默认情况下,Centos7的curl版本是7.29,它是不支持http2的
# curl --version
curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.36 zlib/1.2.7 libidn/1.28 libssh2/1.4.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz unix-sockets
# curl --http2 https://www.baidu.com
curl: option --http2: is unknown
curl: try 'curl --help' or 'curl --manual' for more information
git库安装curl
编译安装
- 安装编译环境:
yum -y groupinstall "Development Tools"
yum -y install libev libev-devel zlib zlib-devel openssl openssl-devel git
- 安装 OpenSSL:
注:可以考虑用系统自带的
mkdir /var/tmp
cd /var/tmp
wget https://openssl.org/source/openssl-1.0.2.tar.gz
tar -zxf openssl-1.0.2.tar.gz
cd openssl-1.0.2
mkdir /opt/openssl
./config --prefix=/opt/openssl
make
make test
make install
- 安装 nghttp2:
git clone https://github.com/tatsuhiro-t/nghttp2.git
cd nghttp2
autoreconf -i
automake
autoconf
./configure
make
make install
echo '/usr/local/lib' > /etc/ld.so.conf.d/custom-libs.conf
ldconfig
ldconfig -p| grep libnghttp2
- 安装 curl:
cd /var/tmp
git clone https://github.com/bagder/curl.git
cd curl
./buildconf
./configure --with-ssl=/opt/openssl --with-nghttp2=/usr/local --disable-file --without-pic --disable-shared
make
注:openssl用系统自带的话,编译的时候,将--with-ssl=/opt/openssl的=/opt/openssl去掉即可
验证:
$ /var/tmp/curl/src/curl --version
curl 7.70.0-DEV (x86_64-unknown-linux-gnu) libcurl/7.70.0-DEV OpenSSL/1.0.2o nghttp2/1.41.0-DEV
Release-Date: [unreleased]
Protocols: dict ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS HTTP2 HTTPS-proxy IPv6 Largefile NTLM NTLM_WB SSL TLS-SRP UnixSockets
注意:curl 从 7.52.0 版本开始也已经支持 TLS 1.3 了,curl 7.61.0 及以上在 TLS 握手过程中协商 TLS 版本时,curl 默认使用 TLS 1.3,但也取决于 curl 正在使用的 TLS 库及其版本,例如:要求 OpenSSL 1.1.1 版本以上。
源码包安装
- 安装 OpenSSL:
注:可以考虑用系统自带的,需要:checking for openssl >= 1.0.1... yes
mkdir /var/tmp
cd /var/tmp
wget https://openssl.org/source/openssl-1.0.2.tar.gz
tar -zxf openssl-1.0.2.tar.gz
cd openssl-1.0.2
mkdir /opt/openssl
./config --prefix=/opt/openssl
make
make test
make install
- 安装 nghttp2:
cd /usr/local/src
wget https://github.com/nghttp2/nghttp2/releases/download/v1.49.0/nghttp2-1.49.0.tar.gz
# 注:访问github.com可能需要fq
tar -zxf nghttp2-1.49.0.tar.gz
cd nghttp2-1.49.0
mkdir /usr/local/nghttp2
./configure
make
make install
echo '/usr/local/lib' > /etc/ld.so.conf.d/custom-libs.conf
ldconfig
ldconfig -p| grep libnghttp2
# ldconfig -p| grep libnghttp2
libnghttp2.so.14 (libc6,x86-64) => /usr/local/lib/libnghttp2.so.14
libnghttp2.so (libc6,x86-64) => /usr/local/lib/libnghttp2.so
注:如果模块没有获取到的话,需要看看哪里有问题。不然进行下一步会无法加载。
- 安装 curl:
cd /usr/local/src
wget https://curl.se/download/curl-7.85.0.tar.gz --no-check-certificate
tar -zxf curl-7.85.0.tar.gz
cd curl-7.85.0
mkdir /usr/local/curl
./configure --prefix=/usr/local/curl --with-ssl --with-nghttp2=/usr/local --disable-file --without-pic --disable-shared #编译完,看看HTTP2是否为enabled。
make
make install
注:openssl用系统自带的话,编译的时候,将--with-ssl=/opt/openssl的=/opt/openssl去掉即可
编译反馈:
configure: Configured to build curl/libcurl:
Host setup: x86_64-pc-linux-gnu
Install prefix: /usr/local/curl
Compiler: gcc -std=gnu11
CFLAGS: -Werror-implicit-function-declaration -O2 -Wno-system-headers -pthread
