루트 권한 없이 Ubuntu 서버의 소스에서 Python을 설치하려면 openssl
다음 명령을 사용하여 Python을 설치해야 했습니다.
wget https://www.openssl.org/source/openssl-1.1.1e.tar.gz
tar -xzvf openssl-1.1.1e.tar.gz
cd openssl-1.1.1e
./config --prefix=${HOME}/.local/openssl --openssldir=${HOME}/.local/openssl
make -j$(nproc)
make install_sw
그런 다음 다음을 설정했습니다 ~/.bashrc
.
export PATH=$HOME/.local/openssl/bin:$PATH
export LD_LIBRARY_PATH=$HOME/.local/openssl/lib:$LD_LIBRARY_PATH
certs
새 폴더에서 기존 폴더로의 심볼릭 링크를 만들었습니다 (이 단계가 필요합니다):
ln -s /etc/ssl/certs $HOME/.local/openssl/certs
그런 다음 Python 3.7.7을 설치하기 시작했습니다.
wget https://www.python.org/ftp/python/3.7.7/Python-3.7.7.tgz
tar -xzvf Python-3.7.7.tgz
cd Python-3.7.7
./configure --enable-shared --enable-optimizations --with-openssl=${HOME}/.local/openssl --prefix=${HOME}/.local
make -j$(nproc)
나는 얻다:
== Tests result: FAILURE ==
385 tests OK.
4 tests failed:
test_imaplib test_ssl test_tarfile test_urllib2_localnet
27 tests skipped:
test_bz2 test_curses test_dbm_gnu test_dbm_ndbm test_devpoll
test_idle test_kqueue test_msilib test_ossaudiodev test_smtpnet
test_socketserver test_sqlite test_startfile test_tcl test_timeout
test_tix test_tk test_ttk_guionly test_ttk_textonly test_turtle
test_urllib2net test_urllibnet test_winconsoleio test_winreg
test_winsound test_xmlrpc_net test_zipfile64
SSL이 가장 중요한 것 같아서 자세한 내용을 확인하기 위해 상세 모드에서 다시 실행했습니다.
./python -m test -v test_ssl
나는 얻다:
== CPython 3.7.7 (default, Mar 18 2020, 23:27:01) [GCC 6.3.0 20170516]
== Linux-4.9.0-11-amd64-x86_64-with-debian-9.12 little-endian
== cwd: /home/user/Python-3.7.7/build/test_python_25131
== CPU count: 16
== encodings: locale=UTF-8, FS=utf-8
0:00:00 load avg: 4.03 Run tests sequentially
0:00:00 load avg: 4.03 [1/1] test_ssl
test_ssl: testing with 'OpenSSL 1.1.1e 17 Mar 2020' (1, 1, 1, 5, 15)
under Linux ('debian', '9.12', '')
HAS_SNI = True
OP_ALL = 0x80000054
OP_NO_TLSv1_1 = 0x10000000
test__create_stdlib_context (test.test_ssl.ContextTests) ... ok
...etc...
test_ciphers (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 40460)
server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256)
server: selected protocol is now None
Test server failure:
Traceback (most recent call last):
File "/home/user/Python-3.7.7/Lib/test/test_ssl.py", line 2392, in run
msg = self.read()
File "/home/user/Python-3.7.7/Lib/test/test_ssl.py", line 2369, in read
return self.sslconn.read()
File "/home/user/Python-3.7.7/Lib/ssl.py", line 931, in read
return self._sslobj.read(len)
OSError: [Errno 0] Error
ERROR
...etc...
server: bad connection attempt from ('127.0.0.1', 46120):
Traceback (most recent call last):
File "/home/user/Python-3.7.7/Lib/test/test_ssl.py", line 2313, in wrap_conn
self.sock, server_side=True)
File "/home/user/Python-3.7.7/Lib/ssl.py", line 423, in wrap_socket
session=session
File "/home/user/Python-3.7.7/Lib/ssl.py", line 870, in _create
self.do_handshake()
File "/home/user/Python-3.7.7/Lib/ssl.py", line 1139, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:1076)
ok
======================================================================
ERROR: test_session_handling (test.test_ssl.ThreadedTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/user/Python-3.7.7/Lib/test/test_ssl.py", line 4344, in test_session_handling
s.connect((HOST, server.port))
File "/home/user/Python-3.7.7/Lib/ssl.py", line 1172, in connect
self._real_connect(addr, False)
File "/home/user/Python-3.7.7/Lib/ssl.py", line 1159, in _real_connect
super().connect(addr)
ConnectionRefusedError: [Errno 111] Connection refused
======================================================================
ERROR: test_tls_unique_channel_binding (test.test_ssl.ThreadedTests)
Test tls-unique channel binding.
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/user/Python-3.7.7/Lib/test/test_ssl.py", line 3925, in test_tls_unique_channel_binding
s.connect((HOST, server.port))
File "/home/user/Python-3.7.7/Lib/ssl.py", line 1172, in connect
self._real_connect(addr, False)
File "/home/user/Python-3.7.7/Lib/ssl.py", line 1163, in _real_connect
self.do_handshake()
File "/home/user/Python-3.7.7/Lib/ssl.py", line 1139, in do_handshake
self._sslobj.do_handshake()
ConnectionResetError: [Errno 104] Connection reset by peer
----------------------------------------------------------------------
Ran 153 tests in 4.000s
FAILED (errors=8, skipped=8)
test test_ssl failed
test_ssl failed
== Tests result: FAILURE ==
1 test failed:
test_ssl
Total duration: 4.1 sec
Tests result: FAILURE
아직 인증서 문제가 있는 것 같습니다.
이 문제를 해결하는 데 도움을 주셔서 대단히 감사합니다. 미리 감사드립니다!
답변1
OpenSSL 1.1.1e의 동작 변경으로 인해 테스트가 실패합니다. 이제 OpenSSL 1.1.1d를 사용해 보세요. 바라보다https://bugs.python.org/issue40018더 많은 정보를 알고 싶습니다.