arm-openwrt-linux-musl 编译curl支持https

源码包版本

openssl:openssl-1.0.2t
curl:curl-7.60.0

1. 编译openssl

cd /home/xxx/openssl-1.0.2t
mkdir build
setarch linux32 ./config no-asm shared --prefix=/home/xxx/openssl-1.0.2t/build/ --cross-compile-prefix=arm-openwrt-linux-
make
make install

在有些arm平台可以不添加setarch linux32,但是在arm-openwrt-musl平台最好使用setarch linux32来添加编译参数,如果不添加后续访问https可能会报:

curl: (35) error:1007C06B:elliptic curve routines:EC_POINT_set_affine_coordinates_GFp:point is not on curve

2. 编译curl

cd /home/xxx/curl-7.60.0
mkdir build
./configure --prefix=/home/xxx/curl-7.60.0/build --without-nss --with-ssl=/home/xxx/openssl-1.0.2t/build --with-zlib=/home/xxx/zlib-1.2.11 --host=arm-openwrt-linux
make
make install

必须要添加–with-ssl,否则编译出来的curl不支持https
curl的configure信息:

  curl version:     7.60.0
  Host setup:       arm-openwrt-linux-gnu
  Install prefix:   /home/xxx/curl-7.60.0/build
  Compiler:         arm-openwrt-linux-gcc
  SSL support:      enabled (OpenSSL)
  SSH support:      no      (--with-libssh2)
  zlib support:     no      (--with-zlib)
  brotli support:   no      (--with-brotli)
  GSS-API support:  no      (--with-gssapi)
  TLS-SRP support:  enabled
  resolver:         POSIX threaded
  IPv6 support:     enabled
  Unix sockets support: enabled
  IDN support:      no      (--with-{libidn2,winidn})
  Build libcurl:    Shared=yes, Static=yes
  Built-in manual:  enabled
  --libcurl option: enabled (--disable-libcurl-option)
  Verbose errors:   enabled (--disable-verbose)
  SSPI support:     no      (--enable-sspi)
  ca cert bundle:   no
  ca cert path:     no
  ca fallback:      no
  LDAP support:     no      (--enable-ldap / --with-ldap-lib / --with-lber-lib)
  LDAPS support:    no      (--enable-ldaps)
  RTSP support:     enabled
  RTMP support:     no      (--with-librtmp)
  metalink support: no      (--with-libmetalink)
  PSL support:      no      (libpsl not found)
  HTTP2 support:    disabled (--with-nghttp2)
  Protocols:        DICT FILE FTP FTPS GOPHER HTTP HTTPS IMAP IMAPS POP3 POP3S RTSP SMB SMBS SMTP SMTPS TELNET TFTP

可以看到最后Protocols下的有HTTPS的支持项

3. 测试

使用编译后的curl进行https测试:

./curl https://www.baidu.com

如果报如下错误:

curl: (60) SSL certificate problem: unable to get local issuer certificate

可以使用 -k 参数可以跳过证书的认证,或者下载ca证书到设备上

你可能感兴趣的:(arm-openwrt-linux-musl 编译curl支持https)