Author christian.heimes
Recipients barry, christian.heimes, gregory.p.smith, pablogsal, vstinner
Date 2021-03-23.10:04:34
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1616493874.61.0.1868346084.issue43466@roundup.psfhosted.org>
In-reply-to
Content
GH-24989 adds -Wl,--exclude-libs just for libssl.a and libcrypto.a IFF support for -Wl,--exclude-libs,ALL is detected by configure. This puts the symbols from the OpenSSL archive files into the LOCAL segment of ELF binaries. The PR does not set -Wl,--exclude-libs,ALL because I like to keep behavior the same as with 3.9.

When OpenSSL is locally build with "no-shared -fPIC", then Python automatically builds a partially static-linked _ssl and _hashlib extension modules that do not pollute the global namespace:


$ ./config \
    --prefix=/home/heimes/dev/python/multissl/openssl/1.1.1j-static \
    --openssldir=/etc/pki/tls \
    no-shared -fPIC
...
$ ./configure --with-openssl=/home/heimes/dev/python/multissl/openssl/1.1.1j-static
$ make
$ ldd build/lib.linux-x86_64-3.10/_ssl.cpython-310-x86_64-linux-gnu.so 
        linux-vdso.so.1 (0x00007fff8dbbc000)
        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fa5a533d000)
        libc.so.6 => /lib64/libc.so.6 (0x00007fa5a5172000)
        /lib64/ld-linux-x86-64.so.2 (0x00007fa5a56ac000)
$ readelf -Ws build/lib.linux-x86_64-3.10/_ssl.cpython-310-x86_64-linux-gnu.so | grep SSL_CTX_new
  5617: 0000000000072a90  1133 FUNC    LOCAL  DEFAULT   11 SSL_CTX_new


I deliberately did not update documentation with instructions for static linking. Static linking of OpenSSL has security and compatibility implications. I don't want to officially support it and deal with bug reports. -Wl,--exclude-libs just enables sane partial static-linking.
History
Date User Action Args
2021-03-23 10:04:34christian.heimessetrecipients: + christian.heimes, barry, gregory.p.smith, vstinner, pablogsal
2021-03-23 10:04:34christian.heimessetmessageid: <1616493874.61.0.1868346084.issue43466@roundup.psfhosted.org>
2021-03-23 10:04:34christian.heimeslinkissue43466 messages
2021-03-23 10:04:34christian.heimescreate