tanguynicolas
commented
1 year ago Full output: https://www.transfernow.net/dl/20230525USK7wC1Y
Closed tanguynicolas closed 1 year ago
tanguynicolas
commented
1 year ago Full output: https://www.transfernow.net/dl/20230525USK7wC1Y
tanguynicolas
commented
1 year ago On Manjaro wit OpenSSL 3.0.8 (so I use -DOQS_USE_OPENSSL=OFF), it seems to work This was not the case a few days ago when I tried it.
I'll leave the issue open in case my logs help you or if you can explain why it didn't work under Ubuntu.
baentsch
commented
1 year ago Just a guess: I'm not mistaken (? please check?), Ubuntu22 also already uses OpenSSL3 and not the outdated 111, so you may need to build liboqs without OpenSSL support there too in order to have the old oqs-openssl111 run OK there too. I wonder though, why you are not using oqsprovider with operating systems already at OpenSSL3. Everyone (incl. us) is moving away from OpenSSL111... See for example the links in https://github.com/open-quantum-safe/openssl/discussions/434
tanguynicolas
commented
1 year ago Thank you for your feedback.
In the examples I used OpenSSL 111 on Ubuntu 20. I used this because I was having compilation problems, and I remember reading somewhere in one of your documents that the tutorial had been done with Ubuntu 18. I wanted to give myself the best possible chance
baentsch
commented
1 year ago The error message to me looks very much like your (V)machine is running out of memory. Retry with make -j 8 or so to not overwhelm it with jobs....
yacoubhanna
commented
1 year ago @baentsch Can you please have a look that the errors that I was receiving. I'm using Ubuntu 20.04 and I made OpenSSL Open Safe Quantum as a default openssl on my system. I can create quantum certificates and use s-server and s-client by using openssl. not apps/openssl......... So I'm trying to work with stunnel and I installed stunnel from source.
When I run ./configure in stunnel I got this. It is configuring TLS from /usr/local/ssl which is a pure OQS openssl
configure: **************************************** initialization
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a race-free mkdir -p... /usr/bin/mkdir -p
checking for gawk... no
checking for mawk... mawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether the compiler supports GNU C... yes
checking whether gcc accepts -g... yes
checking for gcc option to enable C11 features... none needed
checking whether gcc understands -c and -o together... yes
checking whether make supports the include directive... yes (GNU style)
checking dependency style of gcc... gcc3
checking whether make sets $(MAKE)... (cached) yes
checking whether make supports nested variables... (cached) yes
configure: **************************************** bash completion
checking for bashcompdir...
configure: **************************************** thread model
checking for a sed that does not truncate output... /usr/bin/sed
checking how to run the C preprocessor... gcc -E
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking whether gcc is Clang... no
checking whether pthreads work with "-pthread" and "-lpthread"... yes
checking for joinable pthread attribute... PTHREAD_CREATE_JOINABLE
checking whether more special flags are required for pthreads... no
checking for PTHREAD_PRIO_INHERIT... yes
configure: PTHREAD thread model detected
configure: **************************************** compiler/linker flags
checking whether C compiler accepts -Wall... yes
checking whether C compiler accepts -Wextra... yes
checking whether C compiler accepts -Wpedantic... yes
checking whether C compiler accepts -Wformat=2... yes
checking whether C compiler accepts -Wconversion... yes
checking whether C compiler accepts -Wno-long-long... yes
checking whether C compiler accepts -Wno-deprecated-declarations... yes
checking whether C compiler accepts -fPIE... yes
checking whether C compiler accepts -fstack-protector... yes
checking whether the linker accepts -fPIE... yes
checking whether the linker accepts -pie... yes
checking whether the linker accepts -Wl,-z,relro... yes
checking whether the linker accepts -Wl,-z,now... yes
checking whether the linker accepts -Wl,-z,noexecstack... yes
checking whether C compiler accepts -D_FORTIFY_SOURCE=2... yes
configure: **************************************** libtool
checking how to print strings... printf
checking for a sed that does not truncate output... (cached) /usr/bin/sed
checking for fgrep... /usr/bin/grep -F
checking for ld used by gcc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 1572864
checking how to convert x86_64-pc-linux-gnu file names to x86_64-pc-linux-gnu format... func_convert_file_noop
checking how to convert x86_64-pc-linux-gnu file names to toolchain format... func_convert_file_noop
checking for /usr/bin/ld option to reload object files... -r
checking for objdump... objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... no
checking how to associate runtime and link libraries... printf %s\n
checking for ar... ar
checking for archiver @FILE support... @
checking for strip... strip
checking for ranlib... ranlib
checking command to parse /usr/bin/nm -B output from gcc object... ok
checking for sysroot... no
checking for a working dd... /usr/bin/dd
