Fix SSL detection. #147
Fix SSL detection. #147
Conversation
|
Unconditionally using Secondly, if libcurl was built with Furthermore, I do not understand what giving Here is what I would suggest. libcurl does not currently expose which ssl library it is built against in a convenient manner. The SSL feature only says whether some ssl library is used. So please send a feature request to libcurl to have a curl-config option to say which ssl library is used, which pycurl would then be able to trivially use. |
|
As you can see at https://github.com/bagder/curl/blob/master/curl-config.in options $ curl-config --libs
-L/usr/lib/x86_64-linux-gnu -lcurl
$ curl-config --static-libs
/usr/lib/x86_64-linux-gnu/libcurl.a -Wl,-z,relro -Wl,--as-needed -lidn -lssh2 \
-lssl -lcrypto -llber -lldap -lrt -Wl,-z,relro -lgssapi_krb5 -lkrb5 -lk5crypto \
-lcom_err -lssl -lcrypto -lz -lrtmp -lz -lgnutls
$ curl-config --libs --static-libs
-L/usr/lib/x86_64-linux-gnu -lcurl
/usr/lib/x86_64-linux-gnu/libcurl.a -Wl,-z,relro -Wl,--as-needed -lidn -lssh2 \
-lssl -lcrypto -llber -lldap -lrt -Wl,-z,relro -lgssapi_krb5 -lkrb5 -lk5crypto \
-lcom_err -lssl -lcrypto -lz -lrtmp -lz -lgnutlsI agree that SSL info should be added to curl-config, but this change will not end in distributions for a long time, so it's easier to fix it here (and e.g. install pycurl with pip). I've now separated the curl-config call to |
| raise ConfigurationError(msg) | ||
| for feature in split_quoted(stdout.decode()): | ||
| if feature == 'SSL': | ||
| # this means any ssl library, not just openssl |
There was a problem hiding this comment.
This part should be restored. If libcurl has ssl support and pycurl does not handle the ssl library libcurl uses, I want to retain the compile-time warning.
|
OK, I've added the code with the same functionality. |
|
Thanks, this looks pretty good now. Found some more issues though. |
| # Check for SSL in all library linking information (static and shared) | ||
| libs_all = [] | ||
| try: | ||
| libs_all.extend(subprocess.check_output([CURL_CONFIG, '--libs']).split()) |
There was a problem hiding this comment.
check_output was added in python 2.7. There are already calls earlier in setup.py to run curl-config with --libs and --static-libs so you should be able to simply use optbuf.
|
I've added config_check_output() which could be used also in other parts of configure_unix(). |
|
Please check current master. |
SSL detection is broken in 7.19.3 on some systems, because curl-config --libs doesn't display all depended libraries (e.g. ssl) in all cases, see REQUIRE_LIB_DEPS in https://github.com/bagder/curl/blob/master/curl-config.in.
So, for SSL detection curl-config --libs --static-libs should be used. Also, HAVE_CURL_SSL should be defined only when one of the SSL libraries is detected, because:
"libcurl was compiled with SSL support, but configure could not determine which library was used; thus no SSL crypto locking callbacks will be set, which may cause random crashes on SSL requests"
i.e. in most cases you get library which doesn't work with SSL requests.