CPPFLAGS: -isystem /usr/local/include
LDFLAGS: -L/usr/local/lib
LIBS: -lnghttp2 -lssl -lcrypto -lssl -lcrypto -lz
curl version: 7.85.0
SSL: enabled (OpenSSL)
SSH: no (--with-{libssh,libssh2})
zlib: enabled
brotli: no (--with-brotli)
zstd: no (--with-zstd)
GSS-API: no (--with-gssapi)
GSASL: no (libgsasl not found)
TLS-SRP: no (--enable-tls-srp)
resolver: POSIX threaded
IPv6: enabled
Unix sockets: enabled
IDN: no (--with-{libidn2,winidn})
Build libcurl: Shared=no, Static=yes
Built-in manual: enabled
--libcurl option: enabled (--disable-libcurl-option)
Verbose errors: enabled (--disable-verbose)
Code coverage: disabled
SSPI: no (--enable-sspi)
ca cert bundle: /etc/pki/tls/certs/ca-bundle.crt
ca cert path: no
ca fallback: no
LDAP: no (--enable-ldap / --with-ldap-lib / --with-lber-lib)
LDAPS: no (--enable-ldaps)
RTSP: enabled
RTMP: no (--with-librtmp)
PSL: no (libpsl not found)
Alt-svc: enabled (--disable-alt-svc)
Headers API: enabled (--disable-headers-api)
HSTS: enabled (--disable-hsts)
HTTP1: enabled (internal)
HTTP2: enabled (nghttp2)
HTTP3: no (--with-ngtcp2, --with-quiche --with-msh3)
ECH: no (--enable-ech)
Protocols: DICT FTP FTPS GOPHER GOPHERS HTTP HTTPS IMAP IMAPS MQTT POP3 POP3S RTSP SMB SMBS SMTP SMTPS TELNET TFTP
Features: AsynchDNS HSTS HTTP2 HTTPS-proxy IPv6 Largefile NTLM NTLM_WB SSL UnixSockets alt-svc libz
注:编译完,看看HTTP2是否为enabled。
验证:
# /usr/local/curl/bin/curl --version
curl 7.85.0 (x86_64-pc-linux-gnu) libcurl/7.85.0 OpenSSL/1.0.2k-fips zlib/1.2.7 nghttp2/1.49.0
Release-Date: 2022-08-31
Protocols: dict ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS HSTS HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL UnixSockets
# /usr/local/curl/bin/curl -I --http2 https://www.baidu.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Tue, 20 Sep 2022 10:44:28 GMT
Etag: "575e1f72-115"
Last-Modified: Mon, 13 Jun 2016 02:50:26 GMT
Pragma: no-cache
Server: bfe/1.0.8.18
相关错误的解决措施
curl: (48) An unknown option was passed in to libcurl
解决措施:运行sudo ldconfig命令进行修复即可解决。
安装脚本
- 将对应的包传到要安装的设备上
$ ls
curl-7.85.0.tar.gz curl.zip nghttp2-1.49.0.tar.gz source_pkg_install_curl.sh
$ scp source_pkg_install_curl.sh *.tar.gz root@install_IP:/usr/local/src
- 到install_IP设备上
# cd /usr/local/src/
# dos2unix source_pkg_install_curl.sh
dos2unix: converting file source_pkg_install_curl.sh to Unix format ...
# sh source_pkg_install_curl.sh 2>/dev/null
install_curl_error@ok
返回ok,即说明安装成功
安装脚本:
# cat source_pkg_install_curl.sh
#!/bin/bash
# Source package installation curl script
# You need to copy the corresponding package to /usr/local/src, replace the corresponding package name, and then execute the script.
# Test compatible with centos6.5, centos7.6
#auth:melodyding for 20220920
nghttp2_pkgname="nghttp2-1.49.0.tar.gz"
curl_pkgname="curl-7.85.0.tar.gz"
http2_test_url="https://nghttp2.org"
# package directory
pkg_dir="/usr/local/src"
error_type="install_curl_error"
source_pkg_install_curl_log=/usr/local/src/install_curl.log
function echolog() {
temp="$*"
shengyu_arvs=`echo "${temp#* }"`
printf "%s@%s\n" "$1" "${shengyu_arvs}"
}
function check_env()
