
cd openssl-0.9.8g
./config
make
make install
Then grab the python sources for 2.5.1 and: tar zxf Python-2.5.1.tgz
&& cd Python-2.5.1Then you need to edit the Modules/Setup.dist:
204:# Socket module helper for SSL support; you must comment out the other
205:# socket line above, and possibly edit the SSL variable:
206:SSL=/usr/local/ssl
207:_ssl _ssl.c \
208: -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
209: -L$(SSL)/lib -lssl -lcrypto
If you installed OpenSSL in the default locations you can just
uncomment lines 206-209, then:./configure
make
make install
Then verify your installation with:
python /usr/local/lib/python2.5/test/test_socket_ssl.py
test_rude_shutdown ...
test_basic ...
test_timeout ...
Make sure the changes to Modules/Setup.dist
get picked up by cleaning the source root (e.g. make distclean
) and run configure
and make
again.
How do I compile Python 3.4 with custom OpenSSL?
I managed to figure it out after a lot of hair-pulling. It was a bunch of environment variables... I think I might have done a little overkill, but this basically worked:
# OpenSSL 1.0.1g
./config shared --prefix=/my/path --openssldir=/my/path/openssl
make
make install
# Python 3.4
export LDFLAGS="-L/my/path/lib/ -L/my/path/lib64/"
export LD_LIBRARY_PATH="/my/path/lib/:/my/path/lib64/"
export CPPFLAGS="-I/my/path/include -I/my/path/include/openssl"
./configure --prefix=/my/path/
make
make install
Compile Python 3.6 statically with OpenSSL
I'm trying to compile Python 3.6 on Linux statically with OpenSSL.
...# Socket module helper for SSL support; you must comment out the other
# socket line above, and possibly edit the SSL variable:
SSL=/usr/local/ssl
_ssl _ssl.c \
-DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
-L$(SSL)/lib -lssl -lcrypto
Change -lssl
and -lcrypto
to -l:libssl.a
and -l:libcrypto.a
:
SSL=/usr/local/ssl
_ssl _ssl.c \
-DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
-L$(SSL)/lib -l:libssl.a -l:libcrypto.a
You can also use the full path to the archive:
SSL=/usr/local/ssl
_ssl _ssl.c \
-DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
$(SSL)/lib/libssl.a $(SSL)/lib/libcrypto.a
Archives (*.a
) are just a collection of object files (*.o
), so you can use an archive wherever you use an object file.
Also see -l:filename
in the ld(2)
man page:
--library=namespec
Add the archive or object file specified by namespec to the list of
files to link. This option may be used any number of times. If
namespec is of the form :filename, ld will search the library path for
a file called filename, otherwise it will search the library path for
a file called libnamespec.a.
If you have other components in /usr/local
you are using, then you might want to add -L/usr/local/lib -Wl,-R,/usr/local/lib -Wl,--enable-new-dtags
to your LDFLAGS
. The new-dtags
embeds a RUNPATH
(as opposed to RPATH
) in the ELF headers. RUNPATH
can be overridden with LD_LIBRARY_PATH
.
I get a compiled binary, but it isn't statically linked to OpenSSL.
The way to check is to use ldd
with the paths you use at runtime. For example, here is from a local OpenSSL build on Fedora:
$ ldd /usr/local/bin/openssl
linux-vdso.so.1 (0x00007fff3cde6000)
libssl.so.1.0.0 => /usr/local/lib64/libssl.so.1.0.0 (0x00007f043dc4e000)
libcrypto.so.1.0.0 => /usr/local/lib64/libcrypto.so.1.0.0 (0x00007f043d9df000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f043d9c0000)
libc.so.6 => /lib64/libc.so.6 (0x00007f043d7fa000)
/lib64/ld-linux-x86-64.so.2 (0x00007f043dcc0000)
Here are a couple of related questions, but it does not look like they cover static linking with Python.
- Building Python with SSL support in non-standard location
- How do I compile Python 3.4 with custom OpenSSL?
And to be clear, config.log
has the error but you did not show the relevant portion from it:
checking whether the C compiler works... no
configure: error: in `/task/cpython':
configure: error: C compiler cannot create executables
See `config.log' for more details
Static OpenSSL may (or may not) fix the problem.
how to include ssl with python build on MacOS
Just open setup.py
and find method detect_modules()
. It has some lines like (2.7.11 for me):
# Detect SSL support for the socket module (via _ssl)
search_for_ssl_incs_in = [
'/usr/local/ssl/include',
'/usr/contrib/ssl/include/'
]
ssl_incs = find_file('openssl/ssl.h', inc_dirs,
search_for_ssl_incs_in
)
if ssl_incs is not None:
krb5_h = find_file('krb5.h', inc_dirs,
['/usr/kerberos/include'])
if krb5_h:
ssl_incs += krb5_h
ssl_libs = find_library_file(self.compiler, 'ssl',lib_dirs,
['/usr/local/ssl/lib',
'/usr/contrib/ssl/lib/'
] )
if (ssl_incs is not None and
ssl_libs is not None):
exts.append( Extension('_ssl', ['_ssl.c'],
include_dirs = ssl_incs,
library_dirs = ssl_libs,
libraries = ['ssl', 'crypto'],
depends = ['socketmodule.h']), )
else:
missing.append('_ssl')
So it seems that you need SSL and Kerberos. Kerberos comes installed with Mac. So You need to install openssl
. You can do it with brew
:
brew install openssl
openssl
headers could be installed in a path different than Python will search. So issue
locate ssl.h
and add the path to search_for_ssl_incs_in
. For example for me it is:
/usr/local/Cellar/openssl/1.0.2d_1/include/openssl/ssl.h
So I should add /usr/local/Cellar/openssl/1.0.2d_1/include/
to search_for_ssl_incs_in
.
Don't forget that these are for Python 2.7.11. But the process should be same.
Hope that helps.
Related Topics
Is Python's Sorted() Function Guaranteed to Be Stable
Check If Any Alert Exists Using Selenium with Python
How to Build a Recursive Function in Python
Does Python Optimize Modules When They Are Imported Multiple Times
What Is the Performance Impact of Non-Unique Indexes in Pandas
Find All Combinations of a List of Numbers with a Given Sum
Stream Large Binary Files with Urllib2 to File
What's the Best Way to Return Multiple Values from a Function
Splitting a String into Words and Punctuation
Handling Backreferences to Capturing Groups in Re.Sub Replacement Pattern
How to Capture Multiple Camera Streams with Opencv
Dll Load Failed Error When Importing Cv2
Pandas Column Access W/Column Names Containing Spaces
How to Map Numeric Data into Categories/Bins in Pandas Dataframe