diff options
| author | Ned Deily <nad@python.org> | 2016-02-24 14:01:48 (GMT) |
|---|---|---|
| committer | Ned Deily <nad@python.org> | 2016-02-24 14:01:48 (GMT) |
| commit | 59884989f7688478b86769d209a0570d81322ebf (patch) | |
| tree | ddbd99358f2bd29e0bcc23a44454ac753cab6705 /Mac/BuildScript/build-installer.py | |
| parent | 020250f91f61d752bed18117e0570c1425b5d595 (diff) | |
| download | cpython-59884989f7688478b86769d209a0570d81322ebf.zip cpython-59884989f7688478b86769d209a0570d81322ebf.tar.gz cpython-59884989f7688478b86769d209a0570d81322ebf.tar.bz2 | |
Change OS X installer builds targeted for 10.10 and above to build
and link with a private copy of OpenSSL, like installers targeted
for 10.5 already do, since Apple has deprecated use of the system
OpenSSL and removed its header files from the Xcode 7 SDK. Note
that this configuration is not currently used to build any
python.org-supplied installers and that the private copy of
OpenSSL requires its own root certificates.
Diffstat (limited to 'Mac/BuildScript/build-installer.py')
| -rwxr-xr-x | Mac/BuildScript/build-installer.py | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/Mac/BuildScript/build-installer.py b/Mac/BuildScript/build-installer.py index 609aaf2..9177356b 100755 --- a/Mac/BuildScript/build-installer.py +++ b/Mac/BuildScript/build-installer.py @@ -206,7 +206,7 @@ def library_recipes(): LT_10_5 = bool(getDeptargetTuple() < (10, 5)) - if getDeptargetTuple() < (10, 6): + if not (10, 5) < getDeptargetTuple() < (10, 10): # The OpenSSL libs shipped with OS X 10.5 and earlier are # hopelessly out-of-date and do not include Apple's tie-in to # the root certificates in the user and system keychains via TEA @@ -226,7 +226,8 @@ def library_recipes(): # now more obvious with cert checking enabled by default in the # standard library. # - # For builds with 10.6+ SDKs, continue to use the deprecated but + # For builds with 10.6 through 10.9 SDKs, + # continue to use the deprecated but # less out-of-date Apple 0.9.8 libs for now. While they are less # secure than using an up-to-date 1.0.1 version, doing so # avoids the big problems of forcing users to have to manage @@ -234,6 +235,10 @@ def library_recipes(): # APIs for cert validation from keychains if validation using the # standard OpenSSL locations (/System/Library/OpenSSL, normally empty) # fails. + # + # Since Apple removed the header files for the deprecated system + # OpenSSL as of the Xcode 7 release (for OS X 10.10+), we do not + # have much choice but to build our own copy here, too. result.extend([ dict( |