Thank you. Sent from ProtonMail Mobile
On Wed, Nov 2, 2016 at 12:22 PM, Michael A. Peters <'mpet...@domblogger.net'> wrote: Standard way to fix it (on the LibreSSL page) is to check for LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think catches them all where needed. Note the word think. It certainly appears to be working anyway with it. On 11/02/2016 04:07 AM, Aki Tuomi wrote: > After doing some testing by myself, I noticed that libressl, for some > unknown reason, defines > > #define OPENSSL_VERSION_NUMBER 0x20000000L > > No idea why they decided to advertise that they are OpenSSL v2.0.0. A > local fix, if you need one, is to use > > #if OPENSSL_VERSION_NUMBER == 0x20000000L > #define OPENSSL_VERSION_NUMBER 0x1000100L > #endif > > in dcrypt-openssl.c after includes. > > Aki > > > On 02.11.2016 12:39, Aki Tuomi wrote: >> Hi! >> >> Those are used if >> >> #if OPENSSL_VERSION_NUMBER >= 0x10100000L >> >> So (your) libressl is providing this define. We compile our code using >> GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently >> officially supported one. >> >> Aki >> >> >> On 02.11.2016 12:34, Ruga wrote: >>> dovecot 2.2.26.0 uses the following functions, which are not >>> available on libressl 2.4.3: >>> >>> HMAC_CTX_new >>> HMAC_CTX_free >>> EVP_PKEY_get0_EC_KEY >>> EVP_PKEY_get0_RSA >>> OBJ_length >>> EVP_MD_CTX_new >>> EVP_MD_CTX_free >>> >>> The result of calling a non-existent function is a runtime error, >>> and we do not want that on production servers. >>> >>> >>> >>> >>> >>> >>> >>> There are additional problems. I recommend compiling with clang-llvm >>> 3.9.0 >>> to see them all. >>> >>> >>> >>> >>> >>> >>> >>> -------- Original Message -------- >>> Subject: Re: v2.2.26.0 released >>> Local Time: 1 November 2016 7:30 PM >>> UTC Time: 1 November 2016 18:30 >>> From: aki.tu...@dovecot.fi >>> To: Dovecot Mailing List <dovecot@dovecot.org>, Ruga >>> <r...@protonmail.com> >>> >>> OpenSSL v1.0.1 is enough. >>> >>> Aki >>> >>>> On November 1, 2016 at 7:46 PM Ruga <r...@protonmail.com> wrote: >>>> >>>> >>>> Hello, >>>> >>>> We cannot upgrade from 2.2.24, because we use libressl and the newer >>>> dovecot versions demand openssl v1.1. >>>> >>>> Please add the new library requirement to the INSTALL file. >>>> >>>> All the best. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> -------- Original Message -------- >>>> Subject: v2.2.26.0 released >>>> Local Time: 28 October 2016 6:51 PM >>>> UTC Time: 28 October 2016 16:51 >>>> From: t...@iki.fi >>>> To: dovecot-n...@dovecot.org, Dovecot Mailing List >>>> <dovecot@dovecot.org> >>>> >>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz >>>> http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig >>>> >>>> v2.2.26 had a couple of nasty bugs left in it, so here's a fixup >>>> release. The version number is also a little bit weird, but had to >>>> be done this way (although 2.2.26.0.1 could have been another >>>> possibility). >>>> >>>> - Fixed some compiling issues. >>>> - auth: Fixed assert-crash when using NTLM or SKEY mechanisms and >>>> multiple passdbs. >>>> - auth: Fixed crash when exporting to auth-worker passdb extra fields >>>> that had empty values. >>>> - dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit
