我正在尝试在一个非常小的系统(Ubuntu 16.04 docker 镜像)上从源代码构建一个 Python 2.7,它不会由于 <urlopen error unknown url type: https>
而导致 HTTPS 下载失败。 .我不想使用包管理器,但我知道这可以轻松解决问题。
我经历了Unknown url type error in urllib2并将不同的引用补丁应用于 setup.py
, 设置 SSL
Modules/Setup
中的变量和 Modules/Setup.dist
到我传递给 ./config --prefix
的安装前缀OpenSSL 1.1.1 并设置 LD_LIBRARY_PATH
到 OpenSSL 安装前缀。
我怀疑这样一个最小的系统需要修复的东西比其他答案中建议的要多。为什么没有--with-ssl
切换为 configure
?
构建脚本是
apt-get update && apt-get install --yes wget xz-utils make gcc patch
wget http://www.cpan.org/src/5.0/perl-5.26.1.tar.gz && tar xf perl-5.26.1.tar.gz && cd perl-5.26.1 && ./configure.gnu && make -j16 && make install && cd ..
wget https://ftp.gnu.org/pub/gnu/gettext/gettext-0.19.8.1.tar.xz && tar xf gettext-0.19.8.1.tar.xz && cd gettext-0.19.8.1 && ./configure && make -j16 && make install && cd ..
wget https://www.zlib.net/zlib-1.2.11.tar.gz && tar xf zlib-1.2.11.tar.gz && cd zlib-1.2.11 && ./configure && make -j16 && make install && cd ..
wget https://www.kernel.org/pub/software/scm/git/git-2.13.3.tar.gz && tar xf git-2.13.3.tar.gz && cd git-2.13.3 && ./configure --with-perl=/usr/local/bin/perl && make -j16 && make install && cd ..
# need `--with-perl` passed to `configure` because the `/usr/local/bin/perl` isn't picked up regardless where it's found in PATH, see https://stackoverflow.com/questions/48931247/cant-locate-extutils-makemaker-pm-in-inc-during-git-build for details
wget https://www.openssl.org/source/openssl-1.1.1-pre1.tar.gz && tar xf openssl-1.1.1-pre1.tar.gz && cd openssl-1.1.1-pre1 && ./config --prefix=/usr/local/openssl && make -j16 && make install && cd ..
# need to install into explicit prefix different from `/usr/local` in order to make OpenSSL get picked up by Python's patched `configure` (specifying `OPENSSL_ROOT=/usr/local` doesn't work)
wget https://www.python.org/ftp/python/2.7.14/Python-2.7.14.tgz && tar xf Python-2.7.14.tgz && cd Python-2.7.14 && wget https://gist.githubusercontent.com/rkitover/2d9e5baff1f1cc4f2618dee53083bd35/raw/7f33fcf5470a9f1013ac6ae7bb168368a98fe5a0/python-2.7.14-custom-static-openssl.patch && patch -p1 <python-2.7.14-custom-static-openssl.patch && env OPENSSL_ROOT=/usr/local/openssl ./configure --disable-shared && make -j16 && make install && cd ..
git clone git://git.gnome.org/jhbuild && cd jhbuild && ./autogen.sh --prefix=/usr/local && make && make install && cd ..
env JHBUILD_RUN_AS_ROOT= jhbuild bootstrap
我选择了jhbuild bootstrap
作为测试命令,因为这是期望的结果,请随时提出更好的建议。
我在 https://gitlab.com/krichter/jhbuild-docker-build 创建了一个 SSCCE它允许在 GitLab CI 中运行构建脚本,并且可以在 https://gitlab.com/krichter/jhbuild-docker-build/-/jobs/53948513 调查包括完整构建日志的示例运行。 .
最佳答案
我可以用 <urlopen error [SSL: NO_CIPHERS_AVAILABLE] no ciphers available (_ssl.c:661)>
让它失败(我在 FIXME 处理)之后
- 添加
--prefix=/usr/local/ --openssldir=/usr/local
至config
的 OpenSSL, - 正在申请 https://gist.githubusercontent.com/rkitover/2d9e5baff1f1cc4f2618dee53083bd35/raw/7f33fcf5470a9f1013ac6ae7bb168368a98fe5a0/python-2.7.14-custom-static-openssl.patch正如上面提到的问题中所解释的那样
修补
Modules/Setup.dist
和Modules/Setup
与--- Modules/Setup.dist 2018-02-23 01:12:46.537415323 +0100 +++ Modules/Setup.dist.d 2018-02-23 01:44:45.235092890 +0100 @@ -215,10 +215,10 @@ # Socket module helper for SSL support; you must comment out the other # socket line above, and possibly edit the SSL variable: -#SSL=/usr/local/ssl -#_ssl _ssl.c \ -# -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \ -# -L$(SSL)/lib -lssl -lcrypto +SSL=/usr/local +_ssl _ssl.c \ + -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \ + -L$(SSL)/lib -lssl -lcrypto # The crypt module is now disabled by default because it breaks builds # on many systems (where -lcrypt is needed), e.g. Linux (I believe).
(
patch -u -p0 <somename.patch
)
可以在 https://gitlab.com/krichter/jhbuild-docker-build/-/jobs/53978734 找到克服初始错误的构建示例.
关于由于 "<urlopen error unknown url type: https>",Python HTTPS 下载失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48937703/