Closed jsf9k closed 6 years ago
Before I do that, can you clone this repo and try building the native extension on alpine linux (without using build_from_scratch.py
) ?
python setup.py build_ext -i
python run_tests.py
If this does not work, a source distribution won't. Thanks!
I see what you mean. I'm trying to build nassl in a Docker container (Dockerfile here). The prebuilt openssl is causing problems though:
Step 9/10 : RUN python setup.py build_ext -i
---> Running in 16b2d4d45b9d
running build_ext
building 'nassl._nassl_legacy' extension
creating build
creating build/temp.linux-x86_64-3.6
creating build/temp.linux-x86_64-3.6/nassl
creating build/temp.linux-x86_64-3.6/nassl/_nassl
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/nassl.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/nassl_SSL_CTX.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_SSL_CTX.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/nassl_SSL.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_SSL.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/nassl_X509.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_X509.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/nassl_errors.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_errors.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/nassl_BIO.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_BIO.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/nassl_X509_EXTENSION.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_X509_EXTENSION.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/nassl_X509_NAME_ENTRY.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_X509_NAME_ENTRY.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/nassl_SSL_SESSION.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_SSL_SESSION.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/openssl_utils.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/openssl_utils.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/nassl_OCSP_RESPONSE.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_OCSP_RESPONSE.o -Wall
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -DTHREAD_STACK_SIZE=0x100000 -fPIC -DLEGACY_OPENSSL=1 -Ibin/openssl-legacy/include -Inassl/_nassl -I/usr/local/include/python3.6m -c nassl/_nassl/python_utils.c -o build/temp.linux-x86_64-3.6/nassl/_nassl/python_utils.o -Wall
creating build/lib.linux-x86_64-3.6
creating build/lib.linux-x86_64-3.6/nassl
gcc -shared build/temp.linux-x86_64-3.6/nassl/_nassl/nassl.o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_SSL_CTX.o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_SSL.o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_X509.o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_errors.o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_BIO.o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_X509_EXTENSION.o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_X509_NAME_ENTRY.o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_SSL_SESSION.o build/temp.linux-x86_64-3.6/nassl/_nassl/openssl_utils.o build/temp.linux-x86_64-3.6/nassl/_nassl/nassl_OCSP_RESPONSE.o build/temp.linux-x86_64-3.6/nassl/_nassl/python_utils.o bin/openssl-legacy/linux64/libssl.a bin/openssl-legacy/linux64/libcrypto.a bin/zlib/linux64/libz.a -L/usr/local/lib -lpython3.6m -o build/lib.linux-x86_64-3.6/nassl/_nassl_legacy.cpython-36m-x86_64-linux-gnu.so -Wl,-z,noexecstack
/usr/lib/gcc/x86_64-alpine-linux-musl/6.4.0/../../../../x86_64-alpine-linux-musl/bin/ld:bin/openssl-legacy/linux64/libssl.a: file format not recognized; treating as linker script
/usr/lib/gcc/x86_64-alpine-linux-musl/6.4.0/../../../../x86_64-alpine-linux-musl/bin/ld:bin/openssl-legacy/linux64/libssl.a:1: syntax error
collect2: error: ld returned 1 exit status
error: command 'gcc' failed with exit status 1
The command '/bin/sh -c python setup.py build_ext -i' returned a non-zero code: 1
I'll give build_from_scratch.py
a try instead.
Is this line from the README.md
accurate?
git clone -b tls1.3-draft-18 https://github.com/openssl/openssl.git ./openssl-tls1.3-draft-18
I'm asking because:
build_from_scratch.py
script is looking for a directory called ./openssl-master
. Right now I'm checking out the tls1.3-draft-18
branch into ./openssl-master
, but I'm not certain that's what is intended.tls1.3-draft-19
branch now as well.I have the compiling working, but part of the build steps involve running tests that fail like this:
Failure: ImportError (Error relocating /nassl/nassl/_nassl.cpython-36m-x86_64-linux-gnu.so: SSL_SESSION_set_max_early_data: symbol not found) ... ERROR
I think it's definitely possible to get this working on Alpine, but in my case time is limited so I'll just switch to a different base image. :neutral_face:
Thank you for your help, @nabla-c0d3!
Is it possible to include a source distribution on PyPI? I run
sslyze
in an Alpine Linux Docker container and, since Alpine usesmusl
instead ofglibc
, the wheels in PyPI don't work for me.I suspect a lot of folks will run into the same issue, since Alpine is a pretty popular Linux distribution for use in Docker containers due to its small footprint.