Re: [openssl-dev] afalg with OpenSSL 1.1.0f 25 May 2017
On 16/08/17 09:00, Jitendra Lulla wrote:
> Hi Matt,
>
> Thanks, I could find that the /usr/include/linux/version.h has #define
> LINUX_VERSION_CODE 199168 for my booted kernel 4.9.37. Which is why I see the
> following warnings also:
>
> gcc -Iinclude -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS
> -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2
> -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM
> -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM
> -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM
> -DOPENSSLDIR="\"/usr/local/ssl\""
> -DENGINESDIR="\"/usr/local/lib64/engines-1.1\"" -Wall -O3 -pthread -m64
> -DL_ENDIAN -Wa,--noexecstack -fPIC -DOPENSSL_USE_NODELETE -MMD -MF
> engines/afalg/e_afalg.d.tmp -MT engines/afalg/e_afalg.o -c -o
> engines/afalg/e_afalg.o engines/afalg/e_afalg.c
> engines/afalg/e_afalg.c:30:4: warning: #warning "AFALG ENGINE requires Kernel
> Headers >= 4.1.0" [-Wcpp]
> # warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
> ^
> engines/afalg/e_afalg.c:31:4: warning: #warning "Skipping Compilation of
> AFALG engine" [-Wcpp]
> # warning "Skipping Compilation of AFALG engine"
>
>
> I will fix this problem now by having proper setup. Will update if I face any
> more issues.
Yes - your kernel headers must be at least at 4.1.0 or better for afalg
to work.
Matt
>
> Thanks
> Jitendra
>
>
>
>
>
> On Wed, 8/16/17, Jitendra Lulla <lull...@yahoo.com> wrote:
>
> Subject: Re: afalg with OpenSSL 1.1.0f 25 May 2017
> To: "openssl-dev@openssl.org" <openssl-dev@openssl.org>, "Matt Caswell"
> <m...@openssl.org>
> Cc: "Jitendra Lulla" <lull...@yahoo.com>
> Date: Wednesday, August 16, 2017, 6:30 AM
>
> Hi Matt,
>
>
> I have linux 4.9.37 on RHEL7.3.
> [root@localhost
> jlulla]# uname -a
> Linux localhost.localdomain 4.9.37 #1
> SMP Fri Jul 21 04:52:46 PDT 2017 x86_64 x86_64 x86_64
> GNU/Linux
>
>
> [root@localhost
> test]# OPENSSL_ENGINES=../engines/afalg
> ../util/shlib_wrap.sh ./afalgtest
> AFALG not supported - skipping AFALG
> tests
> PASS
> [root@localhost
> test]#
>
>
> I am getting here:
> # if LINUX_VERSION_CODE <=
> KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
> /*
> * If we get here then it looks like
> there is a mismatch between the linux
> * headers and the actual kernel
> version, so we have tried to compile with
> * afalg support, but then skipped it
> in e_afalg.c. As far as this test is
> * concerned we behave as if we had
> been configured without support
> */
> # define OPENSSL_NO_AFALGENG
> # endif
>
>
> Following is the value for
> KERNEL_VERSION for me:
>
> [root@localhost
> jlulla]# ./kernelversion (program at the bottom of this
> mail)
> KERNEL_VERSION: 262400
> LINUX_VERSION_CODE 199168
> condition:1
>
>
> Where should I look to fix it?
>
> Thanks
> Jitrendra
>
>
> [root@localhost
> jlulla]# cat kernelversion.c
> #define LINUX_VERSION_CODE 199168
> #define KERNEL_VERSION(a,b,c) (((a)
> << 16) + ((b) << 8) + (c))
> #define RHEL_MAJOR 7
> #define RHEL_MINOR 3
> #define RHEL_RELEASE_VERSION(a,b) (((a)
> << 8) + (b))
> #define RHEL_RELEASE_CODE 1795
> #define RHEL_RELEASE "514"
>
> # define K_MAJ 4
> # define K_MIN1 1
> # define K_MIN2 0
> #include
>
> int main()
> {
>
> printf("KERNEL_VERSION: %d\n", KERNEL_VERSION(K_MAJ,
> K_MIN1, K_MIN2));
>
> printf("LINUX_VERSION_CODE %d\n", LINUX_VERSION_CODE);
>
> printf("condition:%d\n",
>
>
> (LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1,
> K_MIN2)));
> }
>
>
>
>
> On Mon, 8/14/17, Matt Caswell <m...@openssl.org>
> wrote:
>
> Subject: Re: afalg with OpenSSL 1.1.0f
> 25 May 2017
> To: "openssl-dev@openssl.org"
> <openssl-dev@openssl.org>
> Cc: "Jitendra Lulla" <lull...@yahoo.com>
> Date: Monday, August 14, 2017, 3:44
> PM
>
> Comments inserted.
>
> On 14/08/17 08:20, Jitendra
> Lulla wrote:
> > Hi,
> >
>
> > I am trying to use afalg on
> Linux
> 4.9.37 with OpenSSL 1.1.0f.
> >
> >
Re: [openssl-dev] afalg with OpenSSL 1.1.0f 25 May 2017
Hi Matt,
Thanks, I could find that the /usr/include/linux/version.h has #define
LINUX_VERSION_CODE 199168 for my booted kernel 4.9.37. Which is why I see the
following warnings also:
gcc -Iinclude -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS
-DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM
-DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM
-DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM
-DOPENSSLDIR="\"/usr/local/ssl\""
-DENGINESDIR="\"/usr/local/lib64/engines-1.1\"" -Wall -O3 -pthread -m64
-DL_ENDIAN -Wa,--noexecstack -fPIC -DOPENSSL_USE_NODELETE -MMD -MF
engines/afalg/e_afalg.d.tmp -MT engines/afalg/e_afalg.o -c -o
engines/afalg/e_afalg.o engines/afalg/e_afalg.c
engines/afalg/e_afalg.c:30:4: warning: #warning "AFALG ENGINE requires Kernel
Headers >= 4.1.0" [-Wcpp]
# warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
^
engines/afalg/e_afalg.c:31:4: warning: #warning "Skipping Compilation of AFALG
engine" [-Wcpp]
# warning "Skipping Compilation of AFALG engine"
I will fix this problem now by having proper setup. Will update if I face any
more issues.
Thanks
Jitendra
----
On Wed, 8/16/17, Jitendra Lulla <lull...@yahoo.com> wrote:
Subject: Re: afalg with OpenSSL 1.1.0f 25 May 2017
To: "openssl-dev@openssl.org" <openssl-dev@openssl.org>, "Matt Caswell"
<m...@openssl.org>
Cc: "Jitendra Lulla" <lull...@yahoo.com>
Date: Wednesday, August 16, 2017, 6:30 AM
Hi Matt,
I have linux 4.9.37 on RHEL7.3.
[root@localhost
jlulla]# uname -a
Linux localhost.localdomain 4.9.37 #1
SMP Fri Jul 21 04:52:46 PDT 2017 x86_64 x86_64 x86_64
GNU/Linux
[root@localhost
test]# OPENSSL_ENGINES=../engines/afalg
../util/shlib_wrap.sh ./afalgtest
AFALG not supported - skipping AFALG
tests
PASS
[root@localhost
test]#
I am getting here:
# if LINUX_VERSION_CODE <=
KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
/*
* If we get here then it looks like
there is a mismatch between the linux
* headers and the actual kernel
version, so we have tried to compile with
* afalg support, but then skipped it
in e_afalg.c. As far as this test is
* concerned we behave as if we had
been configured without support
*/
# define OPENSSL_NO_AFALGENG
# endif
Following is the value for
KERNEL_VERSION for me:
[root@localhost
jlulla]# ./kernelversion (program at the bottom of this
mail)
KERNEL_VERSION: 262400
LINUX_VERSION_CODE 199168
condition:1
Where should I look to fix it?
Thanks
Jitrendra
[root@localhost
jlulla]# cat kernelversion.c
#define LINUX_VERSION_CODE 199168
#define KERNEL_VERSION(a,b,c) (((a)
<< 16) + ((b) << 8) + (c))
#define RHEL_MAJOR 7
#define RHEL_MINOR 3
#define RHEL_RELEASE_VERSION(a,b) (((a)
<< 8) + (b))
#define RHEL_RELEASE_CODE 1795
#define RHEL_RELEASE "514"
# define K_MAJ 4
# define K_MIN1 1
# define K_MIN2 0
#include
int main()
{
printf("KERNEL_VERSION: %d\n", KERNEL_VERSION(K_MAJ,
K_MIN1, K_MIN2));
printf("LINUX_VERSION_CODE %d\n", LINUX_VERSION_CODE);
printf("condition:%d\n",
(LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1,
K_MIN2)));
}
On Mon, 8/14/17, Matt Caswell <m...@openssl.org>
wrote:
Subject: Re: afalg with OpenSSL 1.1.0f
25 May 2017
To: "openssl-dev@openssl.org"
<openssl-dev@openssl.org>
Cc: "Jitendra Lulla" <lull...@yahoo.com>
Date: Monday, August 14, 2017, 3:44
PM
Comments inserted.
On 14/08/17 08:20, Jitendra
Lulla wrote:
> Hi,
>
> I am trying to use afalg on
Linux
4.9.37 with OpenSSL 1.1.0f.
>
> I am facing 2 issues:
>
> ONE: when I issue the speed
command, I
see the following:
>
> [root@localhost
apps]# ./openssl speed -evp
aes-128-cbc -engine afalg
> invalid engine "afalg"
>
139853452924736:error:2506406A:DSO support
routines:dlfcn_bind_func:could not
bind to the requested
symbol
name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine):
/usr/local/lib64/engines-1.1/afalg.so:
undefined symbol:
bind_engine
>
139853452924736:error:2506C06A:DSO
support
routines:DSO_bind_func:could not bind
to the requested
symbol name:crypto/dso/dso_lib.c:185:
>
139853452924736:error:260B6068:engine
routines:dynamic_load:DSO
failure:crypto/engine/eng_dyn.c:427:
>
139853452924736:error:2606A074:engine
routines:ENGINE_by_id:no such
engine:crypto/engine/eng_list.c:339:id=afalg
>
139853452924736:error:25066067:DS
>
Re: [openssl-dev] afalg with OpenSSL 1.1.0f 25 May 2017
Hi Matt,
I have linux 4.9.37 on RHEL7.3.
[root@localhost jlulla]# uname -a
Linux localhost.localdomain 4.9.37 #1 SMP Fri Jul 21 04:52:46 PDT 2017 x86_64
x86_64 x86_64 GNU/Linux
[root@localhost test]# OPENSSL_ENGINES=../engines/afalg ../util/shlib_wrap.sh
./afalgtest
AFALG not supported - skipping AFALG tests
PASS
[root@localhost test]#
I am getting here:
# if LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
/*
* If we get here then it looks like there is a mismatch between the linux
* headers and the actual kernel version, so we have tried to compile with
* afalg support, but then skipped it in e_afalg.c. As far as this test is
* concerned we behave as if we had been configured without support
*/
# define OPENSSL_NO_AFALGENG
# endif
Following is the value for KERNEL_VERSION for me:
[root@localhost jlulla]# ./kernelversion (program at the bottom of this mail)
KERNEL_VERSION: 262400
LINUX_VERSION_CODE 199168
condition:1
Where should I look to fix it?
Thanks
Jitrendra
[root@localhost jlulla]# cat kernelversion.c
#define LINUX_VERSION_CODE 199168
#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))
#define RHEL_MAJOR 7
#define RHEL_MINOR 3
#define RHEL_RELEASE_VERSION(a,b) (((a) << 8) + (b))
#define RHEL_RELEASE_CODE 1795
#define RHEL_RELEASE "514"
# define K_MAJ 4
# define K_MIN1 1
# define K_MIN2 0
#include
int main()
{
printf("KERNEL_VERSION: %d\n", KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2));
printf("LINUX_VERSION_CODE %d\n", LINUX_VERSION_CODE);
printf("condition:%d\n",
(LINUX_VERSION_CODE <= KERNEL_VERSION(K_MAJ, K_MIN1,
K_MIN2)));
}
On Mon, 8/14/17, Matt Caswell <m...@openssl.org> wrote:
Subject: Re: afalg with OpenSSL 1.1.0f 25 May 2017
To: "openssl-dev@openssl.org" <openssl-dev@openssl.org>
Cc: "Jitendra Lulla" <lull...@yahoo.com>
Date: Monday, August 14, 2017, 3:44 PM
Comments inserted.
On 14/08/17 08:20, Jitendra
Lulla wrote:
> Hi,
>
> I am trying to use afalg on Linux
4.9.37 with OpenSSL 1.1.0f.
>
> I am facing 2 issues:
>
> ONE: when I issue the speed command, I
see the following:
>
> [root@localhost
apps]# ./openssl speed -evp aes-128-cbc -engine afalg
> invalid engine "afalg"
> 139853452924736:error:2506406A:DSO support
routines:dlfcn_bind_func:could not bind to the requested
symbol name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine):
/usr/local/lib64/engines-1.1/afalg.so: undefined symbol:
bind_engine
>
139853452924736:error:2506C06A:DSO support
routines:DSO_bind_func:could not bind to the requested
symbol name:crypto/dso/dso_lib.c:185:
>
139853452924736:error:260B6068:engine
routines:dynamic_load:DSO
failure:crypto/engine/eng_dyn.c:427:
>
139853452924736:error:2606A074:engine
routines:ENGINE_by_id:no such
engine:crypto/engine/eng_list.c:339:id=afalg
> 139853452924736:error:25066067:DS
>
>
> nm afalg.so doesn't show
bind_engine
>
Assuming
you have already successfully built OpenSSL using
"make", from
the "test"
subdir of the directory where you downloaded the source,
what
happens if you execute:
OPENSSL_ENGINES=../engines/afalg
../util/shlib_wrap.sh ./afalgtest
Another thing to try is (from the top level
source dir)
touch
engines/afalg/e_afalg.c
make
Check to see if there are any
warnings generated during the compilation
of
the engine.
>
> When I modify the openssl.cnf file with
the engine name and the CIPHERS, still I dont get it
working. The command output and the change in the
openssl.cnf pasted at the end of the mail.
>
>
> TWO: I had to create a softlink to
libcrypto.so.1.1 and libssl.so.1.1 like the following to
make openssl command work:
> ln -s
/usr/local/lib64/libssl.so.1.1 /lib64/libssl.so.1.1
> ln -s /usr/local/lib64/libcrypto.so.1.1
/lib64/libcrypto.so.1.1
>
> Is creating the softlinks a known issue
and will be fixed?
No, this will not be
fixed and may not be the most appropriate thing to
do on all systems.
Matt
>
> I have pasted the
complete information about the OS/distro environment and
installation commands I ran at the bottom.
> Could you please suggest what wrong I am
doing to make afalg work.
>
> Thanks
> Jitendra
Lulla
>
>
>
>
> BEFORE INSTALLATION:
>
> [root@localhost
jlulla]# rpm -qa |grep openssl
>
openssl-1.0.1e-60.el7.x86_64
>
openssl-devel-1.0.1e-60.el7.x86_64
>
openssl-libs-1.0.1e-60.el7.x86_64
>
> [root@localhost
jlulla]# openssl version
> OpenSSL
1.0.1e-fips 11 Feb 2013
>
>
>
> PLEASE SEE FROM HERE PLEASE SEE FROM HERE
PLEASE SEE FROM HERE
>
Re: [openssl-dev] afalg with OpenSSL 1.1.0f 25 May 2017
Comments inserted. On 14/08/17 08:20, Jitendra Lulla wrote: > Hi, > > I am trying to use afalg on Linux 4.9.37 with OpenSSL 1.1.0f. > > I am facing 2 issues: > > ONE: when I issue the speed command, I see the following: > > [root@localhost apps]# ./openssl speed -evp aes-128-cbc -engine afalg > invalid engine "afalg" > 139853452924736:error:2506406A:DSO support routines:dlfcn_bind_func:could not > bind to the requested symbol > name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine): > /usr/local/lib64/engines-1.1/afalg.so: undefined symbol: bind_engine > 139853452924736:error:2506C06A:DSO support routines:DSO_bind_func:could not > bind to the requested symbol name:crypto/dso/dso_lib.c:185: > 139853452924736:error:260B6068:engine routines:dynamic_load:DSO > failure:crypto/engine/eng_dyn.c:427: > 139853452924736:error:2606A074:engine routines:ENGINE_by_id:no such > engine:crypto/engine/eng_list.c:339:id=afalg > 139853452924736:error:25066067:DS > > > nm afalg.so doesn't show bind_engine > Assuming you have already successfully built OpenSSL using "make", from the "test" subdir of the directory where you downloaded the source, what happens if you execute: OPENSSL_ENGINES=../engines/afalg ../util/shlib_wrap.sh ./afalgtest Another thing to try is (from the top level source dir) touch engines/afalg/e_afalg.c make Check to see if there are any warnings generated during the compilation of the engine. > > When I modify the openssl.cnf file with the engine name and the CIPHERS, > still I dont get it working. The command output and the change in the > openssl.cnf pasted at the end of the mail. > > > TWO: I had to create a softlink to libcrypto.so.1.1 and libssl.so.1.1 like > the following to make openssl command work: > ln -s /usr/local/lib64/libssl.so.1.1 /lib64/libssl.so.1.1 > ln -s /usr/local/lib64/libcrypto.so.1.1 /lib64/libcrypto.so.1.1 > > Is creating the softlinks a known issue and will be fixed? No, this will not be fixed and may not be the most appropriate thing to do on all systems. Matt > > I have pasted the complete information about the OS/distro environment and > installation commands I ran at the bottom. > Could you please suggest what wrong I am doing to make afalg work. > > Thanks > Jitendra Lulla > > > > > BEFORE INSTALLATION: > > [root@localhost jlulla]# rpm -qa |grep openssl > openssl-1.0.1e-60.el7.x86_64 > openssl-devel-1.0.1e-60.el7.x86_64 > openssl-libs-1.0.1e-60.el7.x86_64 > > [root@localhost jlulla]# openssl version > OpenSSL 1.0.1e-fips 11 Feb 2013 > > > > PLEASE SEE FROM HERE PLEASE SEE FROM HERE PLEASE SEE FROM > HERE > > STEP 1 : SOURCE TAKEN FROM > https://www.openssl.org/source/openssl-1.1.0f.tar.gz 2017-May-25 13:09:51 > > [root@localhost jlulla]# uname -a > Linux localhost.localdomain 4.9.37 #1 SMP Fri Jul 21 04:52:46 PDT 2017 x86_64 > x86_64 x86_64 GNU/Linux > > [root@localhost jlulla]# cat /etc/redhat-release > Red Hat Enterprise Linux Server release 7.3 (Maipo) > > > > [root@localhost openssl-1.1.0f]# pwd > /home/jlulla/openssl-1.1.0f > > STEP 2: [root@localhost openssl-1.1.0f]# ./config shared enable-engine > enable-dso enable-afalgeng > Operating system: x86_64-whatever-linux2 > Configuring for linux-x86_64 > Configuring OpenSSL version 1.1.0f (0x1010006fL) > no-asan[default] OPENSSL_NO_ASAN > no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG > no-crypto-mdebug-backtrace [default] OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE > no-ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128 > no-egd [default] OPENSSL_NO_EGD > no-fuzz-afl[default] OPENSSL_NO_FUZZ_AFL > no-fuzz-libfuzzer [default] OPENSSL_NO_FUZZ_LIBFUZZER > no-heartbeats [default] OPENSSL_NO_HEARTBEATS > no-md2 [default] OPENSSL_NO_MD2 (skip dir) > no-msan[default] OPENSSL_NO_MSAN > no-rc5 [default] OPENSSL_NO_RC5 (skip dir) > no-sctp[default] OPENSSL_NO_SCTP > no-ssl-trace[default] OPENSSL_NO_SSL_TRACE > no-ssl3[default] OPENSSL_NO_SSL3 > no-ssl3-method [default] OPENSSL_NO_SSL3_METHOD > no-ubsan[default] OPENSSL_NO_UBSAN > no-unit-test[default] OPENSSL_NO_UNIT_TEST > no-weak-ssl-ciphers [default] OPENSSL_NO_WEAK_SSL_CIPHERS > no-zlib[default] > no-zlib-dynamic [default] > Configuring for linux-x86_64 > CC=gcc > CFLAG=-Wall -O3 -pthread -m64 -DL_ENDIAN -Wa,--noexecstack > SHARED_CFLAG =-fPIC -DOPENSSL_USE_NODELETE > DEFINES =DSO_DLFCN HAVE_DLFCN_H NDEBUG OPENSSL_THREADS > OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_IA32_SSE2 OPENSSL_BN_ASM_MONT > OPENSSL_BN_ASM_MONT5 OPENSSL_BN_ASM_GF2m SHA1_ASM SHA256_ASM SHA512_ASM > RC4_ASM MD5_ASM AES_ASM VPAES_ASM BSAES_ASM GHASH_ASM ECP_NISTZ256_ASM > PADLOCK_ASM POLY1305_ASM > LFLAG= > PLIB_LFLAG= > EX_LIBS =-ldl > APPS_OBJ = > CPUID_OBJ=x86_64cpuid.o >
[openssl-dev] afalg with OpenSSL 1.1.0f 25 May 2017
Hi, I am trying to use afalg on Linux 4.9.37 with OpenSSL 1.1.0f. I am facing 2 issues: ONE: when I issue the speed command, I see the following: [root@localhost apps]# ./openssl speed -evp aes-128-cbc -engine afalg invalid engine "afalg" 139853452924736:error:2506406A:DSO support routines:dlfcn_bind_func:could not bind to the requested symbol name:crypto/dso/dso_dlfcn.c:178:symname(bind_engine): /usr/local/lib64/engines-1.1/afalg.so: undefined symbol: bind_engine 139853452924736:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the requested symbol name:crypto/dso/dso_lib.c:185: 139853452924736:error:260B6068:engine routines:dynamic_load:DSO failure:crypto/engine/eng_dyn.c:427: 139853452924736:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:339:id=afalg 139853452924736:error:25066067:DS nm afalg.so doesn't show bind_engine When I modify the openssl.cnf file with the engine name and the CIPHERS, still I dont get it working. The command output and the change in the openssl.cnf pasted at the end of the mail. TWO: I had to create a softlink to libcrypto.so.1.1 and libssl.so.1.1 like the following to make openssl command work: ln -s /usr/local/lib64/libssl.so.1.1 /lib64/libssl.so.1.1 ln -s /usr/local/lib64/libcrypto.so.1.1 /lib64/libcrypto.so.1.1 Is creating the softlinks a known issue and will be fixed? I have pasted the complete information about the OS/distro environment and installation commands I ran at the bottom. Could you please suggest what wrong I am doing to make afalg work. Thanks Jitendra Lulla BEFORE INSTALLATION: [root@localhost jlulla]# rpm -qa |grep openssl openssl-1.0.1e-60.el7.x86_64 openssl-devel-1.0.1e-60.el7.x86_64 openssl-libs-1.0.1e-60.el7.x86_64 [root@localhost jlulla]# openssl version OpenSSL 1.0.1e-fips 11 Feb 2013 PLEASE SEE FROM HERE PLEASE SEE FROM HERE PLEASE SEE FROM HERE STEP 1 : SOURCE TAKEN FROM https://www.openssl.org/source/openssl-1.1.0f.tar.gz 2017-May-25 13:09:51 [root@localhost jlulla]# uname -a Linux localhost.localdomain 4.9.37 #1 SMP Fri Jul 21 04:52:46 PDT 2017 x86_64 x86_64 x86_64 GNU/Linux [root@localhost jlulla]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.3 (Maipo) [root@localhost openssl-1.1.0f]# pwd /home/jlulla/openssl-1.1.0f STEP 2: [root@localhost openssl-1.1.0f]# ./config shared enable-engine enable-dso enable-afalgeng Operating system: x86_64-whatever-linux2 Configuring for linux-x86_64 Configuring OpenSSL version 1.1.0f (0x1010006fL) no-asan[default] OPENSSL_NO_ASAN no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG no-crypto-mdebug-backtrace [default] OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE no-ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128 no-egd [default] OPENSSL_NO_EGD no-fuzz-afl[default] OPENSSL_NO_FUZZ_AFL no-fuzz-libfuzzer [default] OPENSSL_NO_FUZZ_LIBFUZZER no-heartbeats [default] OPENSSL_NO_HEARTBEATS no-md2 [default] OPENSSL_NO_MD2 (skip dir) no-msan[default] OPENSSL_NO_MSAN no-rc5 [default] OPENSSL_NO_RC5 (skip dir) no-sctp[default] OPENSSL_NO_SCTP no-ssl-trace[default] OPENSSL_NO_SSL_TRACE no-ssl3[default] OPENSSL_NO_SSL3 no-ssl3-method [default] OPENSSL_NO_SSL3_METHOD no-ubsan[default] OPENSSL_NO_UBSAN no-unit-test[default] OPENSSL_NO_UNIT_TEST no-weak-ssl-ciphers [default] OPENSSL_NO_WEAK_SSL_CIPHERS no-zlib[default] no-zlib-dynamic [default] Configuring for linux-x86_64 CC=gcc CFLAG=-Wall -O3 -pthread -m64 -DL_ENDIAN -Wa,--noexecstack SHARED_CFLAG =-fPIC -DOPENSSL_USE_NODELETE DEFINES =DSO_DLFCN HAVE_DLFCN_H NDEBUG OPENSSL_THREADS OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_IA32_SSE2 OPENSSL_BN_ASM_MONT OPENSSL_BN_ASM_MONT5 OPENSSL_BN_ASM_GF2m SHA1_ASM SHA256_ASM SHA512_ASM RC4_ASM MD5_ASM AES_ASM VPAES_ASM BSAES_ASM GHASH_ASM ECP_NISTZ256_ASM PADLOCK_ASM POLY1305_ASM LFLAG= PLIB_LFLAG= EX_LIBS =-ldl APPS_OBJ = CPUID_OBJ=x86_64cpuid.o UPLINK_OBJ= BN_ASM=asm/x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o EC_ASM=ecp_nistz256.o ecp_nistz256-x86_64.o DES_ENC =des_enc.o fcrypt_b.o AES_ENC =aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o BF_ENC=bf_enc.o CAST_ENC =c_enc.o RC4_ENC =rc4-x86_64.o rc4-md5-x86_64.o RC5_ENC =rc5_enc.o MD5_OBJ_ASM =md5-x86_64.o SHA1_OBJ_ASM =sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o RMD160_OBJ_ASM= CMLL_ENC =cmll-x86_64.o cmll_misc.o MODES_OBJ=ghash-x86_64.o aesni-gcm-x86_64.o PADLOCK_OBJ =e_padlock-x86_64.o CHACHA_ENC=chacha-x86_64.o POLY1305_OBJ =poly1305-x86_64.o BLAKE2_OBJ=
