New submission from Christian Heimes <li...@cheimes.de>:
Python's configure script has the option --with-openssl. It sets a path to a custom OpenSSL installation. Internally it provides OPENSSL_INCLUDES, OPENSSL_LIBS, and OPENSSL_LDFLAGS. The setup.py script turns the variables into include_dirs, library_dirs, and libraries arguments for _ssl and _hashlib extension modules. However neither --with-openssl nor setup.py sets a custom runtime library path (rpath). This makes it confusing and hard for users to use a custom OpenSSL installation. They need to know that a) they have to take care of rpath on the first place, and b) how to set an rpath at compile or runtime. Without an rpath, the dynamic linker either fails to locate libssl/libcrypto or load system-provided shared libraries. Ticket bpo-34028 contains examples of user issues. I propose to include a new option to make it easier for users to use a custom build of OpenSSL: --with-openssl-rpath=<DIR|auto|no> no (default): don't set an rpath auto: auto-detect rpath from OPENSSL_LDFLAGS (--with-openssl or pkg-config) DIR: set a custom rpath The option will only affect the rpath of _ssl and _hashlib modules. The default value "no" is fully backwards compatible with 3.9 and earlier. ---------- assignee: christian.heimes components: Installation, SSL messages: 388463 nosy: barry, christian.heimes, gregory.p.smith, pablogsal priority: normal severity: normal stage: patch review status: open title: ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs type: enhancement versions: Python 3.10 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue43466> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
