Skip to content

Windows: OpenSSL installed DLL name differs from CPython, affecting extension modules #596

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
koubaa opened this issue Apr 28, 2025 · 3 comments
Open

Windows: OpenSSL installed DLL name differs from CPython, affecting extension modules #596

koubaa opened this issue Apr 28, 2025 · 3 comments
Assignees
@zanieb

Comments

@koubaa
Copy link

koubaa commented Apr 28, 2025

The issue

On windows, there is a subtle difference between the installations of the python interpreter between what comes from uv python install and the distribution from python.org. The name of the OpenSSL DLL is different.

Python.org distribution:
libssl-3.dll
libcrypto-3.dll

uv python install:
libcrypto-3-x64.dll
libssl-3-x64.dll

The cause of the issue

The uv build script seems to configure openSSL using the configure|prefix = VC-WIN64A|64

CPython does not document their configure/build scripts for OpenSSL. One of their maintainers updates cpython-source-deps with thirdparty changes and uploads binary artifactos to cpython-bin-deps, and then copy from those binary deps when packaging python. I looked on their issue tracker and forum and found some information (1, 2, 3, 4) but no specific instructions. I am considering opening an issue on CPython to ask them to provide their build configurations for reproducibility.

How are users affected?

If CPython distributes OpenSSL version 3.0.X using the dll name libssl-3.dll, and a CPython extension module links against OpenSSL version 3.0.Y using the dll name libssl-3-x64.dll, both Python and the extension module use the version of SSL that they were built against. When using uv, if version 3.0.X is distributed using libssl-3-x64.dll, then only one of these can be loaded into the process at a time, causing either the extension module or the python interpreter to fail depending on which DLL was loaded first. (For extension modules, Python's copy is loaded first, for embedding scenarios that use such an extension module, the extension module's version may be loaded first).

Thoughts

This seems like a corner case not explicitly addressed by the maintainers of CPython, but according to Hyrum's law Python users could be affected. My opinion is that uv should match the behavior of CPython unless there is a specific reason not to (I didn't find anything in the uv history or source code indicating an intention to use a different DLL name than CPython). I also feel there should be clarification from the CPython developers on how they build binary dependencies like SSL and how extension modules ought to build against it.
@koubaa koubaa mentioned this issue Apr 28, 2025
Open
2 tasks
@MaxJPRey
Copy link

Thanks for the detailed explanation @koubaa.
This is something we plan to share with the entire PyAnsys community, as we continue expanding our use of uv.

@zanieb
Copy link
Member

zanieb commented Apr 29, 2025

Thanks for the report, I can look into this.

@zanieb zanieb self-assigned this Apr 29, 2025
@MaxJPRey
Copy link

That would be great. Thanks @zanieb .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zanieb zanieb

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zanieb @koubaa @MaxJPRey