[New-bugs-announce] [issue43466] ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs

Christian Heimes report at bugs.python.org
Wed Mar 10 18:14:03 EST 2021


New submission from Christian Heimes <lists at cheimes.de>:

Python's configure script has the option --with-openssl. It sets a path to a custom OpenSSL installation. Internally it provides OPENSSL_INCLUDES, OPENSSL_LIBS, and OPENSSL_LDFLAGS. The setup.py script turns the variables into include_dirs, library_dirs, and libraries arguments for _ssl and _hashlib extension modules.

However neither --with-openssl nor setup.py sets a custom runtime library path (rpath). This makes it confusing and hard for users to use a custom OpenSSL installation. They need to know that a) they have to take care of rpath on the first place, and b) how to set an rpath at compile or runtime. Without an rpath, the dynamic linker either fails to locate libssl/libcrypto or load system-provided shared libraries. Ticket bpo-34028 contains examples of user issues.

I propose to include a new option to make it easier for users to use a custom build of OpenSSL:

--with-openssl-rpath=<DIR|auto|no>

no (default): don't set an rpath
auto: auto-detect rpath from OPENSSL_LDFLAGS (--with-openssl or pkg-config)
DIR: set a custom rpath

The option will only affect the rpath of _ssl and _hashlib modules. The default value "no" is fully backwards compatible with 3.9 and earlier.

----------
assignee: christian.heimes
components: Installation, SSL
messages: 388463
nosy: barry, christian.heimes, gregory.p.smith, pablogsal
priority: normal
severity: normal
stage: patch review
status: open
title: ssl/hashlib: Add configure option to set or auto-detect rpath to OpenSSL libs
type: enhancement
versions: Python 3.10

_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue43466>
_______________________________________


More information about the New-bugs-announce mailing list