On 03/01/18 02:04, Matt Billenstein wrote:
On Tue, Jan 02, 2018 at 03:25:17PM -0800, Nathaniel Smith wrote:
I'm pretty sure that the right solution is to ship your own copy of
openssl with the build, so that you're totally independent from Apple's
ssl shenanigans. Maybe look at how CPython handles this.
That does seem more common practice -- CPython doesn't do that however, it
links to the old 0.9.8 openssl shipped with OSX since ~10.6.
So it seems we could try to do the same and say the binary pypy releases are
compatible that far back, or link to the newer LibreSSL which would support
perhaps Sierra (10.12) and newer.
m
Perhaps we should break with CPython here and statically link on macosx.
Is there a downside to statically linking ssl and libffi?
Note that on python3 macosx we already do this, the _ssl module which is
built after translation/compilation using cffi uses a post-build script
[0] that downloads, patches and then statically links, version are
hardcoded in that file [1].
For pypy2 could we also statically link to a local version of libressl?
[0]
https://bitbucket.org/pypy/pypy/src/6c36fd9c5c97428030a10d9b5c694fe1d778a14c/pypy/tool/build_cffi_imports.py?at=py3.5&fileviewer=file-view-default#build_cffi_imports.py-177
[1]
https://bitbucket.org/pypy/pypy/src/6c36fd9c5c97428030a10d9b5c694fe1d778a14c/pypy/tool/build_cffi_imports.py?at=py3.5&fileviewer=file-view-default#build_cffi_imports.py-27
Matti
_______________________________________________
pypy-dev mailing list
pypy-dev@python.org
https://mail.python.org/mailman/listinfo/pypy-dev
