RHEL7.5编译openssl1.1.1w源码包到rpm包
openssl1.1.1w下载地址
https://www.openssl.org/source/
安装依赖包
yum -y install curl which make gcc perl perl-WWW-Curl rpm-build
wget http://mirrors.aliyun.com/centos-vault/7.5.1804/os/x86_64/Packages/perl-WWW-Curl-4.15-13.el7.x86_64.rpm
rpm -ivh perl-WWW-Curl-4.15-13.el7.x86_64.rpm
创建编译时需要的目录
mkdir -p /root/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
上传源码包到指定目录
cp openssl-1.1.1w.tar.gz /root/rpmbuild/SOURCES/
新建编译文件
cat << 'EOF' > /root/rpmbuild/SPECS/openssl.spec
Summary: OpenSSL 1.1.1w for redhat
Name: openssl
Version: %{?version}%{!?version:1.1.1w}
Release: 1%{?dist}
Obsoletes: %{name} <= %{version}
Provides: %{name} = %{version}
URL: https://www.openssl.org/
License: GPLv2+
Source: https://www.openssl.org/source/%{name}-%{version}.tar.gz
BuildRequires: make gcc perl perl-WWW-Curl
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
%global openssldir /usr/local/openssl1.1.1w
%description
OpenSSL RPM for version 1.1.1w on redhat
%package devel
Summary: Development files for programs which will use the openssl library
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
%description devel
OpenSSL RPM for version 1.1.1w on redhat (development package)
%prep
%setup -q
%build
./config --prefix=%{openssldir} --openssldir=%{openssldir}
make -j4
%install
[ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot}
%make_install
mkdir -p %{buildroot}%{_bindir}
mkdir -p %{buildroot}%{_libdir}
ln -sf %{openssldir}/lib/libssl.so.1.1 %{buildroot}%{_libdir}
ln -sf %{openssldir}/lib/libcrypto.so.1.1 %{buildroot}%{_libdir}
ln -sf %{openssldir}/bin/openssl %{buildroot}%{_bindir}
%clean
[ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot}
%files
%{openssldir}
%defattr(-,root,root)
/usr/bin/openssl
/usr/lib64/libcrypto.so.1.1
/usr/lib64/libssl.so.1.1
%files devel
%{openssldir}/include/*
%defattr(-,root,root)
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
EOF
注意里面的
%global openssldir /usr/local/openssl1.1.1w
这个是编译安装的rpm的默认安装地址,这个可以自定义,但是要跟后续的openssh的编译安装的时候的configure命令对应。
执行编译rpm包命令
cd /root/rpmbuild/SPECS && \
rpmbuild \
-D "version 1.1.1w" \
-ba openssl.spec
查看生成的openssl的rpm包
执行升级openssl的操作
cd /root/rpmbuild/RPMS/x86_64/
rpm -ivh openssl-1.1.1w-1.el7.x86_64.rpm openssl-devel-1.1.1w-1.el7.x86_64.rpm --force --nodeps
这个安装完后会新增openssl-1.1.1w的版本,但是原来老的版本的openssl还是在。
卸载老版本的openssl
rpm -e openssl-1.0.2k-12.el7.x86_64 openssl-devel-1.0.2k-12.el7.x86_64 --nodeps
检查
# rpm -qa | grep openssl