我抓包使用的是mitmproxy,命令行操作,很方便~ 但是最近升级发现加载不了openssl版本过低,升级过程中遇到的问题。

安装最新版openssl-1.0.2j

1
./config --prefix=/usr/local/ssl -fPIC shared && make && make install

重新编译python-2.7.12

1
vim Python-2.7.12/Modules/Setup

去掉这4行注释,自定义路径

1
2
3
4
5
6
7
#SSL=/usr/local/ssl
#_ssl _ssl.c \
#        -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
#        -L$(SSL)/lib -lssl -lcrypto

./configure --prefix=/home/work/lib/python-2.7.12 && make && make install
ln -s /home/work/lib/python-2.7.12/bin/python /usr/local/bin/python

重新安装mitmproxy

1
2
python get-pip.py
pip install mitmproxy 

运行mitmproxy,还是报错

1
“ImportError: /home/work/lib/python-2.7.12/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so: undefined symbol: EC_GROUP_new_curve_GF2m”
1
ldd /home/work/lib/python-2.7.12/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so

发现加载的动态链接是旧版本openssl

增加动态库搜索目录

1
2
3
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
ldconfig
python -c "import ssl; print ssl.OPENSSL_VERSION"

输出“OpenSSL 1.0.2j 26 Sep 2016”,运行mitmproxy也ok