Is it possible to install the SSL module for python in a linux window in which OpenSSL is already installed without recompiling python?
Yes. Python setup.py uses the following logic to detect OpenSSL:
search_for_ssl_incs_in = [ '/usr/local/ssl/include', '/usr/contrib/ssl/include/' ] ssl_incs = find_file('openssl/ssl.h', inc_dirs, search_for_ssl_incs_in ssl_libs = find_library_file(self.compiler, 'ssl',lib_dirs, ['/usr/local/ssl/lib', '/usr/contrib/ssl/lib/' ] ) if (ssl_incs is not None and ssl_libs is not None): exts.append( Extension('_ssl', ['_ssl.c'], include_dirs = ssl_incs, library_dirs = ssl_libs, libraries = ['ssl', 'crypto'], depends = ['socketmodule.h']), )
The Python point is not a static binding to libssl and libcrypto . (Some static connection happens with cctyes , but nothing else).
Now itβs bad that the project uses system paths before locally installed paths. For example, a project uses inc_dirs (system) before search_for_ssl_incs_in (local). (See below for more on this.)
After running configure , you will have Modules/Setup with the following comments:
# Socket module helper for SSL support; you must comment out the other # socket line above, and possibly edit the SSL variable: #SSL=/usr/local/ssl #_ssl _ssl.c \ # -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \ # -L$(SSL)/lib -lssl -lcrypto
Again, there is no static binding. (And this assumes that the previous version of Python uncommented these lines).
So, you should be able to build a binary compatible version of OpenSSL and use LD_LIBRARY_PATH or LD_PREOLAD to ensure that Python uses your updated version of OpenSSL.
OpenSSL 0.9.7 and 0.9.8 are compatible with binary. OpenSSL 1.0.0, 1.0.1 and 1.0.2 are compatible with binary files. OpenSSL 0.9.8 and 1.0.0 are not compatible with binary files.
----------
Here's a problem with the Python settings hosting system before local inclusion:
export CFLAGS="-I/usr/local/ssl/darwin/include"; export LDFLAGS="-L/usr/local/ssl/darwin/lib" <edit Setup search_for_ssl_incs_in and search_for_ssl_incs_in> ./configure <edit Modules/Setup> make ... /Users/jww/Python-3.4.2/Modules/_ssl.c:390:9: warning: 'ERR_peek_last_error' is deprecated [-Wdeprecated-declarations] e = ERR_peek_last_error(); ^ /usr/include/openssl/err.h:274:15: note: 'ERR_peek_last_error' declared here unsigned long ERR_peek_last_error(void) DEPRECATED_IN_MAC_OS_X_VERSION_1... ^ /Users/jww/Python-3.4.2/Modules/_ssl.c:393:15: warning: 'SSL_get_error' is deprecated [-Wdeprecated-declarations] err = SSL_get_error(obj->ssl, ret); ...
Python used the OpenSSL version 0.9.8 below provided by Apple, not my recent OpenSSL 1.0.1k. This is despite the fact that I (1) exported them to CFLAGS and LDFLAGS ; (2) editing Setup ; and (3) editing Modules/Setup .
And I'm still running into runtime issues, so I will need to use LD_PRELOAD_PATH , DYNLIB_LIBRARY_PATH etc.