{
# Check if openssl version is greater than or equal to 1.0.1
# ① Compare with 1.0.1 according to the obtained version number.
# ②Use sort -V to reverse the version order to get a larger version number.
# ③ If the larger version number is not 1.0.1, it is judged that the obtained version number is greater than or equal to 1.0.1
openssl_version=`rpm -qa openssl | head -n 1 | awk -F'-' '{print $2}' | sed 's/[a-z]//g'`
if [ `echo -e "1.0.1\n${openssl_version}" | sort -rVu | wc -l` -ne 1 ];then
[ `echo -e "1.0.1\n${openssl_version}" | sort -rVu | head -n 1 | grep 1.0.1 | wc -l` -ne 0 ] && { echolog "$error_type" "openssl version less than 1.0.1" ; exit 0; }
fi
[ -f ${source_pkg_install_curl_log} ] && mv ${source_pkg_install_curl_log} ${source_pkg_install_curl_log}_`date +%Y%m%d_%H%M`
}
function install_nghttp2()
{
# Install nghttp2
cd ${pkg_dir}
#wget https://github.com/nghttp2/nghttp2/releases/download/v1.49.0/nghttp2-1.49.0.tar.gz
[ ! -f ${nghttp2_pkgname} ] && { echolog "$error_type" "${nghttp2_pkgname} no found" ; exit 0; }
tar -zxf ${nghttp2_pkgname}
cd ${nghttp2_pkgname%.tar.gz}
mkdir /usr/local/nghttp2 2>/dev/null
./configure 2>/dev/null >> ${source_pkg_install_curl_log}
make >> ${source_pkg_install_curl_log}
make install >> ${source_pkg_install_curl_log}
[ `ls -l /usr/local/lib | grep libnghttp2 | wc -l` -ge 0 ] && echo '/usr/local/lib' > /etc/ld.so.conf.d/custom-libs.conf || { echolog "$error_type" "libnghttp2 library copy failed" ; exit 0; }
ldconfig
[ `ldconfig -p| grep libnghttp2 | wc -l` -eq 0 ] && { echolog "$error_type" "libnghttp2 library copy failed" ; exit 0; }
}
function install_curl()
{
# Install curl
cd ${pkg_dir}
#wget wget https://curl.se/download/curl-7.85.0.tar.gz --no-check-certificate
[ ! -f ${curl_pkgname} ] && { echolog "$error_type" "${curl_pkgname} no found" ; exit 0; }
tar -zxf ${curl_pkgname}
cd ${curl_pkgname%.tar.gz}
mkdir /usr/local/curl 2>/dev/null
./configure --prefix=/usr/local/curl --with-ssl --with-nghttp2=/usr/local --disable-file --without-pic --disable-shared >> ${source_pkg_install_curl_log}
make >> ${source_pkg_install_curl_log}
make install >> ${source_pkg_install_curl_log}
[[ `/usr/local/curl/bin/curl --version 2>/dev/null | grep HTTP2 | wc -l`X == "0"X ]] && { echolog "$error_type" "curl does not support HTTP2" ; exit 0; }
}
function test_http2_for_curl()
{
test_http2_for_curl_count="/usr/local/curl/bin/curl -I --http2 $http2_test_url 2>/dev/null | grep ^HTTP\/2 | wc -l"
[ "$test_http2_for_curl_count"X == "0"X ] && { echolog "$error_type" "test http2 for curl failed" ; } || { echolog "$error_type" "ok" ; }
}
function main()
{
check_env
install_nghttp2
install_curl
test_http2_for_curl
}
main
exit 0
source_pkg_install_curl.sh
curl-7.85.0.tar.gznghttp2-1.49.0.tar.gz
yum update
最近业务上有需求,需要curl支持http2,其实是php依赖的libcurl扩展,本质上是libcurl的版本低了。所以需要升级curl,但是网上的文章都是说要编译curl安装,比较麻烦,容易出错。 所以建议使用rpm的yum update来更新curl
一、添加city-fan.org的源
vim /etc/yum.repos.d/city-fan.org.repo # 编辑文件添加如下
[city-fan.org]
name=city-fan.org repository for Red Hat Enterprise Linux (and clones) $releasever ($basearch)
#baseurl=http://mirror.city-fan.org/ftp/contrib/yum-repo/rhel$releasever/$basearch
mirrorlist=http://mirror.city-fan.org/ftp/contrib/yum-repo/mirrorlist-rhel$releasever
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-city-fan.org
[city-fan.org-debuginfo]
name=city-fan.org debuginfo repository for Red Hat Enterprise Linux (and clones) $releasever ($basearch)
#baseurl=http://www.city-fan.org/ftp/contrib-debug/rhel$releasever/$basearch
mirrorlist=http://www.city-fan.org/ftp/contrib-debug/mirrorlist-rhel$releasever
