Last active
December 16, 2018 11:34
-
-
Save aerickson/f15133a7e56b2d7f27e3 to your computer and use it in GitHub Desktop.
how to rebuild PyCurl against OpenSSL on Ubuntu (12-13+)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| XBMC uses pycurl/libcurl to fetch stuff. YouTube requires the RC4 | |
| cipher that GnuTLS has removed for security reasons (or doesn't allow | |
| it to be selected, or XBMC doesn't allow to specify the cipher...). | |
| PyCurl linked against OpenSSL can take the RC4 argument and make the | |
| Youtube plugin work (Ubuntu ships it linked against GnuTLS), so we | |
| need to rebuild to make it work. | |
| /// | |
| from: https://code.google.com/p/wfuzz/wiki/PyCurlSSLBug | |
| (including up to comments on Sept 13, 2014) | |
| /// | |
| BAD (Pycurl linked against GnuTLS) | |
| $ python | |
| >>> import pycurl | |
| >>> pycurl.version | |
| 'libcurl/7.21.3 GnuTLS/2.8.6 zlib/1.2.3.4 libidn/1.18' | |
| GOOD (Pycurl linked against openssl): | |
| $ python | |
| >>> import pycurl | |
| >>> pycurl.version | |
| 'libcurl/7.21.3 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18' | |
| /// | |
| Note: The current version of PyCurl could change (so | |
| replace 7.19.3 with what's downloaded in step #5). | |
| 1. sudo apt-get install build-essential fakeroot dpkg-dev | |
| 2. mkdir ~/python-pycurl-openssl | |
| 3. cd ~/python-pycurl-openssl | |
| 4. sudo apt-get source python-pycurl | |
| 5. sudo apt-get build-dep python-pycurl | |
| 6. sudo apt-get install libcurl4-openssl-dev | |
| 7. sudo dpkg-source -x pycurl_7.19.3-0ubuntu3.dsc | |
| 8. cd pycurl-7.19.3 | |
| 9. edit debian/control file and replace all instances of | |
| 'libcurl4-gnutls-dev' with 'libcurl4-openssl-dev' (7 changes) | |
| 10. sudo PYCURL_SSL_LIBRARY=openssl dpkg-buildpackage -rfakeroot -b | |
| 11. sudo dpkg -i ../python-pycurl_7.19.3-0ubuntu3_amd64.deb |
Also available as a bash script for convenience. Works like a charm on both Ubuntu 14.04 and Raspbian Wheezy. Check stackoverflow for instructions and hint how to make the change to OpenSSL permanent.
Is there any reason the build part should require sudo?
You need to enable the source repos, otherwise step 4. "sudo apt-get source python-pycurl" will fail with "E: Unable to find a source package for pycurl". To do that in my system (Linux Mint based on Ubuntu 16.04) I started synaptic, then Settings -> Repositories -> "Official repositories" -> "Source code" -> check "Enable source code repositories", then click "Update the cache".
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Between 9. and 10. following is missing:
sudo apt-get install libcurl4-openssl-dev libssl-dev
Because "sudo apt-get build-dep python-pycurl" download the gnutls dev package.