Skip to content

Instantly share code, notes, and snippets.

@aerickson
Last active December 16, 2018 11:34
Show Gist options
  • Save aerickson/f15133a7e56b2d7f27e3 to your computer and use it in GitHub Desktop.
Save aerickson/f15133a7e56b2d7f27e3 to your computer and use it in GitHub Desktop.
how to rebuild PyCurl against OpenSSL on Ubuntu (12-13+)
XBMC uses pycurl/libcurl to fetch stuff. YouTube requires the RC4
cipher that GnuTLS has removed for security reasons (or doesn't allow
it to be selected, or XBMC doesn't allow to specify the cipher...).
PyCurl linked against OpenSSL can take the RC4 argument and make the
Youtube plugin work (Ubuntu ships it linked against GnuTLS), so we
need to rebuild to make it work.
///
from: https://code.google.com/p/wfuzz/wiki/PyCurlSSLBug
(including up to comments on Sept 13, 2014)
///
BAD (Pycurl linked against GnuTLS)
$ python
>>> import pycurl
>>> pycurl.version
'libcurl/7.21.3 GnuTLS/2.8.6 zlib/1.2.3.4 libidn/1.18'
GOOD (Pycurl linked against openssl):
$ python
>>> import pycurl
>>> pycurl.version
'libcurl/7.21.3 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18'
///
Note: The current version of PyCurl could change (so
replace 7.19.3 with what's downloaded in step #5).
1. sudo apt-get install build-essential fakeroot dpkg-dev
2. mkdir ~/python-pycurl-openssl
3. cd ~/python-pycurl-openssl
4. sudo apt-get source python-pycurl
5. sudo apt-get build-dep python-pycurl
6. sudo apt-get install libcurl4-openssl-dev
7. sudo dpkg-source -x pycurl_7.19.3-0ubuntu3.dsc
8. cd pycurl-7.19.3
9. edit debian/control file and replace all instances of
'libcurl4-gnutls-dev' with 'libcurl4-openssl-dev' (7 changes)
10. sudo PYCURL_SSL_LIBRARY=openssl dpkg-buildpackage -rfakeroot -b
11. sudo dpkg -i ../python-pycurl_7.19.3-0ubuntu3_amd64.deb
@poggenpower
Copy link

Between 9. and 10. following is missing:
sudo apt-get install libcurl4-openssl-dev libssl-dev
Because "sudo apt-get build-dep python-pycurl" download the gnutls dev package.

@flaschbier
Copy link

Also available as a bash script for convenience. Works like a charm on both Ubuntu 14.04 and Raspbian Wheezy. Check stackoverflow for instructions and hint how to make the change to OpenSSL permanent.

@ptsneves
Copy link

ptsneves commented Dec 7, 2016

Is there any reason the build part should require sudo?

@adon90
Copy link

adon90 commented Oct 3, 2017

@attila123
Copy link

attila123 commented Jan 16, 2018

You need to enable the source repos, otherwise step 4. "sudo apt-get source python-pycurl" will fail with "E: Unable to find a source package for pycurl". To do that in my system (Linux Mint based on Ubuntu 16.04) I started synaptic, then Settings -> Repositories -> "Official repositories" -> "Source code" -> check "Enable source code repositories", then click "Update the cache".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment