当前位置: 文江博客话题详情

在非标准位置构建支持 SSL 的 Python

发布于 2024-11-06 03:00:32 字数 3730 浏览 0 评论 0原文

我需要在没有 root 访问权限的 RHEL 上安装多个 Python 模块。至少其中一个模块还需要访问 Python.h

在这种情况下,我发现最好的办法是在 ~/local 中安装 python 及其依赖项。它通常可以正常工作,但这次 Python 无法构建 SSL 模块(请参阅下面的详细信息)。这是我正在做的事情的痕迹。

所以我下载了 python 6 源代码,然后我去了:

./configure --prefix=/home/fds/rms/local
make >& make.log

检查日志显示 ssl 模块尚未编译,但没有提及原因(在 make 或配置中没有其他 ssl 发生):

Failed to find the necessary bits to build these modules:
_bsddb             _curses            _curses_panel
_hashlib           _sqlite3           _ssl   <----------

所以我认为,python 是根本没有找到任何 ssl 库(这很奇怪,但是嘿......)。所以我下载了 openssl-0.9.8r,

./config --prefix=/home/fds/rms/local shared
make
make install

现在回到 Python,我 ./configure 并再次 make。它失败了,但这次有所不同:

Failed to build these modules:
_hashlib           _ssl

对日志文件的仔细检查揭示了这一点:

gcc -pthread -shared build/temp.linux-x86_64-2.6/home/fds/rms/installers/Python-2.6.6/Modules/_ssl.o -L/home/fds/rms/local/lib -L/usr/local/lib -lssl -lcrypto -o build/lib.linux-x86_64-2.6/_ssl.so
*** WARNING: renaming "_ssl" since importing it failed: libssl.so.0.9.8: cannot open shared object file: No such file or directory

所以现在它正在拾取库,但不太正确(文件在应该在的位置):

$ find /home/fds/rms/local -iname libssl.so.0.9.8
/home/fds/rms/local/lib/libssl.so.0.9.8

下一步是跟踪 make 并查看它在哪里寻找文件:

$ strace -f make 2>&1 | grep libssl.so.0.9.8
[pid  5584] open("/lib/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/lib64/tls/x86_64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/lib64/tls/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/lib64/x86_64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or   directory)
[pid  5584] open("/lib64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/tls/x86_64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/tls/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/x86_64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] write(1, "*** WARNING: renaming \"_ssl\" sin"..., 131*** WARNING: renaming "_ssl" since importing it failed: libssl.so.0.9.8: cannot open shared object file: No such file or directory
[pid  5584] open("/lib/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/lib64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/tls/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] write(1, "*** WARNING: renaming \"_hashlib\""..., 135*** WARNING: renaming "_hashlib" since importing it failed: libssl.so.0.9.8: cannot open shared object file: No such file or directory

嗯,它在所有错误的地方寻找。我尝试给出一个提示:

CPPFLAGS="-I/home/fds/rms/local/include -I/home/fds/rms/local/include/openssl" LDFLAGS="-L/home/fds/rms/local/lib" ./configure --prefix=/home/fds/rms/local

但没有任何变化,并且 make 似乎根本没有尝试 /home/fds/rms/local/lib

我已经很多年没有这样做了,所以也许我忽略了一些事情。任何人都可以帮助解决这个问题吗?

原文

I need to install several Python modules on a RHEL where I don't have root access. At least one of the modules also needs access to Python.h.

In this case I find that the best thing is to install python and it dependencies in ~/local. It usually just works, but this time Python fails to build the SSL module (see details below). Here's the trace of what I'm doing.

So I downloaded python 6 source and off I went:

./configure --prefix=/home/fds/rms/local
make >& make.log

An inspection to log reveals that ssl module has not been compiled, but there is no mention of the cause (no other occurence of ssl in make or configure):

Failed to find the necessary bits to build these modules:
_bsddb             _curses            _curses_panel
_hashlib           _sqlite3           _ssl   <----------

So I figure, python is not finding any ssl library at all (which is strange, but hey...). So I download openssl-0.9.8r and

./config --prefix=/home/fds/rms/local shared
make
make install

Now back to Python, I ./configure and make again. It fails, but this time it's different:

