インストール: OpenSSL | 安全なWebの根幹を担う暗号化ライブラリー

sh -eux <<-"EOT"
LOCAL=~/.local J=$(grep -cs '^processor' /proc/cpuinfo || echo 2)
PKG=openssl VER=1.1.1a TAG=OpenSSL_$(echo $VER | sed 's/\./_/g')
mkdir -p "$LOCAL/src"
cd "$LOCAL/src"

if command -v git >/dev/null; then
  [ -e $PKG ] || git clone --depth 1 https://github.com/$PKG/$PKG.git $PKG
  cd $PKG
  git fetch --depth 1 origin tag $TAG
  git checkout -f $TAG
else
  [ -e $PKG-$VER ] || wget https://www.openssl.org/source/$PKG-$VER.tar.gz
  tar -xf $PKG-$VER.tar.gz
  cd $PKG-$VER
  make -kj $J distclean clean || :
fi

./config --prefix="$LOCAL/stow/$PKG-$VER" shared
make -j $J
make -j $J test
make -j $J install

cd "$LOCAL/stow"
echo $PKG-[0-9]* | xargs -n 1 stow --ignore=dir -D
stow --ignore=dir $PKG-$VER
EOT

Notes on shared libraries
————————-

For most systems the OpenSSL Configure script knows what is needed to
build shared libraries for libcrypto and libssl. On these systems
the shared libraries will be created by default. This can be suppressed and
only static libraries created by using the “no-shared” option. On systems
where OpenSSL does not know how to build shared libraries the “no-shared”
option will be forced and only static libraries will be created.

Note on shared libraries
————————

Shared libraries have certain caveats. Binary backward compatibility
can’t be guaranteed before OpenSSL version 1.0. The only reason to
use them would be to conserve memory on systems where several programs
are using OpenSSL.

For some systems, the OpenSSL Configure script knows what is needed to
build shared libraries for libcrypto and libssl. On these systems,
the shared libraries are currently not created by default, but giving
the option “shared” will get them created. This method supports Makefile
targets for shared library creation, like linux-shared. Those targets
can currently be used on their own just as well, but this is expected
to change in future versions of OpenSSL.