源码包版本
openssl:openssl-1.0.2t
curl:curl-7.60.0
1. 编译openssl
cd /home/xxx/openssl-1.0.2t
mkdir build
setarch linux32 ./config no-asm shared --prefix=/home/xxx/openssl-1.0.2t/build/ --cross-compile-prefix=arm-openwrt-linux-
make
make install
在有些arm平台可以不添加setarch linux32,但是在arm-openwrt-musl平台最好使用setarch linux32来添加编译参数,如果不添加后续访问https可能会报:
curl: (35) error:1007C06B:elliptic curve routines:EC_POINT_set_affine_coordinates_GFp:point is not on curve
2. 编译curl
cd /home/xxx/curl-7.60.0
mkdir build
./configure --prefix=/home/xxx/curl-7.60.0/build --without-nss --with-ssl=/home/xxx/openssl-1.0.2t/build --with-zlib=/home/xxx/zlib-1.2.11 --host=arm-openwrt-linux
make
make install
必须要添加–with-ssl,否则编译出来的curl不支持https
curl的configure信息:
curl version: 7.60.0
Host setup: arm-openwrt-linux-gnu
Install prefix: /home/xxx/curl-7.60.0/build
Compiler: arm-openwrt-linux-gcc
SSL support: enabled (OpenSSL)
SSH support: no (--with-libssh2)
zlib support: no (--with-zlib)
brotli support: no (--with-brotli)
GSS-API support: no (--with-gssapi)
TLS-SRP support: enabled
resolver: POSIX threaded
IPv6 support: enabled
Unix sockets support: enabled
IDN support: no (--with-{libidn2,winidn})
Build libcurl: Shared=yes, Static=yes
Built-in manual: enabled
--libcurl option: enabled (--disable-libcurl-option)
Verbose errors: enabled (--disable-verbose)
SSPI support: no (--enable-sspi)
ca cert bundle: no
ca cert path: no
ca fallback: no
LDAP support: no (--enable-ldap / --with-ldap-lib / --with-lber-lib)
LDAPS support: no (--enable-ldaps)
RTSP support: enabled
RTMP support: no (--with-librtmp)
metalink support: no (--with-libmetalink)
PSL support: no (libpsl not found)
HTTP2 support: disabled (--with-nghttp2)
Protocols: DICT FILE FTP FTPS GOPHER HTTP HTTPS IMAP IMAPS POP3 POP3S RTSP SMB SMBS SMTP SMTPS TELNET TFTP
可以看到最后Protocols下的有HTTPS的支持项
3. 测试
使用编译后的curl进行https测试:
./curl https://www.baidu.com
如果报如下错误:
curl: (60) SSL certificate problem: unable to get local issuer certificate
可以使用 -k 参数可以跳过证书的认证,或者下载ca证书到设备上