checking how to truncate binary pipes... /usr/bin/dd bs=4096 count=1
checking for mt... mt
checking if mt is a manifest tool... no
checking for stdio.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for strings.h... yes
checking for sys/stat.h... yes
checking for sys/types.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if gcc supports -fno-rtti -fno-exceptions... no
checking for gcc option to produce PIC... -fPIC -DPIC
checking if gcc PIC flag -fPIC -DPIC works... yes
checking if gcc static flag -static works... yes
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.o... (cached) yes
checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... no
configure: **************************************** types
checking for int8_t... yes
checking for int16_t... yes
checking for int32_t... yes
checking for int64_t... yes
checking for uint8_t... yes
checking for uint16_t... yes
checking for uint32_t... yes
checking for uint64_t... yes
checking for size_t... yes
checking for ssize_t... yes
checking for uid_t in sys/types.h... yes
checking for socklen_t... yes
checking for struct sockaddr_un... yes
checking for struct addrinfo... yes
configure: **************************************** PTY device files
checking for "/dev/ptmx"... yes
checking for "/dev/ptc"... no
configure: **************************************** entropy sources
checking for "/dev/urandom"... yes
configure: **************************************** default group
checking for default group... nogroup
checking for special C compiler options needed for large files... no
checking for _FILE_OFFSET_BITS value needed for large files... no
configure: **************************************** header files
checking for stdint.h... (cached) yes
checking for inttypes.h... (cached) yes
checking for malloc.h... yes
checking for ucontext.h... yes
checking for pthread.h... yes
checking for poll.h... yes
checking for tcpd.h... no
checking for stropts.h... no
checking for grp.h... yes
checking for unistd.h... (cached) yes
checking for util.h... no
checking for libutil.h... no
checking for pty.h... yes
checking for limits.h... yes
checking for sys/types.h... (cached) yes
checking for sys/select.h... yes
checking for sys/poll.h... yes
checking for sys/socket.h... yes
checking for sys/un.h... yes
checking for sys/ioctl.h... yes
checking for sys/filio.h... no
checking for sys/resource.h... yes
checking for sys/uio.h... yes
checking for sys/syscall.h... yes
checking for sys/param.h... yes
checking for linux/sched.h... yes
checking for struct msghdr.msg_control... yes
checking for linux/netfilter_ipv4.h... yes
configure: **************************************** libraries
checking for library containing gethostbyname... none required
checking for library containing yp_get_default_domain... -lnsl
checking for library containing socket... none required
checking for library containing openpty... -lutil
checking for library containing dlopen... -ldl
checking for library containing shl_load... no
configure: **************************************** library functions
checking for snprintf... yes
checking for vsnprintf... yes
checking for openpty... yes
checking for _getpty... no
checking for daemon... yes
checking for waitpid... yes
checking for wait4... yes
checking for setsid... yes
checking for setgroups... yes
checking for chroot... yes
checking for realpath... yes
checking for sysconf... yes
checking for getrlimit... yes
checking for pthread_sigmask... yes
checking for localtime_r... yes
checking for getcontext... yes
checking for __makecontext_v2... no
checking for poll... yes
checking for gethostbyname2... yes
checking for endhostent... yes
checking for getnameinfo... yes
checking for getaddrinfo... yes
checking for broken poll() implementation... no
checking for pipe2... yes
checking for accept4... yes
configure: **************************************** optional features
checking whether to enable IPv6 support... yes (default)
checking whether to enable FIPS support... autodetecting
checking whether to enable systemd socket activation support... autodetecting
checking for library containing sd_listen_fds... no
configure: systemd library not found
checking whether to enable TCP wrappers support... autodetecting
checking for hosts_access in -lwrap... no
configure: libwrap library not found
configure: **************************************** TLS
**checking for TLS directory... /usr/local/ssl**
checking for FIPS_mode_set... no
checking for OSSL_PROVIDER_available... no
configure: FIPS support not found
checking whether DH parameters need to be updated... no
configure: **************************************** write the results
checking that generated files are newer than configure... done
configure: creating ./config.status
config.status: creating Makefile
config.status: creating src/Makefile
config.status: creating doc/Makefile
config.status: creating tools/Makefile
config.status: creating tests/Makefile
config.status: creating tests/certs/Makefile
config.status: creating src/config.h
config.status: src/config.h is unchanged
config.status: executing depfiles commands
config.status: executing libtool commands
configure: **************************************** success
Then, when I do make, I get these errors. Is there something that I can modify for it to work?
