• centos系统编译openssl和openssl-lib的rpm安装包

    centos系统编译openssl和openssl-lib的rpm安装

    由于漏洞原因需要升级系统的openssl版本到新的版本,但是openssl最新版本需要自己编译生成rpm安装文件,以下是编译步骤:

    1、下载对应版本的源码包

    可以去openssl github下载,https://github.com/openssl/openssl/releases,找到对应版本的tar.gz文件

    2、安装相关依赖包

    yum -y install curl  which  make gcc perl  perl-WWW-Curl  rpm-build zlib-devel

    3、创建相应目录

    mkdir -p /root/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}

    4、创建spec的文件,以下spec的文件包含打包openssl-libs的rpm

    cat << 'EOF' > /root/rpmbuild/SPECS/openssl.spec
Summary: OpenSSL 1.1.1w for Centos
Name: openssl
Version: 1.1.1w
Release: 1%{?dist}
Obsoletes: %{name} <= %{version}
Provides: %{name} = %{version}
URL: https://www.openssl.org/
License: GPLv2+

Source: https://www.openssl.org/source/%{name}-%{version}.tar.gz

BuildRequires: make gcc perl perl-WWW-Curl
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
%global openssldir /usr/openssl

%description
OpenSSL RPM for version 1.1.1w on Centos

%package libs
Summary: OpenSSL shared libraries
Group: System Environment/Libraries

%description libs
The OpenSSL shared libraries provide a robust, commercial-grade, and full-featured toolkit for the TLS and SSL protocols.

%package devel
Summary: Development files for programs which will use the openssl library
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
Requires: %{name}-libs = %{version}-%{release}

%description devel
OpenSSL RPM for version 1.1.1w on Centos (development package)

%prep
%setup -q

%build
./config --prefix=%{openssldir} --openssldir=%{openssldir} shared zlib
make

%install
[ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot}
make DESTDIR=%{buildroot} install

# Move shared libraries to libs package specific directory
mkdir -p %{buildroot}/usr/openssl-libs
mv %{buildroot}%{openssldir}/lib/*.so.* %{buildroot}/usr/openssl-libs/

# Create symbolic links
mkdir -p %{buildroot}%{_bindir}
mkdir -p %{buildroot}%{_libdir}
ln -sf %{openssldir}/bin/openssl %{buildroot}%{_bindir}
ln -sf /usr/openssl-libs/libssl.so.1.1 %{buildroot}%{_libdir}
ln -sf /usr/openssl-libs/libcrypto.so.1.1 %{buildroot}%{_libdir}

%clean
[ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot}

%files
%defattr(-,root,root,-)
/usr/openssl/bin/*
/usr/openssl/include/*
/usr/openssl/lib/*
/usr/openssl/share/*
# 添加库文件
/usr/lib64/libcrypto.so.1.1
/usr/lib64/libssl.so.1.1

# 添加可执行文件
/usr/bin/openssl

# 添加配置文件和其它需要的 extras
/usr/openssl/ct_log_list.cnf
/usr/openssl/ct_log_list.cnf.dist
/usr/openssl/misc/CA.pl
/usr/openssl/misc/tsget
/usr/openssl/misc/tsget.pl
/usr/openssl/openssl.cnf
/usr/openssl/openssl.cnf.dist

%files libs
%defattr(-,root,root,-)
/usr/openssl-libs/*.so.*

%files devel
%defattr(-,root,root,-)
/usr/openssl/include/*

%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig
EOF

    如果不需要openssl-libs的rpm,仅仅只需要openssl的rpm,使用一下spec文件

    cat << 'EOF' > /root/rpmbuild/SPECS/openssl.spec
Summary: OpenSSL 1.1.1w for Centos
Name: openssl
Version: %{?version}%{!?version:1.1.1w}
Release: 1%{?dist}
Obsoletes: %{name} <= %{version}
Provides: %{name} = %{version}
URL: https://www.openssl.org/
License: GPLv2+

Source: https://www.openssl.org/source/%{name}-%{version}.tar.gz

BuildRequires: make gcc perl perl-WWW-Curl
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
%global openssldir /usr/openssl

%description
OpenSSL RPM for version 1.1.1w on Centos

%package devel
Summary: Development files for programs which will use the openssl library
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}

%description devel
OpenSSL RPM for version 1.1.1w on Centos (development package)

%prep
%setup -q

%build
./config --prefix=%{openssldir} --openssldir=%{openssldir}
make

%install
[ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot}
%make_install

mkdir -p %{buildroot}%{_bindir}
mkdir -p %{buildroot}%{_libdir}
ln -sf %{openssldir}/lib/libssl.so.1.1 %{buildroot}%{_libdir}
ln -sf %{openssldir}/lib/libcrypto.so.1.1 %{buildroot}%{_libdir}
ln -sf %{openssldir}/bin/openssl %{buildroot}%{_bindir}

%clean
[ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot}

%files
%{openssldir}
%defattr(-,root,root)
/usr/bin/openssl
/usr/lib64/libcrypto.so.1.1
/usr/lib64/libssl.so.1.1

%files devel
%{openssldir}/include/*
%defattr(-,root,root)

%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig
EOF

    以上的spec文件里面有对应版本信息1.1.1w,需要根据自己的版本情况进行替换。

    5、准备源码包,并编译rpm包

    cp openssl-1.1.1w.tar.gz /root/rpmbuild/SOURCES
cd /root/rpmbuild/SPECS && \
    rpmbuild \
    -D "version 1.1.1w" \
    -ba openssl.spec

    6、等待编译完成,完成之后,在/root/rpmbuild/RPMS/下面会有对应系统的编译包,我这里是x86_64的,进去之后可以看到rpm包

    [root@hadoop-master x86_64]# ll
total 5804
-rw-r--r--. 1 root root 4134132 May 29 14:55 openssl-1.1.1w-1.el7.x86_64.rpm
-rw-r--r--. 1 root root  133000 May 29 14:55 openssl-debuginfo-1.1.1w-1.el7.x86_64.rpm
-rw-r--r--. 1 root root  234860 May 29 14:55 openssl-devel-1.1.1w-1.el7.x86_64.rpm
-rw-r--r--. 1 root root 1429624 May 29 14:55 openssl-libs-1.1.1w-1.el7.x86_64.rpm

    7、升级安装openssl

    rpm -ivh openssl-1.1.1w-1.el7.x86_64.rpm --nodeps --force
rpm -ivh openssl-libs-1.1.1w-1.el7.x86_64.rpm --nodeps --force
  • 相关阅读:
    深眸科技自研轻辙视觉引擎,以AI机器视觉赋能杆号牌识别与分拣
    Java物业管理系统+数据库应用程序开发[JavaSE+JDBC+idea控制台+MySQL]
    golang实现远程控制主机
    Plurality in Voxel——VoxEdit 比赛
    NTP时钟同步服务器
    STM32物联网项目-单极性步进电机28BYJ-48
    SFI立昌在Mobile移动通话通讯设备的方案与应用
    线路测量通用公式的推导及编程
    【libGDX】使用ShapeRenderer绘制几何图形
    2023-09-29 LeetCode每日一题(种花问题)
  • 原文地址:https://blog.csdn.net/fanxl10/article/details/139302942