RHEL7.5编译openssl1.1.1w源码包到rpm包

openssl1.1.1w下载地址

https://www.openssl.org/source/

安装依赖包

yum -y install curl  which  make gcc perl  perl-WWW-Curl  rpm-build

wget http://mirrors.aliyun.com/centos-vault/7.5.1804/os/x86_64/Packages/perl-WWW-Curl-4.15-13.el7.x86_64.rpm
rpm -ivh perl-WWW-Curl-4.15-13.el7.x86_64.rpm

创建编译时需要的目录

mkdir -p /root/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}

上传源码包到指定目录

cp openssl-1.1.1w.tar.gz /root/rpmbuild/SOURCES/

新建编译文件

cat << 'EOF' > /root/rpmbuild/SPECS/openssl.spec
Summary: OpenSSL 1.1.1w for redhat
Name: openssl
Version: %{?version}%{!?version:1.1.1w}
Release: 1%{?dist}
Obsoletes: %{name} <= %{version}
Provides: %{name} = %{version}
URL: https://www.openssl.org/
License: GPLv2+
 
Source: https://www.openssl.org/source/%{name}-%{version}.tar.gz
 
BuildRequires: make gcc perl perl-WWW-Curl
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
%global openssldir /usr/local/openssl1.1.1w
 
%description
OpenSSL RPM for version 1.1.1w on redhat
 
%package devel
Summary: Development files for programs which will use the openssl library
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
 
%description devel
OpenSSL RPM for version 1.1.1w on redhat (development package)
 
%prep
%setup -q
 
%build
./config --prefix=%{openssldir} --openssldir=%{openssldir}
make -j4
 
%install
[ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot}
%make_install
 
mkdir -p %{buildroot}%{_bindir}
mkdir -p %{buildroot}%{_libdir}
ln -sf %{openssldir}/lib/libssl.so.1.1 %{buildroot}%{_libdir}
ln -sf %{openssldir}/lib/libcrypto.so.1.1 %{buildroot}%{_libdir}
ln -sf %{openssldir}/bin/openssl %{buildroot}%{_bindir}
 
%clean
[ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot}
 
%files
%{openssldir}
%defattr(-,root,root)
/usr/bin/openssl
/usr/lib64/libcrypto.so.1.1
/usr/lib64/libssl.so.1.1
 
%files devel
%{openssldir}/include/*
%defattr(-,root,root)
 
%post -p /sbin/ldconfig
 
%postun -p /sbin/ldconfig
EOF

注意里面的

%global openssldir /usr/local/openssl1.1.1w

这个是编译安装的rpm的默认安装地址,这个可以自定义,但是要跟后续的openssh的编译安装的时候的configure命令对应。

执行编译rpm包命令

cd /root/rpmbuild/SPECS && \
    rpmbuild \
    -D "version 1.1.1w" \
    -ba openssl.spec

查看生成的openssl的rpm包

执行升级openssl的操作

cd /root/rpmbuild/RPMS/x86_64/
rpm -ivh  openssl-1.1.1w-1.el7.x86_64.rpm openssl-devel-1.1.1w-1.el7.x86_64.rpm --force --nodeps

这个安装完后会新增openssl-1.1.1w的版本,但是原来老的版本的openssl还是在。

卸载老版本的openssl

rpm -e openssl-1.0.2k-12.el7.x86_64 openssl-devel-1.0.2k-12.el7.x86_64 --nodeps

检查

# rpm -qa | grep openssl