(Replying on list to bring this back to the public forum where others
can help you)
On 2021-05-21 16:18, Michael McKenney wrote:
It took awhile to run all these commands
Sorry, but you did not state what command and output indicates
that Ubuntu undid your upgrade, what is the output of each of
the following diagnostic commands (after Ubuntu apparently
undid your upgrade).
$ dpkg --status libssl1.1
$ dpkg --status libssl-dev
$ dpkg --status openssl
$ type openssl
$ openssl version -a
$ ls -alF /usr/lib/x86_64-linux-gnu/libssl*
$ ls -alF /usr/locallib/libssl*
Oops, my bad, should have been /usr/local/lib/libssl*
$ ls -alF /usr/local/bin/openssl
$ /usr/local/bin/openssl version -a
Here is the results
$ dpkg --status libssl1.1
sudo dpkg --status libssl1.1
This shouldn't require root privileges, at least on Debian (Ubuntu is a
heavily modified Debian).
[sudo] password for michael:
Package: libssl1.1
Status: install ok installed
Priority: optional
Section: libs
Installed-Size: 4027
Maintainer: Ubuntu Developers ubuntu-devel-discuss@xxxxxxxxxxxxxxxx
<mailto:ubuntu-devel-discuss@xxxxxxxxxxxxxxxx>
Architecture: amd64
Multi-Arch: same
Source: openssl
Version: 1.1.1f-1ubuntu2.4
Ok, go to the Ubuntu website and check which OpenSSL bug fixes are
included in Ubuntu OpenSSL 1.1.1f-1ubuntu2.4, or look in the file
/usr/share/doc/libssl1.1/Changelog.Debian.gz
Depends: libc6 (>= 2.25), debconf (>= 0.5) | debconf-2.0
Breaks: isync (<< 1.3.0-2), lighttpd (<< 1.4.49-2), python-boto (<<
2.44.0-1.1), python-httplib2 (<< 0.11.3-1), python-imaplib2 (<< 2.57-5),
python3-boto (<< 2.44.0-1.1), python3-imaplib2 (<< 2.57-5)
Description: Secure Sockets Layer toolkit - shared libraries
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It provides the libssl and libcrypto shared libraries.
Homepage: https://www.openssl.org/
Original-Maintainer: Debian OpenSSL Team
pkg-openssl-devel@xxxxxxxxxxxxxxxxxxxxxxx
<mailto:pkg-openssl-devel@xxxxxxxxxxxxxxxxxxxxxxx>
$ dpkg --status libssl-dev
sudo dpkg --status libssl-dev
This shouldn't require root privileges, at least on Debian (Ubuntu is a
heavily modified Debian).
dpkg-query: package 'libssl-dev' is not installed and no information is
available
Use dpkg --info (= dpkg-deb --info) to examine archive files.
Ok, this confirms that you have not installed the OpenSSL development
files from Ubuntu.
$ dpkg --status openssl
sudo dpkg --status openssl
This shouldn't require root privileges, at least on Debian (Ubuntu is a
heavily modified Debian).
Package: openssl
Status: install ok installed
Priority: optional
Section: utils
Installed-Size: 1257
Maintainer: Ubuntu Developers ubuntu-devel-discuss@xxxxxxxxxxxxxxxx
<mailto:ubuntu-devel-discuss@xxxxxxxxxxxxxxxx>
Architecture: amd64
Multi-Arch: foreign
Version: 1.1.1f-1ubuntu2.4
Depends: libc6 (>= 2.15), libssl1.1 (>= 1.1.1)
Suggests: ca-certificates
Conffiles:
/etc/ssl/openssl.cnf fb92a2dab53f11f4f5f22adc5257b553
Description: Secure Sockets Layer toolkit - cryptographic utility
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains the general-purpose command line binary /usr/bin/openssl,
useful for cryptographic operations such as:
* creating RSA, DH, and DSA key parameters;
* creating X.509 certificates, CSRs, and CRLs;
* calculating message digests;
* encrypting and decrypting with ciphers;
* testing SSL/TLS clients and servers;
* handling S/MIME signed or encrypted mail.
