我正在尝试从容器中的源代码构建 Python 和 OpenSSL。两者似乎都正确构建,但 Python 没有成功创建 _ssl
模块。
我找到了 few guides在线说取消注释和来自 Python 的行 - 3.X.X/Modules/Setup
并添加 --openssldir=/usr/local/ssl
标记到 ./configure
OpenSSL 的步骤。我在我的 dockerfile 中执行这些操作。这导致在 ./configure
期间Python 的输出,我看到以下行。
checking for X509_VERIFY_PARAM_set1_host in libssl... yes
但是我收到以下错误:
[91m*** WARNING: renaming "_ssl" since importing it failed: /usr/lib/x86_64-linux-gnu/libssl.so.1.1: version `OPENSSL_1_1_1' not found (required by build/lib.linux-x86_64-3.8/_ssl.cpython-38-x86_64-linux-gnu.so)
[0m[91m*** WARNING: renaming "_hashlib" since importing it failed: /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1: version `OPENSSL_1_1_1' not found (required by build/lib.linux-x86_64-3.8/_hashlib.cpython-38-x86_64-linux-gnu.so)
[0m
Python build finished successfully!
...
Following modules built successfully but were removed because they could not be imported:
_hashlib _ssl
Could not build the ssl module!
Python requires an OpenSSL 1.0.2 or 1.1 compatible libssl with X509_VERIFY_PARAM_set1_host().
LibreSSL 2.6.4 and earlier do not provide the necessary APIs, https://github.com/libressl-portable/portable/issues/381
如果
./configure
找到 X509...
,为什么我仍然收到 hashlib 和 ssl 错误?完整的 Dockerfile,FWIW:
FROM jenkins/jenkins:lts
USER root
RUN apt-get update && apt-get install -y apt-utils gcc make zlib1g-dev \
build-essential libffi-dev checkinstall libsqlite3-dev
RUN wget https://www.openssl.org/source/openssl-1.1.1d.tar.gz && \
tar xzf openssl-1.1.1d.tar.gz && \
cd openssl-1.1.1d && \
./config -Wl,--enable-new-dtags,-rpath,'$(LIBRPATH)' --prefix=/usr/local/ssl --openssldir=/usr/local/ssl && \
make && \
make test && \
make install
RUN wget -q https://www.python.org/ftp/python/3.8.2/Python-3.8.2.tgz && \
tar -xzf Python-3.8.2.tgz && \
cd Python-3.8.2 && \
./configure && \
make && \
make install
USER jenkins
最佳答案
Following modules built successfully but were removed because they could not be imported: _hashlib _ssl Could not build the ssl module! Python requires an OpenSSL 1.0.2 or 1.1 compatible libssl with X509_VERIFY_PARAM_set1_host(). LibreSSL 2.6.4 and earlier do not provide the necessary APIs, https://github.com/libressl-portable/portable/issues/381
从源代码构建 openssl 时似乎出现安装问题。对于
_ssl
上的构建失败模块,尝试额外的选项,如 --with-openssl
, CFLAGS
和 LDFLAGS
使用脚本 ./configure
配置 Python 时,例如./configure --with-openssl=/PATH/TO/YOUR/OPENSSL_INSTALL_FOLDER/ \
--enable-optimizations \
--with-ssl-default-suites=openssl \
CFLAGS="-I/PATH/TO/YOUR/OPENSSL_INSTALL_FODLER/include" \
LDFLAGS="-L/PATH/TO/YOUR/OPENSSL_INSTALL_FODLER/"
也试试这个命令
openssl version
,如果它报告这样的错误:/usr/lib/x86_64-linux-gnu/libssl.so.1.1: version `OPENSSL_1_1_1' not found
这意味着您的 openssl 库存在链接问题,我不确定您使用的是 Linux 还是其他系统,但对于 Linux 系统,您可以手动修改 openssl 库的链接来解决问题,如 in my answer at here 所述.
引用
Building Python 3.7.1 - SSL module failed
Python 3.7.0 wont compile with SSL Support 1.1.0
关于python - 从源代码构建 Python 和 OpenSSL,但 ssl 模块失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60536472/