Failed to build these modules:
_hashlib           _ssl

A closer inspection to the log file reveals this:

gcc -pthread -shared build/temp.linux-x86_64-2.6/home/fds/rms/installers/Python-2.6.6/Modules/_ssl.o -L/home/fds/rms/local/lib -L/usr/local/lib -lssl -lcrypto -o build/lib.linux-x86_64-2.6/_ssl.so
*** WARNING: renaming "_ssl" since importing it failed: libssl.so.0.9.8: cannot open shared object file: No such file or directory

So now it's picking up the library but not quite getting it right (the file is there where is should be):

$ find /home/fds/rms/local -iname libssl.so.0.9.8
/home/fds/rms/local/lib/libssl.so.0.9.8

Next thing is tracing make and see where is it looking for the file:

$ strace -f make 2>&1 | grep libssl.so.0.9.8
[pid  5584] open("/lib/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/lib64/tls/x86_64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/lib64/tls/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/lib64/x86_64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or   directory)
[pid  5584] open("/lib64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/tls/x86_64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/tls/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/x86_64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] write(1, "*** WARNING: renaming \"_ssl\" sin"..., 131*** WARNING: renaming "_ssl" since importing it failed: libssl.so.0.9.8: cannot open shared object file: No such file or directory
[pid  5584] open("/lib/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/lib64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/tls/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] open("/usr/lib64/libssl.so.0.9.8", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid  5584] write(1, "*** WARNING: renaming \"_hashlib\""..., 135*** WARNING: renaming "_hashlib" since importing it failed: libssl.so.0.9.8: cannot open shared object file: No such file or directory

Mhhh, it's looking in all the wrong places. I try to give a hint:

CPPFLAGS="-I/home/fds/rms/local/include -I/home/fds/rms/local/include/openssl" LDFLAGS="-L/home/fds/rms/local/lib" ./configure --prefix=/home/fds/rms/local

But nothing changes, and make does not seem to try /home/fds/rms/local/lib at all.

I haven't done this in years, so maybe I'm overlooking something. Can anyone help with the problem?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(13

久随 2024-11-13 03:00:32

如果 OpenSSL 不在标准位置,则需要编辑 Modules/Setup.dist 来指定 OpenSSL 的位置。来自在 Python 2.5.1 中获取 SSL 支持

如果您发现自己的 Linux 机器需要 python 中的 ssl 支持(以
在 httplib.HTTPSConnection 等中使用客户端或
imaplib.IMAP4_SSL),那么让我为您节省几个小时的寻找时间
在网络上(当然,如果你发现了这个,那就意味着
您已经完成了一些关卡狩猎!)。

你会知道是否需要将 ssl 支持编译到你的 python 中
安装时如果收到以下异常消息:
AttributeError:“模块”对象没有属性“ssl”

为了让这种情况消失,这样你就可以继续快乐地吊索
python 代码,您需要首先确保您有 OpenSSL
安装。默认情况下,它从源代码安装在:/usr/local/ssl

如果该目录不存在,则获取源包。

执行标准:

tar zxf openssl-0.9.8g.tar.gz
cd openssl-0.9.8g
./配置
制作
进行安装

然后获取 2.5.1 的 python 源代码: tar zxf Python-2.5.1.tgz
&& cd Python-2.5.1

然后你需要编辑Modules/Setup.dist:

204:# 用于 SSL 支持的套接字模块助手;你必须注释掉其他的
205:# 上面的套接字行,并可能编辑 SSL 变量:
206:SSL=/usr/local/ssl
207:_ssl _ssl.c \
208: -DUSE_SSL -I$(SSL)/包括 -I$(SSL)/include/openssl \
209:-L$(SSL)/lib -lssl -lcrypto

如果您在默认位置安装了 OpenSSL,您只需
取消注释第 206-209 行,然后:

<预置><代码>./配置
制作
进行安装

然后使用以下命令验证您的安装:

python /usr/local/lib/python2.5/test/test_socket_ssl.py
test_rude_shutdown ...
测试基本...
测试超时...

确保通过清理源根目录来获取对 Modules/Setup.dist 的更改(例如 make distclean )并再次运行 configuremake

You need to edit Modules/Setup.dist to specify the location of OpenSSL if it is not in the standard location. From Getting SSL Support in Python 2.5.1:

If you find yourself on a linux box needing ssl support in python (to
use a client in things like httplib.HTTPSConnection or
imaplib.IMAP4_SSL), then let me save you a couple of hours of hunting
around the web (of course if you have found this then that means
you've done some level hunting already!).

