Re: v2.2.26.0 released

Wed, 02 Nov 2016 04:08:05 -0700

After doing some testing by myself, I noticed that libressl, for some unknown reason, defines 

#define OPENSSL_VERSION_NUMBER    0x20000000L
No idea why they decided to advertise that they are OpenSSL v2.0.0. A local fix, if you need one, is to use 

#if OPENSSL_VERSION_NUMBER == 0x20000000L
#define OPENSSL_VERSION_NUMBER 0x1000100L
#endif

in dcrypt-openssl.c after includes.

Aki


On 02.11.2016 12:39, Aki Tuomi wrote:

Hi!

Those are used if

#if OPENSSL_VERSION_NUMBER >= 0x10100000L
So (your) libressl is providing this define. We compile our code using GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently officially supported one. 

Aki


On 02.11.2016 12:34, Ruga wrote:
dovecot 2.2.26.0 uses the following functions, which are not available on libressl 2.4.3: 

HMAC_CTX_new
HMAC_CTX_free
EVP_PKEY_get0_EC_KEY
EVP_PKEY_get0_RSA
OBJ_length
EVP_MD_CTX_new
EVP_MD_CTX_free

The result of calling a non-existent function is a runtime error,
and we do not want that on production servers.
There are additional problems. I recommend compiling with clang-llvm 3.9.0 
to see them all.







-------- Original Message --------
Subject: Re: v2.2.26.0 released
Local Time: 1 November 2016 7:30 PM
UTC Time: 1 November 2016 18:30
From: aki.tu...@dovecot.fi
To: Dovecot Mailing List <dovecot@dovecot.org>, Ruga <r...@protonmail.com> 

OpenSSL v1.0.1 is enough.

Aki


On November 1, 2016 at 7:46 PM Ruga <r...@protonmail.com> wrote:


Hello,

We cannot upgrade from 2.2.24, because we use libressl and the newer
dovecot versions demand openssl v1.1.

Please add the new library requirement to the INSTALL file.

All the best.









-------- Original Message --------
Subject: v2.2.26.0 released
Local Time: 28 October 2016 6:51 PM
UTC Time: 28 October 2016 16:51
From: t...@iki.fi
To: dovecot-n...@dovecot.org, Dovecot Mailing List <dovecot@dovecot.org> 

http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz
http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig
v2.2.26 had a couple of nasty bugs left in it, so here's a fixup release. The version number is also a little bit weird, but had to be done this way (although 2.2.26.0.1 could have been another possibility). 

- Fixed some compiling issues.
- auth: Fixed assert-crash when using NTLM or SKEY mechanisms and
multiple passdbs.
- auth: Fixed crash when exporting to auth-worker passdb extra fields
that had empty values.
- dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit

Reply via email to