Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Notes for building and installing curl and OpenSSL in Ubuntu 16 x64 LTS
###############################################################################
#
# This is for when we have to update the installed version of curl, nghttp2 or
# openssl in Ubuntu 16 LTS. This is not a single script.
#
# https://gist.github.com/jay/d88d74b6807544387a6c
#
###############################################################################
#
# Set environment variables to latest versions
# Paths must not have spaces (OpenSSL build process can't handle them)
#
CURL_VER=7.65.3
CURL_PREFIX=/usr/local
NGHTTP2_VER=1.39.1
NGHTTP2_PREFIX=/usr/local
OPENSSL_VER=1.0.2s
OPENSSL_PREFIX=/usr/local/ssl
OPENSSLDIR_PREFIX=/usr/local/ssl
###############################################################################
#
# To install self contained for test purposes, after setting the _VER vars do:
#
mkdir -p test && cd test
CURL_PREFIX=$PWD
NGHTTP2_PREFIX=$PWD
OPENSSL_PREFIX=$PWD/ssl
OPENSSLDIR_PREFIX=$PWD/ssl
###############################################################################
#
# Download OpenSSL, verify, build, test, install. Takes 3 minutes.
#
sudo rm -rf "openssl-$OPENSSL_VER" && \
mkdir -p -m 0700 "openssl-$OPENSSL_VER/.gnupg" && \
curl --fail \
-O https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz \
-O https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz.asc && \
\
# https://www.openssl.org/community/omc.html
#
gpg \
--no-auto-key-locate \
--no-default-keyring \
--homedir "$PWD/openssl-$OPENSSL_VER/.gnupg" \
--keyring "$PWD/openssl-$OPENSSL_VER/.gnupg/openssl.gpg" \
--keyserver hkp://keys.gnupg.net \
--keyserver-options no-auto-key-retrieve \
--recv-keys \
8657ABB260F056B1E5190839D9C4D26D0E604491 \
5B2545DAB21995F4088CEFAA36CEE4DEB00CFE33 \
ED230BEC4D4F2518B9D7DF41F0DB4D21C1D35231 \
C1F33DD8CE1D4CC613AF14DA9195C48241FBF7DD \
7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C \
E5E52560DD91C556DDBDA5D02064C53641C25E5D \
&& \
gpg \
--no-auto-key-locate \
--no-default-keyring \
--homedir "$PWD/openssl-$OPENSSL_VER/.gnupg" \
--keyring "$PWD/openssl-$OPENSSL_VER/.gnupg/openssl.gpg" \
--keyserver hkp://keys.gnupg.net \
--keyserver-options no-auto-key-retrieve \
--verify openssl-$OPENSSL_VER.tar.gz.asc \
&& \
tar xvfz openssl-$OPENSSL_VER.tar.gz && \
cd openssl-$OPENSSL_VER && \
\
./config shared no-zlib \
--prefix=$OPENSSL_PREFIX --openssldir=$OPENSSLDIR_PREFIX && \
make && \
make test && \
sudo make install && \
cd .. && \
echo -e "\n\n" && \
$OPENSSL_PREFIX/bin/openssl version -a && \
echo -e "\n\nSuccess: Installed OpenSSL $OPENSSL_VER in $OPENSSL_PREFIX\n"
###############################################################################
#
# Download nghttp2, verify, build, test, install. Takes 2+ minutes.
#
sudo rm -rf "nghttp2-$NGHTTP2_VER" && \
curl --fail -L --proto-redir =https \
-O https://github.com/tatsuhiro-t/nghttp2/releases/download/\
v$NGHTTP2_VER/nghttp2-$NGHTTP2_VER.tar.gz && \
tar xvfz nghttp2-$NGHTTP2_VER.tar.gz && \
cd nghttp2-$NGHTTP2_VER && \
\
OPENSSL_CFLAGS=`PKG_CONFIG_PATH=$OPENSSL_PREFIX/lib/pkgconfig/ \
pkg-config openssl --cflags` \
OPENSSL_LIBS=`PKG_CONFIG_PATH=$OPENSSL_PREFIX/lib/pkgconfig/ \
pkg-config openssl --libs` \
LDFLAGS="-Wl,-rpath,$OPENSSL_PREFIX/lib -Wl,-rpath,$NGHTTP2_PREFIX/lib" \
./configure --prefix=$NGHTTP2_PREFIX --disable-examples && \
make && \
make check && \
sudo make install && \
cd .. && \
echo -e "\n\nSuccess: Installed Nghttp2 $NGHTTP2_VER in $NGHTTP2_PREFIX\n"