You'll know if you need ssl support compiled into your python
installation if you get the following exception message:
AttributeError: 'module' object has no attribute 'ssl'

In order to make that go away so you can continue happily slinging
python code, you'll need to first make sure you have OpenSSL
installed. By default it is installed from source at: /usr/local/ssl

If that directory doesn't exist, then grab the source package.

Do the standard:

tar zxf openssl-0.9.8g.tar.gz
cd openssl-0.9.8g
./config
make
make install

Then grab the python sources for 2.5.1 and: tar zxf Python-2.5.1.tgz
&& cd Python-2.5.1

Then you need to edit the Modules/Setup.dist:

204:# Socket module helper for SSL support; you must comment out the other
205:# socket line above, and possibly edit the SSL variable:
206:SSL=/usr/local/ssl
207:_ssl _ssl.c \
208:    -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
209:    -L$(SSL)/lib -lssl -lcrypto

If you installed OpenSSL in the default locations you can just
uncomment lines 206-209, then:

./configure
make
make install

Then verify your installation with:

python /usr/local/lib/python2.5/test/test_socket_ssl.py
test_rude_shutdown ...
test_basic ...
test_timeout ...

Make sure the changes to Modules/Setup.dist get picked up by cleaning the source root (e.g. make distclean) and run configure and make again.

回复 原文
轮廓§ 2024-11-13 03:00:32

@PeterVanGalen 有一个很好的方法,并且截至 2021 年都是相关的,但我不同意一些细节。

他修改 Modules/Setup 文件的方法导致 libssl.so 和 libcrypto.so 库成为 python 二进制文件本身的动态依赖项。这并不符合预期——这些应该是 python 可导入 .so 的依赖项,例如 _ssl.cpython-39-x86_64-linux-gnu.so

他的方法也不包括如何在运行时而不是构建时找到 libssl.solibcrypto.so 的解决方案。如果它们位于某些不寻常的自定义路径中,这一点很重要,否则 python 将根本无法运行或无法导入 ssl。您可以通过多种方式解决它(想到LD_LIBRARY_PATHld.so.conf),但我选择使用rpath,以便.so<当我使用这个 python 时, /code> 文件总是可以在其自定义位置找到,但否则不会妨碍。

这是我对 @PeterValGalen 方法的修改:

# First we need openssl installed in a custom location...
tar zxf openssl-1.1.1j.tar.gz
cd openssl-1.1.1j
./config --prefix=/my/weird/path --openssldir=/my/weird/path/ssl
make
make install  # Add `sudo` if needed for permission to /my/weird/path.
cd ..

# Now the python part...
wget https://www.python.org/ftp/python/3.9.2/Python-3.9.2.tgz
tar xf Python-3.9.2.tgz
cd Python-3.9.2
LDFLAGS="${LDFLAGS} -Wl,-rpath=/my/weird/path/lib" ./configure --with-openssl=/my/weird/path
make
make install  # Add `sudo` if needed for permissions.

当这样做时,openssl 库不是 python 二进制文件的依赖项,而是 _ssl*.so 的依赖项

$ ldd ./python | grep weird
# [Nothing]

$ ldd build/lib.linux-x86_64-3.9/_ssl.cpython-39-x86_64-linux-gnu.so  | grep weird
        libssl.so.1.1 => /my/weird/path/lib/libssl.so.1.1 (0x00007f733ee73000)
        libcrypto.so.1.1 => /my/weird/path/lib/libcrypto.so.1.1 (0x00007f733e9ab000)

,它可以工作:

$ ./python -c "import ssl; print('yay')"
yay

$ ./python Lib/test/test_ssl.py
# ... lots of good stuff...
OK (skipped=10)

@PeterVanGalen has a good method, and is relevant as of 2021, but I disagree with some details.

His method of modifying the Modules/Setup file results in the libssl.so and libcrypto.so libraries becoming dynamic dependencies of the python binary itself. This is not as intended -- those are supposed to be dependencies of python importable .so's, like _ssl.cpython-39-x86_64-linux-gnu.so.

His method also doesn't include a solution for how libssl.so and libcrypto.so will be found at runtime, rather than build time. This matters if they are in some unusual, custom path, or else python will either not run at all or be unable to import ssl. You could solve it in lots of ways (LD_LIBRARY_PATH and ld.so.conf come to mind) but I opted to use rpath, so that the .so files can always be found in their custom location when I use this python, but will otherwise stay out of the way.

