[英]Install python ssl module on linux without recompiling
Is it possible to install the SSL module for python on a linux box that already has OpenSSL installed without recompiling python? 是否可以在已经安装了OpenSSL的Linux机器上安装python的SSL模块,而无需重新编译python? I was hoping it would be as simple as copying over a few files and including them in the library path. 我希望它就像复制几个文件并将它们包括在库路径中一样简单。 Python version is 2.4.3. Python版本是2.4.3。 Thanks! 谢谢!
Is it possible to install the SSL module for python on a linux box that already has OpenSSL installed without recompiling python? 是否可以在已经安装了OpenSSL的Linux机器上安装python的SSL模块,而无需重新编译python?
Yes. 是。 Python's setup.py
uses the following logic to detect OpenSSL: Python的setup.py
使用以下逻辑来检测OpenSSL:
search_for_ssl_incs_in = [
'/usr/local/ssl/include',
'/usr/contrib/ssl/include/'
]
ssl_incs = find_file('openssl/ssl.h', inc_dirs,
search_for_ssl_incs_in
ssl_libs = find_library_file(self.compiler, 'ssl',lib_dirs,
['/usr/local/ssl/lib',
'/usr/contrib/ssl/lib/'
] )
if (ssl_incs is not None and
ssl_libs is not None):
exts.append( Extension('_ssl', ['_ssl.c'],
include_dirs = ssl_incs,
library_dirs = ssl_libs,
libraries = ['ssl', 'crypto'],
depends = ['socketmodule.h']), )
The point is Python is not static linking against libssl
and libcrypto
. 关键是Python 不是静态链接到libssl
和libcrypto
。 (Some static linking occurs with cctyes
, but nothing else). (某些静态链接与cctyes
一起cctyes
,但cctyes
没有其他)。
Now, the bad thing is that the project uses system paths before your locally installed paths. 现在,不好的是项目在本地安装的路径之前使用了系统路径。 For example, the project uses inc_dirs
(system) before search_for_ssl_incs_in
(local). 例如,项目在 search_for_ssl_incs_in
(本地) 之前使用inc_dirs
(系统)。 (See more on this below). (请参阅下面的更多内容)。
After you run configure
, you will have a Modules/Setup
with the following lines commented out: 运行configure
,您将获得一个Modules/Setup
,其中注释了以下几行:
# Socket module helper for SSL support; you must comment out the other
# socket line above, and possibly edit the SSL variable:
#SSL=/usr/local/ssl
#_ssl _ssl.c \
# -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
# -L$(SSL)/lib -lssl -lcrypto
Again, no static linking. 同样,没有静态链接。 (And this assumes the previous version of Python uncommented those lines). (并且假设Python的先前版本未注释这些行)。
So you should be able to build a binary compatible version of OpenSSL and use LD_LIBRARY_PATH
or LD_PREOLAD
to ensure Python uses your updated version of OpenSSL. 因此,您应该能够构建OpenSSL的二进制兼容版本,并使用LD_LIBRARY_PATH
或LD_PREOLAD
来确保Python使用更新的OpenSSL版本。
OpenSSL 0.9.7 and 0.9.8 are binary compatible. OpenSSL 0.9.7和0.9.8是二进制兼容的。 OpenSSL 1.0.0, 1.0.1 and 1.0.2 are binary compatible. OpenSSL 1.0.0、1.0.1和1.0.2是二进制兼容的。 OpenSSL 0.9.8 and 1.0.0 are not binary compatible. OpenSSL 0.9.8和1.0.0 不二进制兼容。
Here's the problem with Python's setup placing system includes before local includes: 这是Python的安装程序放置系统在本地包含之前包含的问题:
export CFLAGS="-I/usr/local/ssl/darwin/include"; export LDFLAGS="-L/usr/local/ssl/darwin/lib"
<edit Setup search_for_ssl_incs_in and search_for_ssl_incs_in>
./configure
<edit Modules/Setup>
make
...
/Users/jww/Python-3.4.2/Modules/_ssl.c:390:9: warning:
'ERR_peek_last_error' is deprecated [-Wdeprecated-declarations]
e = ERR_peek_last_error();
^
/usr/include/openssl/err.h:274:15: note: 'ERR_peek_last_error' declared here
unsigned long ERR_peek_last_error(void) DEPRECATED_IN_MAC_OS_X_VERSION_1...
^
/Users/jww/Python-3.4.2/Modules/_ssl.c:393:15: warning:
'SSL_get_error' is deprecated [-Wdeprecated-declarations]
err = SSL_get_error(obj->ssl, ret);
...
Python used the down level version 0.9.8 version of OpenSSL provided by Apple, and not my recent OpenSSL 1.0.1k. Python使用Apple提供的OpenSSL的下层版本0.9.8,而不是我最近的OpenSSL 1.0.1k。 That's despite me (1) exporting them in CFLAGS
and LDFLAGS
; 尽管有我(1)将它们导出到CFLAGS
和LDFLAGS
; (2) editing Setup
; (2)编辑Setup
; and (3) editing Modules/Setup
. 和(3)编辑Modules/Setup
。
And I still have runtime path problems to contend with, so I'll need to use LD_PRELOAD_PATH
, DYNLIB_LIBRARY_PATH
, etc. 而且我仍然需要解决运行时路径问题,因此我将需要使用LD_PRELOAD_PATH
, DYNLIB_LIBRARY_PATH
等。
NOTE: Python >= 2.6 already has SSL support built-in, there's no need to install ssl
package. 注意: Python> = 2.6已经内置了SSL支持,因此无需安装ssl
软件包。
Install package from pypi: 从pypi安装软件包:
pip install ssl
If you're missing pip
command, install it for your distribution: 如果您缺少pip
命令,请安装它以进行分发:
RedHat/Centos: RedHat / Centos:
yum install python-pip
Debian/Ubuntu Debian / Ubuntu
apt-get install python-pip
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.