search

duosecurity / duo_unix

Duo two-factor authentication for Unix systems
http://www.duosecurity.com
349 stars 136 forks source link

duo_unix not working with openssl 3.0.8 #260

Closed vijayakumarbathini closed 1 year ago

vijayakumarbathini commented 1 year ago

Description

Amazon2023 Image Support, duo_unix not working with openssl 3.0.8 version that is built in AL 2023 image

Im encountering an error with login_duo. Here's the error message:

login_duo: error while loading shared libraries: libssl.so.10: cannot open shared object file: No such file or directory

However, I've noticed that /lib64 has different versions of libssl and libcrypto.

lrwxrwxrwx. 1 root root 15 Jun 8 01:51 libssl.so -> libssl.so.3.0.8 lrwxrwxrwx. 1 root root 15 Jun 8 01:51 libssl.so.3 -> libssl.so.3.0.8 -rwxr-xr-x. 1 root root 689368 Jun 8 01:51 libssl.so.3.0.8 -rwxr-xr-x. 1 root root 435064 Mar 3 16:37 libssl3.so

Expected Behavior

duo_unix to pickup available lib crypto and libssl versions

Actual Behavior

duo_unix trying to find the older version of openssl, which can't be installed on new machine

Steps to Reproduce

  1. Run the login_duo command on any Linux Machine built with Amazon Linux 2023 image which has Openssl 3.0.8

Workarounds

AaronAtDuo commented 1 year ago

@vijayakumarbathini Did you compile duo_unix from source, or install one of our packages? If you used a package, which one?

vijayakumarbathini commented 1 year ago

I used one from fedora, duo_unix-2.0.2

AaronAtDuo commented 1 year ago

The Fedora (I assume 12) package is built against the default openssl/crypto libraries that ship with Fedora, so that's why it's linked to openssl 3.

Since we don't ship an Amazon Linux targeted package, your best bet is to build from source, that way it will be sure to link to the versions available on your system.

AaronAtDuo commented 1 year ago

Please reopen if building from source doesn't resolve the dependency issue