Bug 229640
| Summary: | Can't import ssl in lang/python37 on FreeBSD 10.4 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Grzegorz Blach <gblach> | ||||
| Component: | Individual Port(s) | Assignee: | Martin Wilke <miwi> | ||||
| Status: | Closed Not A Bug | ||||||
| Severity: | Affects Only Me | CC: | kai, miwi, pascal.christen, python | ||||
| Priority: | --- | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| See Also: | https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229633 | ||||||
| Attachments: |
|
||||||
SSL works with Python 3.7 in 10.4 if one compiles Python 3.7 with openssl from the ports tree.
The base OpenSSL in 10.4 lacks the X509_VERIFY_PARAM_set1_host feature which can be verified in the Python 3.7 build log:
> [...]
> checking whether compiling and linking against OpenSSL works... yes
> checking for X509_VERIFY_PARAM_set1_host in libssl... no
> checking for --with-ssl-default-suites... openssl
> [...]
Please note: The NO_SSL check in the Makefile and the macro %%NO_SSL%% in the pkg-plist must be removed to make it work.
(In reply to Kai from comment #1) I just extended the NO_SSL if condition in the Makefile with checking what openssl version it uses and now it works. Thank you Created attachment 194994 [details]
python37-fix-ssl-with-10.4.patch
Ok, that bug has been closed as 'not a bug', which makes sense by the technical background.
Maybe it makes sense to implement Pascal's suggestion (extend the SSL check) together with a warning to avoid confusion and future PRs until autumn 2018 when 10.4 will be EOL?
Attached is a patch for it. This has been tested with:
- 10.4-RELEASE amd64 with openssl from ports, libressl -> OK (no warning)
- 10.4-RELEASE amd64 with base openssl -> OK (with warning)
- 11.2-RELEASE amd64 with base openssl -> OK (no warning)
A commit references this bug: Author: miwi Date: Mon Jul 9 15:11:42 UTC 2018 New revision: 474267 URL: https://svnweb.freebsd.org/changeset/ports/474267 Log: - Added a warning for FBSD10 PR: 229640 Sponsored by: iXsystems Inc. Changes: head/lang/python37/Makefile |
I can't import ssl in Python 3.7 on FreeBSD 10.4. # python3.7 Python 3.7.0 (default, Jul 9 2018, 14:13:47) [Clang 3.4.1 (tags/RELEASE_34/dot1-final 208032)] on freebsd10 Type "help", "copyright", "credits" or "license" for more information. >>> import ssl Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/local/lib/python3.7/ssl.py", line 98, in <module> import _ssl # if we can't import it, let the error propagate ModuleNotFoundError: No module named '_ssl' Python 3.6 on FreeBSD 10.4 and Python 3.7 on FreeBSD 11.2 works correctly.