我在CentOS8.5上将openssl编译并更新为openssl-3.0.13,并创建了lib文件的软链接。openssl版本也是正确的,但无法将libcrypto.so.3包含到openssh rpm中。安装 openssh rpms 时,显示依赖错误。
~]# rpm -Uvh openssh-9.6p1-1.an8.x86_64.rpm openssh-server-9.6p1-1.an8.x86_64.rpm openssh-clients-9.6p1-1.an8.x86_64.rpm
error: Failed dependencies:
libcrypto.so.3()(64bit) is needed by openssh-9.6p1-1.an8.x86_64
libcrypto.so.3(OPENSSL_3.0.0)(64bit) is needed by openssh-9.6p1-1.an8.x86_64
libcrypto.so.3()(64bit) is needed by openssh-server-9.6p1-1.an8.x86_64
libcrypto.so.3(OPENSSL_3.0.0)(64bit) is needed by openssh-server-9.6p1-1.an8.x86_64
libcrypto.so.3()(64bit) is needed by openssh-clients-9.6p1-1.an8.x86_64
libcrypto.so.3(OPENSSL_3.0.0)(64bit) is needed by openssh-clients-9.6p1-1.an8.x86_64
在我的主机上编译并更新 openssl:
~]# ./Configure --prefix=/usr/local/ssl --openssldir=/usr/local/ssl --shared
~]# ln -sf /usr/local/ssl/lib64/libssl.so.3 /usr/lib64/
~]# ln -sf /usr/local/ssl/lib64/libcrypto.so.3 /usr/lib64/
openssl版本
~]# openssl version
OpenSSL 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024)
用源代码 openssh-9.6p1.tar.gz 构建我的 openssh rpm
在我的 openssh.spec 文件中,将
without_openssl
从 1
更改为 0
,并添加 --with-ssl-dir=/usr/local/ssl
行:
~]# cat rpmbuild/SPECS/openssh.spec |grep ssl
%global without_openssl 0
# build without openssl where 1.1.1 is not available
%global without_openssl 0
%global without_openssl 0
# rpm -ba|--rebuild --define "static_openssl 1"
%{?static_openssl:%global static_libcrypto 1}
# Options for Smartcard support: (needs libsectok and openssl-engine)
%if ! %{without_openssl}
BuildRequires: openssl-devel >= 1.1.1
--with-ssl-dir=/usr/local/ssl \
%if %{without_openssl}
--without-openssl \
openssh.spec 中的相关conf
%global without_openssl 0
# build without openssl where 1.1.1 is not available
%if 0%{?fedora} <= 28
%global without_openssl 0
%endif
%if 0%{?rhel} <= 7
%global without_openssl 0
%endif
...
%configure \
--sysconfdir=%{_sysconfdir}/ssh \
--libexecdir=%{_libexecdir}/openssh \
--datadir=%{_datadir}/openssh \
--with-default-path=/usr/local/bin:/bin:/usr/bin \
--with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
--with-privsep-path=%{_var}/empty/sshd \
--with-ssl-dir=/usr/local/ssl \
--mandir=%{_mandir} \
--with-mantype=man \
--disable-strip \
请告诉我如何将 libcrypto.so.3 编译成 openssh 以便 openssh 可以使用 OpenSSL 3.0.13?
make
)。rpmbuild -bb openssh.spec
构建 RPM 包。rpm -ivh
安装 RPM 包。