This is my modification of @PeterValGalen's approach:

# First we need openssl installed in a custom location...
tar zxf openssl-1.1.1j.tar.gz
cd openssl-1.1.1j
./config --prefix=/my/weird/path --openssldir=/my/weird/path/ssl
make
make install  # Add `sudo` if needed for permission to /my/weird/path.
cd ..

# Now the python part...
wget https://www.python.org/ftp/python/3.9.2/Python-3.9.2.tgz
tar xf Python-3.9.2.tgz
cd Python-3.9.2
LDFLAGS="${LDFLAGS} -Wl,-rpath=/my/weird/path/lib" ./configure --with-openssl=/my/weird/path
make
make install  # Add `sudo` if needed for permissions.

When done this way, the openssl libs are not dependencies of the python binary, but are dependencies of the _ssl*.so

$ ldd ./python | grep weird
# [Nothing]

$ ldd build/lib.linux-x86_64-3.9/_ssl.cpython-39-x86_64-linux-gnu.so  | grep weird
        libssl.so.1.1 => /my/weird/path/lib/libssl.so.1.1 (0x00007f733ee73000)
        libcrypto.so.1.1 => /my/weird/path/lib/libcrypto.so.1.1 (0x00007f733e9ab000)

And it works:

$ ./python -c "import ssl; print('yay')"
yay

$ ./python Lib/test/test_ssl.py
# ... lots of good stuff...
OK (skipped=10)
回复 原文
红玫瑰 2024-11-13 03:00:32

在 Linux Red Hat 7.7 x86_64 上,以下工作在我的主目录 (/home/unix/vangalen) 中安装 openssl-1.1.1dPython-3.8.1

安装 OpenSSL
源1 source2

cd ~
wget https://www.openssl.org/source/openssl-1.1.1d.tar.gz
tar -xzf openssl-1.1.1d.tar.gz
cd /home/unix/vangalen/openssl-1.1.1d
./config --prefix=/home/unix/vangalen/openssl --openssldir=/home/unix/vangalen/openssl
make
make test
make install

安装Python
源代码2 source3 source4

cd ~
wget https://www.python.org/ftp/python/3.8.1/Python-3.8.1.tgz
tar xf Python-3.8.1.tgz

在文本编辑器中修改Python-3.8.1/Modules/Setup。如果该文件不存在,您可能需要先执行失败的运行。取消注释行并调整第 206 至 213 行中的 SSL 别名:

_socket socketmodule.c

# 用于 SSL 支持的套接字模块助手;你必须注释掉其他的
# 上面的套接字行,并可能编辑 SSL 变量:
SSL=/home/unix/vangalen/openssl
_ssl _ssl.c \
  -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
  -L$(SSL)/lib -lssl -lcrypto

cd ~/Python-3.8.1
export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/home/unix/vangalen/openssl/lib
./configure --prefix=/home/unix/vangalen/py-381 --with-openssl=/home/unix/vangalen/openssl
make
make test
make install

On Linux Red Hat 7.7 x86_64, the following worked to install openssl-1.1.1d and Python-3.8.1 in my home directory (/home/unix/vangalen):

Install OpenSSL
source1 source2

cd ~
wget https://www.openssl.org/source/openssl-1.1.1d.tar.gz
tar -xzf openssl-1.1.1d.tar.gz
cd /home/unix/vangalen/openssl-1.1.1d
./config --prefix=/home/unix/vangalen/openssl --openssldir=/home/unix/vangalen/openssl
make
make test
make install

Install Python
source2 source3 source4

cd ~
wget https://www.python.org/ftp/python/3.8.1/Python-3.8.1.tgz
tar xf Python-3.8.1.tgz

Modify Python-3.8.1/Modules/Setup in a text editor. If this file doesn't exist you may need to go through a failed run first. Uncomment lines and adjust the alias for SSL in lines 206 to 213::

_socket socketmodule.c

# Socket module helper for SSL support; you must comment out the other
# socket line above, and possibly edit the SSL variable:
SSL=/home/unix/vangalen/openssl
_ssl _ssl.c \
  -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
  -L$(SSL)/lib -lssl -lcrypto

cd ~/Python-3.8.1
export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/home/unix/vangalen/openssl/lib
./configure --prefix=/home/unix/vangalen/py-381 --with-openssl=/home/unix/vangalen/openssl
make
make test
make install
回复 原文
情徒 2024-11-13 03:00:32

在 Bourne shell(/bin/sh 或 /bin/bash)中:

