diff options
| -rw-r--r-- | setup.py | 50 |
1 files changed, 37 insertions, 13 deletions
@@ -2447,24 +2447,48 @@ class PyBuildExt(build_ext): else: runtime_library_dirs = [openssl_rpath] + openssl_extension_kwargs = dict( + include_dirs=openssl_includes, + library_dirs=openssl_libdirs, + libraries=openssl_libs, + runtime_library_dirs=runtime_library_dirs, + ) + + # This static linking is NOT OFFICIALLY SUPPORTED. + # Requires static OpenSSL build with position-independent code. Some + # features like DSO engines or external OSSL providers don't work. + # Only tested on GCC and clang on X86_64. + if os.environ.get("PY_UNSUPPORTED_OPENSSL_BUILD") == "static": + extra_linker_args = [] + for lib in openssl_extension_kwargs["libraries"]: + # link statically + extra_linker_args.append(f"-l:lib{lib}.a") + # don't export symbols + extra_linker_args.append(f"-Wl,--exclude-libs,lib{lib}.a") + openssl_extension_kwargs["extra_link_args"] = extra_linker_args + # don't link OpenSSL shared libraries. + openssl_extension_kwargs["libraries"] = [] + if config_vars.get("HAVE_X509_VERIFY_PARAM_SET1_HOST"): - self.add(Extension( - '_ssl', ['_ssl.c'], - include_dirs=openssl_includes, - library_dirs=openssl_libdirs, - libraries=openssl_libs, - runtime_library_dirs=runtime_library_dirs, - depends=['socketmodule.h', '_ssl/debughelpers.c']) + self.add( + Extension( + '_ssl', + ['_ssl.c'], + depends=['socketmodule.h', '_ssl/debughelpers.c'], + **openssl_extension_kwargs + ) ) else: self.missing.append('_ssl') - self.add(Extension('_hashlib', ['_hashopenssl.c'], - depends=['hashlib.h'], - include_dirs=openssl_includes, - library_dirs=openssl_libdirs, - runtime_library_dirs=runtime_library_dirs, - libraries=openssl_libs)) + self.add( + Extension( + '_hashlib', + ['_hashopenssl.c'], + depends=['hashlib.h'], + **openssl_extension_kwargs, + ) + ) def detect_hash_builtins(self): # By default we always compile these even when OpenSSL is available |