听起来您的路径上没有 OpenSSL,或者 Httrack 没有拾取它。Httrack 似乎也没有configure
指定 OpenSSL 目录的选项。
Httrack 似乎也拒绝低于 OpenSSL 1.0.1g (Heartbleed) 的任何内容。OS X 默认提供 OpenSSL 0.9.8,因此您应该下载并安装最新版本的 OpenSSL。
CFLAGS
获得 OpenSSL 的更新版本后,通过和导出所需的路径LDFLAGS
。Httrack 会LDLIBS
自行启动。
$ export CFLAGS="-I/usr/local/ssl/macosx-x64/include"
$ export LDFLAGS="-L/usr/local/ssl/macosx-x64/lib"
$ ./configure
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... ./install-sh -c -d
checking for gawk... no
checking for mawk... no
checking for nawk... no
checking for awk... awk
...
config.status: executing depfiles commands
config.status: executing libtool commands
$ cat ./config.log | grep -i openssl
| #define HTS_USEOPENSSL 1
| #define HTS_USEOPENSSL 1
OPENSSL_LIBS='-lcrypto -lssl'
#define HTS_USEOPENSSL 1
以上来自 OS X 10.8.5 和Htrack 3.48.21
您可以验证 OpenSSL 是否链接到:
$ find . -name *.dylib
./libtest/.libs/libbaselinks.dylib
...
./src/.libs/libhtsjava.dylib
./src/.libs/libhttrack.dylib
接着:
$ otool -L ./src/.libs/libhttrack.dylib | grep -i ssl
/usr/local/ssl/macosx-x64/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/local/ssl/macosx-x64/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
您应该能够在安装之前使用以下命令测试构建make check
:
$ make
...
$ make check
...
PASS: 00_runnable.test
PASS: 01_engine-charset.test
PASS: 01_engine-entities.test
md5 selftest succeeded
hashtable summary: size=262144 (lg2=18) used=72619 stash-size=0 pool-size=6693195 pool-capacity=8388608 pool-used=6480537 writes=6600000 (new=175000) moved=44471 stashed=4 max-stash-size=1 avg-moved=0.25412 rehash=14 pool-compact=15 pool-realloc=30 memory=14680688
all hashtable tests were successful!
PASS: 01_engine-hashtable.test
PASS: 01_engine-idna.test
PASS: 01_engine-simplify.test
online tests are disabled
skipping online unit tests
SKIP: 10_crawl-simple.test
online tests are disabled
skipping online unit tests
SKIP: 11_crawl-cookies.test
online tests are disabled
skipping online unit tests
SKIP: 11_crawl-idna.test
online tests are disabled
skipping online unit tests
SKIP: 11_crawl-international.test
online tests are disabled
skipping online unit tests
SKIP: 11_crawl-longurl.test
online tests are disabled
skipping online unit tests
SKIP: 11_crawl-parsing.test
online tests are disabled
skipping online unit tests
SKIP: 12_crawl_https.test
======================
All 6 tests passed
(7 tests were not run)
======================
make[2]: Leaving directory '/Users/.../httrack-3.48.21/tests'
make[1]: Leaving directory '/Users/.../httrack-3.48.21/tests'
make[1]: Entering directory '/Users/.../httrack-3.48.21'
make[1]: Nothing to be done for 'check-am'.
make[1]: Leaving directory '/Users/.../httrack-3.48.21'
我不知道为什么没有执行在线测试,因为它们默认启用:
$ ./configure --help | grep -i online
--enable-online-unit-tests=[yes/no/auto]
Enable online-unit-tests [default=yes]
另请参阅OS X 上的问题 92:'make check' 和 "uname: 非法选项 -- o"。
他们对 OpenSSL 的使用看起来还有改进的余地……您可以考虑打开src/htslib.c
,向下滚动到第 5166 行:
// OpenSSL_add_all_algorithms();
openssl_ctx = SSL_CTX_new(SSLv23_client_method());
if (!openssl_ctx) {
fprintf(stderr,
"fatal: unable to initialize TLS: SSL_CTX_new(SSLv23_client_method)\n");
abortLog("unable to initialize TLS: SSL_CTX_new(SSLv23_client_method)");
assertf("unable to initialize TLS" == NULL);
}
并将其更改为:
// OpenSSL_add_all_algorithms();
openssl_ctx = SSL_CTX_new(SSLv23_client_method());
if (!openssl_ctx) {
fprintf(stderr, "fatal: unable to initialize TLS: SSL_CTX_new(SSLv23_client_method)\n");
abortLog("unable to initialize TLS: SSL_CTX_new(SSLv23_client_method)");
assertf("unable to initialize TLS" == NULL);
}
const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
SSL_CTX_set_options(openssl_ctx, flags);
const char PREFERRED_CIPHERS[] = "HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4";
long res = SSL_CTX_set_cipher_list(openssl_ctx, PREFERRED_CIPHERS);
if (res != 1) {
fprintf(stderr, "fatal: unable to initialize TLS: SSL_CTX_set_cipher_list(PREFERRED_CIPHERS)\n");
abortLog("unable to initialize TLS: SSL_CTX_set_cipher_list(PREFERRED_CIPHERS)");
assertf("unable to initialize TLS" == NULL);
}
您还可以做一些其他的事情。请参阅OpenSSL wiki 上的SSL/TLS 客户端。