Skip to content

Instantly share code, notes, and snippets.

@eddy-geek
Last active March 5, 2024 13:56
Show Gist options
  • Save eddy-geek/9604982 to your computer and use it in GitHub Desktop.
Save eddy-geek/9604982 to your computer and use it in GitHub Desktop.
Compile python with statically linked openssl
--- a/setup.py 2014-03-17 03:31:31.000000000 +0100
+++ b/setup.py 2014-03-17 19:06:03.000000000 +0100
@@ -750,10 +750,8 @@
exts.append( Extension('_socket', ['socketmodule.c'],
depends = ['socketmodule.h']) )
# Detect SSL support for the socket module (via _ssl)
- search_for_ssl_incs_in = [
- '/usr/local/ssl/include',
- '/usr/contrib/ssl/include/'
- ]
+ CUSTOM_OPENSSL = '/data2/soft/openssl/'
+ search_for_ssl_incs_in = [ os.path.join(CUSTOM_OPENSSL, 'include') ]
+ ssl_incs = find_file('openssl/ssl.h', [],
search_for_ssl_incs_in
)
if ssl_incs is not None:
@@ -762,17 +761,17 @@
['/usr/kerberos/include'])
if krb5_h:
ssl_incs += krb5_h
- ssl_libs = find_library_file(self.compiler, 'ssl',lib_dirs,
- ['/usr/local/ssl/lib',
- '/usr/contrib/ssl/lib/'
- ] )
+ ssl_libs = find_library_file(self.compiler, 'ssl', [],
+ [ os.path.join(CUSTOM_OPENSSL, 'lib') ] )
if (ssl_incs is not None and
ssl_libs is not None):
exts.append( Extension('_ssl', ['_ssl.c'],
include_dirs = ssl_incs,
- library_dirs = ssl_libs,
- libraries = ['ssl', 'crypto'],
+ library_dirs = [],
+ extra_link_args = [ os.path.join(CUSTOM_OPENSSL, 'lib/libssl.a'),
+ os.path.join(CUSTOM_OPENSSL, 'lib/libcrypto.a'), '-ldl'],
depends = ['socketmodule.h']), )
else:
missing.append('_ssl')
@@ -812,8 +811,9 @@
exts.append( Extension('_hashlib', ['_hashopenssl.c'],
depends = ['hashlib.h'],
include_dirs = ssl_incs,
- library_dirs = ssl_libs,
- libraries = ['ssl', 'crypto']) )
+ library_dirs = [],
+ extra_link_args = [ os.path.join(CUSTOM_OPENSSL, 'lib/libssl.a'),
+ os.path.join(CUSTOM_OPENSSL, 'lib/libcrypto.a'), '-ldl'],) )
else:
print("warning: openssl 0x%08x is too old for _hashlib" %
openssl_ver)
Copy link

ghost commented Oct 30, 2014

failed, althouth there is no error, but when i import hashlib, error still come out.

@ankilosaurus
Copy link

I have installed python2.7.11 with this patch to feed non-default OpenSSL. However, with that _socket module does not get built. What am i missing ?

@rkitover
Copy link

rkitover commented Nov 16, 2017

I have a new version of this patch for 2.7.14 (it uses an env var for OPENSSL_ROOT):

https://gist.github.com/rkitover/2d9e5baff1f1cc4f2618dee53083bd35

And another one if you want to use static libintl:

https://gist.github.com/rkitover/afab7ed3ac7ce1860c43a258571c8ae1

And here is the openssl patch for 3.6.3:

https://gist.github.com/rkitover/93d89a679705875c59275fb0a8f22b45

And the static libintl patch for 3.6.3:

https://gist.github.com/rkitover/b18f19eafda3775a9652cc9cdf3ec914

@mzpqnxow
Copy link

mzpqnxow commented Jan 15, 2022

Came across this when I needed to statically link OpenSSL 1.1.1k into Python 3.8.x. In 3.8, setup.py has changed a bit so the 3.6 patch fails. In case it is helpful to anyone, I ended up putting this together, roughly the same as what you have here except I added --enable-static-openssl as a configure flag:

https://gist.github.com/mzpqnxow/bccc91be512a04dc6aeaa1375492672e

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment