Created attachment 3790 [details] config.log Hi, I'm trying to compile an openssh 9.6p1 with an openssl 3.0.13. I get this error: ... checking for openssl... /usr/bin/openssl checking for openssl/opensslv.h... yes checking OpenSSL header version... not found configure: error: OpenSSL version header not found. I compile with this configure command: ./configure --prefix=/opt/openssh --includedir=/opt/openssl/include/openssl --with-ssl-dir=/opt/openssl --with-xauth=/usr/bin/xauth --with-zlib=/opt/zlib The file openssl.v is present under /opt/openssl/include/openssl This error also happends with the newest openssl 3.2.1 I attach the config.log best regards fatcharly
This error message is near the end of config.log: > ./conftest: error while loading shared libraries: libcrypto.so.3: cannot open shared object file: No such file or directory It looks like your OpenSSL is either not properly installed or your configure options don't properly specify the path to the libraries.
You can get configure to tell the linker to set a dynamic runtime path. We do this in the CI tests on Ubuntu: ./configure --with-ssl-dir=/opt/openssl --with-rpath=-Wl,-rpath, (note that in this example, the trailing comma is significant.)
(In reply to fatcharly from comment #0) [...] > checking OpenSSL header version... not found > configure: error: OpenSSL version header not found. (In reply to Damien Miller from comment #1) > > ./conftest: error while loading shared libraries: libcrypto.so.3: cannot open shared object file: No such file or directory Given what the actual failure was, the message was a bit misleading. I'm not sure what would be an improvement, though. "compiling OpenSSL version header test program" ?
Created attachment 3791 [details] improve (?) openssl header check error message
Comment on attachment 3791 [details] improve (?) openssl header check error message I can't think of a better wording
Hi, before I compile the open ssl with "make install", I do a "make test", and this takes long but its all ok. So, I run this: ./configure --with-ssl-dir=/opt/openssl --with-rpath=-Wl,-rpath, and send you the log again ?
I just checked to be sure: [root@pia opt]# find /opt/openssl -name libcrypto.so.3 /opt/openssl/lib/libcrypto.so.3 It's where it is supposed to be.
Result of: ./configure --with-ssl-dir=/opt/openssl --with-rpath=-Wl,-rpath, OpenSSH has been configured with the following options: User binaries: /usr/local/bin System binaries: /usr/local/sbin Configuration files: /usr/local/etc Askpass program: /usr/local/libexec/ssh-askpass Manual pages: /usr/local/share/man/manX PID file: /var/run Privilege separation chroot path: /var/empty sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin Manpage format: doc PAM support: no OSF SIA support: no KerberosV support: no SELinux support: no libedit support: no libldns support: no Solaris process contract support: no Solaris project support: no Solaris privilege support: no IP address in $DISPLAY hack: no Translate v4 in v6 hack: yes BSD Auth support: no Random number source: OpenSSL internal ONLY Privsep sandbox style: none PKCS#11 support: yes U2F/FIDO support: yes Host: i686-pc-linux-gnu Compiler: cc -std=gnu99 Compiler flags: -g -O2 -pipe -Wall -Wextra -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -Wno-un used-parameter -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-all -fPIE Preprocessor flags: -I/opt/openssl/include -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_GNU_SOURCE -DOPENSSL_API_COMPAT=0x1010 0000L Linker flags: -L/opt/openssl/lib -Wl,-rpath,/opt/openssl/lib -Wl,-z,retpolineplt -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -fstac k-protector-all -pie Libraries: -lresolv -lrt -ldl -lutil +for channels: -lcrypto -lz +for sshd: -lcrypt
(In reply to fatcharly from comment #6) > Hi, > before I compile the open ssl with "make install", I do a "make > test", and this takes long but its all ok. > > So, I run this: > > ./configure --with-ssl-dir=/opt/openssl --with-rpath=-Wl,-rpath, yes. > and send you the log again ? Nope, if it works (which based on comment#8, it did) then all you need to do now is run "make" and if that succeeds then you're good to go.
Your comment#8 indicates the problem you reported has been resolved. Please reopen if that is not the case.