diff options
| author | Ned Deily <nad@python.org> | 2016-02-25 01:01:02 +1100 |
|---|---|---|
| committer | Ned Deily <nad@python.org> | 2016-02-25 01:01:02 +1100 |
| commit | 942f3de9cb62e1b24249d8c828cfdc76fd246aff (patch) | |
| tree | eea12a200f6792ca51a152ab6b202fcfff3d4fdc /Mac | |
| parent | 83abccbbc0d6935f889391c09ab990a5c221a6c4 (diff) | |
| download | cpython-git-942f3de9cb62e1b24249d8c828cfdc76fd246aff.tar.gz | |
Change OS X installer builds targeted for 10.10 and above to build
and link with a private copy of OpenSSL, like installers targeted
for 10.5 already do, since Apple has deprecated use of the system
OpenSSL and removed its header files from the Xcode 7 SDK. Note
that this configuration is not currently used to build any
python.org-supplied installers and that the private copy of
OpenSSL requires its own root certificates.
Diffstat (limited to 'Mac')
| -rwxr-xr-x | Mac/BuildScript/build-installer.py | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/Mac/BuildScript/build-installer.py b/Mac/BuildScript/build-installer.py index c61983761e..e250ada6c8 100755 --- a/Mac/BuildScript/build-installer.py +++ b/Mac/BuildScript/build-installer.py @@ -206,7 +206,7 @@ def library_recipes(): LT_10_5 = bool(getDeptargetTuple() < (10, 5)) - if getDeptargetTuple() < (10, 6): + if not (10, 5) < getDeptargetTuple() < (10, 10): # The OpenSSL libs shipped with OS X 10.5 and earlier are # hopelessly out-of-date and do not include Apple's tie-in to # the root certificates in the user and system keychains via TEA @@ -226,7 +226,8 @@ def library_recipes(): # now more obvious with cert checking enabled by default in the # standard library. # - # For builds with 10.6+ SDKs, continue to use the deprecated but + # For builds with 10.6 through 10.9 SDKs, + # continue to use the deprecated but # less out-of-date Apple 0.9.8 libs for now. While they are less # secure than using an up-to-date 1.0.1 version, doing so # avoids the big problems of forcing users to have to manage @@ -234,6 +235,10 @@ def library_recipes(): # APIs for cert validation from keychains if validation using the # standard OpenSSL locations (/System/Library/OpenSSL, normally empty) # fails. + # + # Since Apple removed the header files for the deprecated system + # OpenSSL as of the Xcode 7 release (for OS X 10.10+), we do not + # have much choice but to build our own copy here, too. result.extend([ dict( |