/usr/bin/ld: /usr/local/ssl/lib/libssl.a(s3_lib.o): in function `ssl3_clear':
s3_lib.c:(.text+0x53b): undefined reference to `OQS_KEM_free'
/usr/bin/ld: /usr/local/ssl/lib/libssl.a(extensions_clnt.o): in function `tls_construct_ctos_key_share':
extensions_clnt.c:(.text+0x18ce): undefined reference to `OQS_KEM_new'
/usr/bin/ld: extensions_clnt.c:(.text+0x196b): undefined reference to `OQS_KEM_keypair'
/usr/bin/ld: extensions_clnt.c:(.text+0x1a89): undefined reference to `OQS_MEM_secure_free'
/usr/bin/ld: extensions_clnt.c:(.text+0x1a91): undefined reference to `OQS_MEM_insecure_free'
/usr/bin/ld: extensions_clnt.c:(.text+0x1ab5): undefined reference to `OQS_KEM_free'
/usr/bin/ld: /usr/local/ssl/lib/libssl.a(extensions_clnt.o): in function `tls_parse_stoc_key_share':
extensions_clnt.c:(.text+0x3f68): undefined reference to `OQS_KEM_decaps'
/usr/bin/ld: extensions_clnt.c:(.text+0x409f): undefined reference to `OQS_MEM_secure_free'
/usr/bin/ld: extensions_clnt.c:(.text+0x40bd): undefined reference to `OQS_MEM_secure_free'
/usr/bin/ld: extensions_clnt.c:(.text+0x40db): undefined reference to `OQS_KEM_free'
/usr/bin/ld: extensions_clnt.c:(.text+0x41b2): undefined reference to `OQS_KEM_new'
/usr/bin/ld: /usr/local/ssl/lib/libssl.a(extensions_srvr.o): in function `tls_parse_ctos_key_share':
extensions_srvr.c:(.text+0x1481): undefined reference to `OQS_KEM_new'
/usr/bin/ld: /usr/local/ssl/lib/libssl.a(extensions_srvr.o): in function `tls_construct_stoc_key_share':
extensions_srvr.c:(.text+0x3dd1): undefined reference to `OQS_KEM_new'
/usr/bin/ld: extensions_srvr.c:(.text+0x3e1d): undefined reference to `OQS_KEM_encaps'
/usr/bin/ld: extensions_srvr.c:(.text+0x3f6b): undefined reference to `OQS_MEM_secure_free'
/usr/bin/ld: extensions_srvr.c:(.text+0x3f73): undefined reference to `OQS_KEM_free'
/usr/bin/ld: extensions_srvr.c:(.text+0x422c): undefined reference to `OQS_MEM_secure_free'
/usr/bin/ld: extensions_srvr.c:(.text+0x4234): undefined reference to `OQS_KEM_free'
/usr/bin/ld: /usr/local/ssl/lib/libssl.a(t1_lib.o): in function `nid_cb':
t1_lib.c:(.text+0x404): undefined reference to `OQS_KEM_alg_is_enabled'
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(oqs_meth.o): in function `pkey_oqs_digestsign':
oqs_meth.c:(.text+0x2c2): undefined reference to `OQS_SIG_sign'
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(oqs_meth.o): in function `oqs_free':
oqs_meth.c:(.text+0x2372): undefined reference to `OQS_SIG_free'
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(oqs_meth.o): in function `pkey_oqs_digestverify':
oqs_meth.c:(.text+0x26a1): undefined reference to `OQS_SIG_verify'
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(oqs_meth.o): in function `oqs_key_init':
oqs_meth.c:(.text+0x2c72): undefined reference to `OQS_SIG_alg_is_enabled'
/usr/bin/ld: oqs_meth.c:(.text+0x2c7e): undefined reference to `OQS_SIG_new'
/usr/bin/ld: oqs_meth.c:(.text+0x2dc8): undefined reference to `OQS_SIG_free'
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(oqs_meth.o): in function `pkey_oqs_keygen':
oqs_meth.c:(.text+0x2f52): undefined reference to `OQS_SIG_keypair'
/usr/bin/ld: oqs_meth.c:(.text+0x2fda): undefined reference to `OQS_SIG_free'
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(oqs_meth.o): in function `oqs_priv_decode':
oqs_meth.c:(.text+0x355e): undefined reference to `OQS_SIG_free'
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(oqs_meth.o): in function `oqs_pub_decode':
oqs_meth.c:(.text+0x395e): undefined reference to `OQS_SIG_free'
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(oqs_meth.o): in function `OQSKEM_options':
oqs_meth.c:(.text+0x3a53): undefined reference to `OQS_KEM_alg_is_enabled'
/usr/bin/ld: /usr/local/ssl/lib/libcrypto.a(oqs_meth.o): in function `OQSSIG_options':
oqs_meth.c:(.text+0x3b13): undefined reference to `OQS_SIG_alg_is_enabled'
collect2: error: ld returned 1 exit status
Thank you so much for your time.
baentsch
commented
1 year ago The error message clearly points to liboqs not being linked in. But I have to apologize for not having time to look into this deeply: I shifted focus away from this old software and recommend the same to anyone else, too: Please switch to OpenSSL3 ( & oqsprovider for PQC).
Hello,
As part of a university project (UPJV, France), our cryptography professor and I are trying to compile the code you are making available. However, we're encountering a lot of errors during compilation. For no apparent reason, even though we've followed the documentation perfectly.
We've tried this on Ubuntu 18, 20 and 22 (from scratch) with OpenSSL 1.1.1t.
Here are the commands typed:
And the errors obtained (short version):
Do you have any idea what could cause this? Thanks