Homepage: https://www.openssl.org/
Original-Maintainer: Debian OpenSSL Team
pkg-openssl-devel@xxxxxxxxxxxxxxxxxxxxxxx
<mailto:pkg-openssl-devel@xxxxxxxxxxxxxxxxxxxxxxx>
Ok, go to the Ubuntu website and check which OpenSSL bug fixes are
included in Ubuntu OpenSSL 1.1.1f-1ubuntu2.4, or look in the file
/usr/share/doc/openssl/Changelog.Debian.gz
$ type openssl
openssl is hashed (/usr/local/ssl/bin/openssl)
Ok, this shows that your locally built OpenSSL is still there under
/usr/local/...
$ openssl version -a
OpenSSL 1.1.1k 25 Mar 2021
built on: Thu May 20 12:00:48 2021 UTC
platform: linux-x86_64
options: bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr)
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3
-DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM
-DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM
-DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/ssl/lib/engines-1.1"
Seeding source: os-specific
michael@ubuntuwpmm1tb:~$
$ ls -alF /usr/lib/x86_64-linux-gnu/libssl*
-rw-r--r-- 1 root root 598104 Apr 27 20:37 /usr/lib/x86_64-linux-gnu/libssl.so.1.1
This shows that the Ubuntu installed OpenSSL was built by Ubuntu on the
most recent April 27 (2021-04-27) at 20:37 your timezone.
michael@ubuntuwpmm1tb:~$
$ ls -alF /usr/locallib/libssl*
ls -alF /usr/locallib/libssl*
ls: cannot access '/usr/locallib/libssl*': No such file or directory
$ ls -alF /usr/local/bin/openssl
ls -alF /usr/local/bin/openssl
ls: cannot access '/usr/local/bin/openssl': No such file or directory
$ /usr/local/bin/openssl version -a
/usr/local/bin/openssl version -a
-bash: /usr/local/bin/openssl: No such file or directory
*From:*openssl-users <openssl-users-bounces@xxxxxxxxxxx> *On Behalf Of
*Jakob Bohm via openssl-users
*Sent:* Friday, May 21, 2021 10:03 AM
*To:* openssl-users@xxxxxxxxxxx
*Subject:* Re: I installed Openssl 1.1.1k and Ubuntu 20.04 did an
upgrade and reverted it back to 1.1.1f. Usually Ubuntu upgrades don’t
break it.
On 2021-05-19 19:56, Michael McKenney wrote:
I installed Openssl 1.1.1k and Ubuntu 20.04 did an upgrade and
reverted it back to 1.1.1f. Usually Ubuntu upgrades don’t break it.
OpenSSL 1.1.1f 31 Mar 2020 (Library: OpenSSL 1.1.1k 25 Mar 2021)
built on: Thu Apr 29 14:11:04 2021 UTC
platform: linux-x86_64
options: bn(64,64) rc4(16x,int) des(int) blowfish(ptr)
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3
-DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM
-DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM
-DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB
-DNDEBUG
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/ssl/lib/engines-1.1"
Seeding source: os-specific
How do I change it back to 1.1.1k? I tried a reinstall. Didn’t work.
This is the directions I use to install
sudo apt-get update && sudo apt-get upgrade
openssl version -a
sudo apt install build-essential checkinstall zlib1g-dev -y
cd /usr/local/src/
sudo wget https://www.openssl.org/source/openssl-1.1.1k.tar.gz
sudo tar -xf openssl-1.1.1k.tar.gz
cd openssl-1.1.1k
sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl
shared zlib
sudo make
sudo make test
sudo make install
cd /etc/ld.so.conf.d/
sudo vim openssl-1.1.1k.conf
add /usr/local/ssl/lib
sudo ldconfig -v
sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup
sudo mv /usr/bin/openssl /usr/bin/openssl.backup
sudo vim /etc/environment
add
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
:/usr/local/games:/usr/local/ssl/bin"
source /etc/environment
echo $PATH
which openssl
openssl version -a
Sorry, but you did not state what command and output indicates
that Ubuntu undid your upgrade, what is the output of each of
the following diagnostic commands (after Ubuntu apparently
undid your upgrade).
$ dpkg --status libssl1.1
$ dpkg --status libssl-dev
$ dpkg --status openssl
$ type openssl
$ openssl version -a
$ ls -alF /usr/lib/x86_64-linux-gnu/libssl*
$ ls -alF /usr/locallib/libssl*
$ ls -alF /usr/local/bin/openssl
$ /usr/local/bin/openssl version -a
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