#
# nghttp2 examples are disabled because we're not using the system OpenSSL.
# https://github.com/tatsuhiro-t/nghttp2/issues/336
#
###############################################################################
#
# Download curl, verify, build, test, install. Takes 8 minutes.
#
sudo rm -rf "curl-$CURL_VER" && \
mkdir -p -m 0700 "curl-$CURL_VER/.gnupg" && \
curl --fail \
-O https://curl.haxx.se/download/curl-$CURL_VER.tar.gz \
-O https://curl.haxx.se/download/curl-$CURL_VER.tar.gz.asc && \
# https://daniel.haxx.se/address.html
# https://github.com/curl/curl/issues/735
#
gpg \
--no-auto-key-locate \
--no-default-keyring \
--homedir "$PWD/curl-$CURL_VER/.gnupg" \
--keyring "$PWD/curl-$CURL_VER/.gnupg/curl.gpg" \
--keyserver hkp://keys.gnupg.net \
--keyserver-options no-auto-key-retrieve \
--recv-keys \
27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2 \
&& \
gpg \
--no-auto-key-locate \
--no-default-keyring \
--homedir "$PWD/curl-$CURL_VER/.gnupg" \
--keyring "$PWD/curl-$CURL_VER/.gnupg/curl.gpg" \
--keyserver hkp://keys.gnupg.net \
--keyserver-options no-auto-key-retrieve \
--verify curl-$CURL_VER.tar.gz.asc \
&& \
tar xvfz curl-$CURL_VER.tar.gz && \
cd curl-$CURL_VER && \
\
# Workaround libtool bug 24296, see https://github.com/curl/curl/issues/432
#
curl --fail -L --output workaround_libtool_bug_24296.patch \
https://github.com/curl/curl/compare/master...jay:workaround_libtool_bug_24296.diff && \
patch -F999 -p1 < workaround_libtool_bug_24296.patch && \
\
# Use a related workaround for src/Makefile.in since we're not regenerating it
#
curl --fail -OL \
https://gist.githubusercontent.com/jay/d88d74b6807544387a6c/raw/workaround_when_buildconf_is_not_used.patch && \
patch -F999 -p1 < workaround_when_buildconf_is_not_used.patch && \
\
LDFLAGS="-Wl,-rpath,$OPENSSL_PREFIX/lib -Wl,-rpath,$NGHTTP2_PREFIX/lib \
-Wl,-rpath,$CURL_PREFIX/lib" \
./configure --with-nghttp2=$NGHTTP2_PREFIX --with-ssl=$OPENSSL_PREFIX \
--prefix=$CURL_PREFIX && \
make && \
make test-nonflaky && \
sudo make install && \
sudo ldconfig && \
cd .. && \
echo -e "\n\n" && \
$CURL_PREFIX/bin/curl --version && \
echo -e "\n\nSuccess: Installed curl $CURL_VER in $CURL_PREFIX\n"
#
# curl won't install if any tests fail, like flaky tests (eg 1510).
# Determine if failed tests are flaky then run from line 'sudo make install'
#
###############################################################################
--- curl-7.50.1/src/Makefile.in 2016-07-21 05:16:37.000000000 -0400
+++ curl/src/Makefile.in 2016-09-05 03:00:18.929760980 -0400
@@ -1920,7 +1920,7 @@
check-am: all-am
check: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) check-am
-@CURLDEBUG_FALSE@all-local:
+@CURLDEBUG_FALSE@@USE_CPPFLAG_CURL_STATICLIB_TRUE@all-local:
all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) all-local
installdirs:
for dir in "$(DESTDIR)$(bindir)"; do \
@@ -2084,7 +2084,14 @@
-W$(srcdir)/tool_hugehelp.c $(srcdir)/*.[ch]
# for debug builds, we scan the sources on all regular make invokes
-@CURLDEBUG_TRUE@all-local: checksrc
+@CURLDEBUG_TRUE@all-local:: checksrc
+
+# This script fixes lt-curl so that the first rpath it checks for dependencies
+# will be lib/.libs. See curl bug https://github.com/curl/curl/issues/432
+workaround_libtool_bug_24296:
+ @PERL@ "$(top_srcdir)/scripts/fix_rpath.pl" "$(abs_top_builddir)"
+
+@USE_CPPFLAG_CURL_STATICLIB_FALSE@all-local:: workaround_libtool_bug_24296
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
--- curl-7.50.1/tests/libtest/Makefile.in 2016-07-21 05:16:37.000000000 -0400
+++ curl/tests/libtest/Makefile.in 2016-09-05 17:48:58.704114175 -0400
@@ -1488,7 +1488,7 @@
# Preloading of libhostname allows host name overriding,
# this is used to make some tests machine independent.
@BUILD_LIBHOSTNAME_TRUE@noinst_LTLIBRARIES = libhostname.la
-AM_LDFLAGS =
+AM_LDFLAGS = -Wl,-rpath "-Wl,$(abs_top_builddir)/lib/.libs"
AM_CFLAGS =
libhostname_la_CPPFLAGS_EXTRA = $(am__append_4)
libhostname_la_LDFLAGS_EXTRA = -module -avoid-version -rpath /nowhere \
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.