$ LD_LIBRARY_PATH=/usr/local/lib
$ export LD_LIBRARY_PATH
$ make

在 C-shell(/bin/csh 或 /bin/tcsh)中:

% setenv LD_LIBRARY_PATH /usr/local/lib
% make

in the Bourne shell (/bin/sh or /bin/bash):

$ LD_LIBRARY_PATH=/usr/local/lib
$ export LD_LIBRARY_PATH
$ make

in the C-shell (/bin/csh or /bin/tcsh):

% setenv LD_LIBRARY_PATH /usr/local/lib
% make
回复 原文
两相知 2024-11-13 03:00:32

对我来说,编辑 Modules/Setup 还不够,因为 _hashlib 模块最终仍然使用了错误的 OpenSSL 版本;在我的 SLES 系统上,运行时未考虑 LD_LIBRARY_PATH

有效的方法是通过编辑 setup.py 按照 GitHub 补丁:eddy-geek/ python_custom_openssl.diff,然后make clean &&制作

有关为什么我在 Stack Overflow 上使用静态链接的更多详细信息,请访问 使用自定义 openssl 版本编译 python 时的 Coredump

For me editing Modules/Setup was not enough as _hashlib module still ended up using the wrong OpenSSL version; and LD_LIBRARY_PATH was not taken into account at runtime on my SLES system.

What worked was to statically link the local OpenSSL to both _ssl and _hashlib by editing setup.py as per GitHub patch: eddy-geek/ python_custom_openssl.diff, and then make clean && make.

More details on why I used static links on Stack Overflow at Coredump when compiling python with a custom openssl version.

回复 原文
恋你朝朝暮暮 2024-11-13 03:00:32

这是我使用 Python 2.7.11 的完整过程。

在顶级Python2.7.11源目录中:

  1. 更改Modules/Setup.distModules/Setup:取消注释_ssl部分,注释掉_socket(如果已注释掉,则无操作),取消注释并适当设置 SSL(新 ssl lib/includes 的路径等)

    注意:Modules/Setup 文件最初并不存在,但我相信在第一次运行后它会从 Modules/Setup.dist 获取内容。确保每次运行前更改都反映在此处。

  2. 应用补丁:http://gist.github.com/eddy-geek/9604982
    (如果之前运行过 make,则进行 distclean)

    ./configure --prefix=/root/.local/aks/py-ssl/python2.7 --enable-shared

# 修改:Makefile->将 svnversion 设置为“”

制作

进行替代安装

Here is the complete process I used with Python 2.7.11.

In top level Python2.7.11 source dir:

  1. Change Modules/Setup.dist, Modules/Setup : Uncomment _ssl section, comment out _socket (no-op if it's already commented out), uncomment and set SSL appropriately (path to your new ssl lib/includes etc.)

    Note: Modules/Setup file does not exist initially but after first run it get's content from Modules/Setup.dist i believe. Make sure changes are reflected in here before every run.

  2. Apply patch: http://gist.github.com/eddy-geek/9604982
    (make distclean if previously ran make)

    ./configure --prefix=/root/.local/aks/py-ssl/python2.7 --enable-shared

# modify: Makefile -> set svnversion to ""

make

make altinstall
回复 原文
梦忆晨望 2024-11-13 03:00:32

OpenSSL

cd /opt
sudo wget https://www.openssl.org/source/openssl-1.1.1q.tar.gz --no-check-certificate
sudo mkdir /opt/openssl
sudo tar xfvz openssl-1.1.1q.tar.gz --directory /opt/openssl
export LD_LIBRARY_PATH=/opt/openssl/lib
cd /opt/openssl/openssl-1.1.1q/
sudo ./config --prefix=/opt/openssl --openssldir=/opt/openssl/ssl
sudo make
sudo make test
sudo make install
sudo ln -s /usr/local/bin/openssl /usr/bin/openssl