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-city-fan.org
[city-fan.org-source]
name=city-fan.org source repository for Red Hat Enterprise Linux (and clones) $releasever
#baseurl=http://mirror.city-fan.org/ftp/contrib/yum-repo/rhel$releasever/source
mirrorlist=http://mirror.city-fan.org/ftp/contrib/yum-repo/source-mirrorlist-rhel$releasever
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-city-fan.org
二、更新curl
# yum update curl
三、测试,发现curl已经更新了,支持http2
验证发现有依赖问题
# yum update curl
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* city-fan.org: www.city-fan.org
* city-fan.org-source: www.city-fan.org
Resolving Dependencies
--> Running transaction check
---> Package curl.x86_64 0:7.29.0-51.el7 will be updated
---> Package curl.x86_64 0:7.85.0-1.0.cf.rhel7 will be an update
--> Processing Dependency: libcurl(x86-64) >= 7.85.0-1.0.cf.rhel7 for package: curl-7.85.0-1.0.cf.rhel7.x86_64
--> Running transaction check
---> Package libcurl.x86_64 0:7.29.0-51.el7 will be updated
---> Package libcurl.x86_64 0:7.85.0-1.0.cf.rhel7 will be an update
--> Processing Dependency: libpsl(x86-64) >= 0.20.2 for package: libcurl-7.85.0-1.0.cf.rhel7.x86_64
--> Processing Dependency: libssh2(x86-64) >= 1.10.0 for package: libcurl-7.85.0-1.0.cf.rhel7.x86_64
--> Processing Dependency: libpsl.so.5()(64bit) for package: libcurl-7.85.0-1.0.cf.rhel7.x86_64
--> Running transaction check
---> Package libpsl.x86_64 0:0.20.2-6.el7 will be installed
--> Processing Dependency: libidn2.so.0(IDN2_0.0.0)(64bit) for package: libpsl-0.20.2-6.el7.x86_64
--> Processing Dependency: publicsuffix-list-dafsa for package: libpsl-0.20.2-6.el7.x86_64
--> Processing Dependency: libidn2.so.0()(64bit) for package: libpsl-0.20.2-6.el7.x86_64
---> Package libssh2.x86_64 0:1.4.3-12.el7 will be updated
---> Package libssh2.x86_64 0:1.10.0-4.0.cf.rhel7 will be an update
--> Running transaction check
---> Package libpsl.x86_64 0:0.20.2-6.el7 will be installed
--> Processing Dependency: libidn2.so.0(IDN2_0.0.0)(64bit) for package: libpsl-0.20.2-6.el7.x86_64
--> Processing Dependency: libidn2.so.0()(64bit) for package: libpsl-0.20.2-6.el7.x86_64
---> Package publicsuffix-list-dafsa.noarch 0:20180723-1.el7 will be installed
--> Finished Dependency Resolution
Error: Package: libpsl-0.20.2-6.el7.x86_64 (city-fan.org)
Requires: libidn2.so.0()(64bit)
Error: Package: libpsl-0.20.2-6.el7.x86_64 (city-fan.org)
Requires: libidn2.so.0(IDN2_0.0.0)(64bit)
You could try using --skip-broken to work around the problem
** Found 11 pre-existing rpmdb problem(s), 'yum check' output follows:
perl-Log-Log4perl-1.42-2.el7.noarch has missing requires of perl(Log::Dispatch::File)
perl-Log-Log4perl-1.42-2.el7.noarch has missing requires of perl(Log::Dispatch::FileRotate) >= ('0', '1.10', None)
perl-Log-Log4perl-1.42-2.el7.noarch has missing requires of perl(Log::Dispatch::Screen)
perl-Log-Log4perl-1.42-2.el7.noarch has missing requires of perl(Log::Dispatch::Syslog)
perl-Log-Log4perl-1.42-2.el7.noarch has missing requires of perl(RRDs)
perl-Log-Log4perl-1.42-2.el7.noarch has missing requires of perl(XML::DOM)
perl_DaemonGeneric-1.0.1-1n.noarch has missing requires of perl(Event)
perlc_DaemonGeneric-1.0.1-2.noarch has missing requires of perl(Event)
perlc_Mail_Sender-1.0.1-1.x86_64 has missing requires of perl(Win32API::Registry)
ppSystem-9.0.7-1.noarch has missing requires of perl_Mail_Sender >= ('0', '0.8.13', '1')
qsdn-modules-1.2-606.x86_64 has missing requires of libssl.so.1.1()(64bit)
[root@fuzhou12 yum.repos.d]# ls
city-fan.org.repo ws.repo
参考:
https://blog.51cto.com/u_15301988/5133675
https://www.cnblogs.com/huangweimin/articles/15882913.html
0