New submission from Lukas Vacek <lucas.va...@gmail.com>:
Since 3.7 python depends on OpenSSL>=1.0.2 - this makes it hard to compile Python with SSL on older (yet still vendor supported) linux distributions. It's easy to compile CPython even on old distributions like RHEL5, RHEL6, Ubuntu14.04 etc. except for ssl module. Let's add an option to compile SSL staticly (--with-openssl-static) to make it easy to compile Python with SSL on systems with OpenSSL<1.0.2 as you usually don't want to install newer openssl as system libary nor mess with rpath/set LD_LIBRARY_PATH every time you run python. When --with-openssl-static is not passed to ./configure everything should behave like before. Installing CPython including ssl on system as old as RHEL5 with this option would be as easy as (after installing required build dependencies from rhel5 repositories and libffi(-devel) libraries): wget https://www.openssl.org/source/openssl-1.0.2t.tar.gz tar xf openssl-1.0.2t.tar.gz cd openssl-1.0.2t ./config --openssldir=/etc/pki/tls -fPIC make wget https://www.python.org/ftp/python/3.7.5/Python-3.7.5.tgz tar xf Python-3.7.5.tgz cd Python-3.7.5 ./configure --with-openssl-static=path_to_just_compiled_ssl --prefix=prefix_path make make install ---------- assignee: christian.heimes components: SSL messages: 356600 nosy: Lukas.Vacek, christian.heimes priority: normal severity: normal status: open title: Setup: support linking openssl staticly type: enhancement versions: Python 3.7, Python 3.8, Python 3.9 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue38794> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