Python 3.9.13

cd /usr/src 
sudo wget https://www.python.org/ftp/python/3.9.13/Python-3.9.13.tgz 
sudo tar xzf Python-3.9.13.tgz
cd /usr/src/Python-3.9.13
sudo CFLAGS="-I/opt/openssl/include/" LDFLAGS="${LDFLAGS} -Wl,-rpath=$LD_LIBRARY_PATH" ./configure --enable-optimizations --with-openssl=/opt/openssl
sudo make altinstall -j6
sudo ln -s /usr/local/bin/python3.9 /usr/bin/python3

pip3

sudo ln -s /usr/local/bin/pip3.9 /usr/bin/pip3
pip3 install --upgrade pip

在 Ubuntu 14.04.06 上测试

OpenSSL

cd /opt
sudo wget https://www.openssl.org/source/openssl-1.1.1q.tar.gz --no-check-certificate
sudo mkdir /opt/openssl
sudo tar xfvz openssl-1.1.1q.tar.gz --directory /opt/openssl
export LD_LIBRARY_PATH=/opt/openssl/lib
cd /opt/openssl/openssl-1.1.1q/
sudo ./config --prefix=/opt/openssl --openssldir=/opt/openssl/ssl
sudo make
sudo make test
sudo make install
sudo ln -s /usr/local/bin/openssl /usr/bin/openssl

Python 3.9.13

cd /usr/src 
sudo wget https://www.python.org/ftp/python/3.9.13/Python-3.9.13.tgz 
sudo tar xzf Python-3.9.13.tgz
cd /usr/src/Python-3.9.13
sudo CFLAGS="-I/opt/openssl/include/" LDFLAGS="${LDFLAGS} -Wl,-rpath=$LD_LIBRARY_PATH" ./configure --enable-optimizations --with-openssl=/opt/openssl
sudo make altinstall -j6
sudo ln -s /usr/local/bin/python3.9 /usr/bin/python3

pip3

sudo ln -s /usr/local/bin/pip3.9 /usr/bin/pip3
pip3 install --upgrade pip

Tested on Ubuntu 14.04.06

回复 原文
最笨的告白 2024-11-13 03:00:32

在我返回 openssl 日志之前,我得到了相同的结果。
在那里我看到构建 openssl 时需要使用 -fPIC:
构建'_ssl'扩展:

gcc -pthread -fPIC -fno-strict-aliasing -g -O2 -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -I/usr/local/ssl/include -I. -IInclude -I./Include -I/usr/local/include -I/home/feramos/Python-2.7.3/Include -I/home/feramos/Python-2.7.3 -c /home/feramos/Python-2.7.3/Modules/_ssl.c -o build/temp.linux-x86_64-2.7/home/feramos/Python-2.7.3/Modules/_ssl.o
gcc -pthread -shared build/temp.linux-x86_64-2.7/home/feramos/Python-2.7.3/Modules/_ssl.o -L/usr/local/ssl/lib -L/usr/local/lib -lssl -lcrypto -o build/lib.linux-x86_64-2.7/_ssl.so
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(x86_64cpuid.o): relocation R_X86_64_PC32 against `OPENSSL_cpuid_setup' can not be used when making a shared object; recompile with -fPIC

openssl-0.9.8g]# .config -fPIC

然后,make,make install openssl,然后再次构建Python。

I was getting the same result until I got back to the logs for openssl.
There I saw that you need to use -fPIC when building openssl:
building '_ssl' extension:

gcc -pthread -fPIC -fno-strict-aliasing -g -O2 -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -I/usr/local/ssl/include -I. -IInclude -I./Include -I/usr/local/include -I/home/feramos/Python-2.7.3/Include -I/home/feramos/Python-2.7.3 -c /home/feramos/Python-2.7.3/Modules/_ssl.c -o build/temp.linux-x86_64-2.7/home/feramos/Python-2.7.3/Modules/_ssl.o
gcc -pthread -shared build/temp.linux-x86_64-2.7/home/feramos/Python-2.7.3/Modules/_ssl.o -L/usr/local/ssl/lib -L/usr/local/lib -lssl -lcrypto -o build/lib.linux-x86_64-2.7/_ssl.so
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(x86_64cpuid.o): relocation R_X86_64_PC32 against `OPENSSL_cpuid_setup' can not be used when making a shared object; recompile with -fPIC

openssl-0.9.8g]# .config -fPIC

then, make, make install for openssl and then build Python again.

回复 原文
维持三分热 2024-11-13 03:00:32

我有一组针对下面 2 和 3 的静态 openssl 和静态 libintl 的补丁。

对于 openssl(第一个补丁),您必须设置环境变量 OPENSSL_ROOT。

这是基于 http://gist.github.com/eddy-geek/9604982 的补丁

对于Python 2.7.14:

https://gist.github.com/rkitover/2d9e5baff1f1cc4f2618dee53083bd35

< a href="https://gist.github.com/rkitover/afab7ed3ac7ce1860c43a258571c8ae1" rel="nofollow noreferrer">https://gist.github.com/rkitover/afab7ed3ac7ce1860c43a258571c8ae1

对于 Python 3.6.3:

https://gist.github.com/rkitover/93d89a679705875c59275fb0a8f22b45

https://gist.github.com/rkitover/b18f19eafda3775a9652cc9cdf3ec914

I have a set of a couple of patches for static openssl and static libintl for 2 and 3 below.

For openssl (first patch) you have to set the env var OPENSSL_ROOT.

This is based on the patch from http://gist.github.com/eddy-geek/9604982 .

For Python 2.7.14:

https://gist.github.com/rkitover/2d9e5baff1f1cc4f2618dee53083bd35

https://gist.github.com/rkitover/afab7ed3ac7ce1860c43a258571c8ae1

For Python 3.6.3:

https://gist.github.com/rkitover/93d89a679705875c59275fb0a8f22b45

https://gist.github.com/rkitover/b18f19eafda3775a9652cc9cdf3ec914

回复 原文
稀香 2024-11-13 03:00:32

对于MAC OS HIGH Sierra
Python-3.5.6
在上面的答案中,openssl 安装是使用源代码完成的,但是如果您使用brew 安装,它会告诉安装的软件包在哪里,所以如果您使用brew 安装openssl

brew install openssl

这会将openssl 安装在 /usr/local/Cellar/openssl/ 1.0.2o_2/ 此路径需要在

的 Modules/Setup.dist 中更新,请遵循上面提到的这个答案,其中未提及 openssl 安装位置来更新 Modules/Setup.dist

在上述行中将 SSL 值更新为

SSL=/usr/local/Cellar/openssl/1.0.2o_2/

并取消注释行,
执行 CMM,您的 python 将使用 openssl 进行编译。

For MAC OS HIGH Sierra,
and Python-3.5.6
In the above answer the openssl installation is done using source,but if you install using brew it tells where the installed package is, so if you install openssl using brew

brew install openssl

This will install openssl at /usr/local/Cellar/openssl/1.0.2o_2/ this path needs to be updated in Modules/Setup.dist at

Follow this answer which is mentioned above where the location of openssl installation is not mentioned to update the Modules/Setup.dist

In the above lines update SSL value to

SSL=/usr/local/Cellar/openssl/1.0.2o_2/

and uncomment the lines,
do a CMM and your python will get compiled with openssl.

回复 原文
尾戒 2024-11-13 03:00:32

我正在构建 Python2.7.13,我看到了同样的问题。对于 2.7.13,您必须使用“openssl1.0.0e”或更高版本才能使其工作。我尝试了 openssl-0.9.8g 但不起作用。
不知何故,我无法仅修改 Modules/Setup.dist 使其工作,因此我必须手动编译 _ssl.o。
我想这是因为我提供的 openssl-0.9.8g 不起作用,并且它搜索了系统默认的 libssl.so.10 ,但它也不起作用。

I'm building Python2.7.13 and I see this same issue. For 2.7.13 you have to use "openssl1.0.0e" or above to make it work. I tried openssl-0.9.8g and it doesn't work.
And somehow I can't make it work just modifying Modules/Setup.dist so I have to manually compile that _ssl.o.
I guess this is because openssl-0.9.8g I provided is not working and it searched for system default libssl.so.10 which doesn't work either.

回复 原文
别在捏我脸啦 2024-11-13 03:00:32

尝试将 -Wl,-rpath,/home/fds/rms/local/lib 添加到 LDPATH

Try adding -Wl,-rpath,/home/fds/rms/local/lib to LDPATH.

回复 原文
故事灯 2024-11-13 03:00:32

我在下面找到了一个非常好的和完整的解释。

  • 标题:
    如何在没有 SSL 问题的情况下为多个帐户安装共享 Python

https://medium.com/@ enahwe/how-to-06bc8a042345

I found a really good and complete explanation bellow.

  • Title:
    How to install a shared Python for multiple accounts without SSL issues

https://medium.com/@enahwe/how-to-06bc8a042345

回复 原文
~没有更多了~

关于作者

转身以后

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lorenzathorton8

文章 0 评论 0

Zero

文章 0 评论 0

萧瑟寒风

文章 0 评论 0

mylayout

文章 0 评论 0

tkewei

文章 0 评论 0

17818769742

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文