Timo Sirainen kirjutas:
CPPFLAGS=-I/usr/local/ssl/include/openssl
Try -I/usr/local/ssl/include
Well, Timo - You did it again, small thing, but nobody, except You noticed.
With:
export CPPFLAGS
export LDFLAGS
CPPFLAGS=-I/usr/local/ssl/include
LDFLAGS=-L/usr/local/ssl/lib
1.2.16 from original
On 3.12.2010, at 9.04, Mart Pirita wrote:
> CPPFLAGS=-I/usr/local/ssl/include/openssl
Try -I/usr/local/ssl/include
Timo Sirainen kirjutas:
Still, it's increasingly looking like some kind of conflict between two OpenSSL
versions and really nothing to do with Dovecot itself. Can't you just upgrade
to a non-ancient OS with a newer OpenSSL?
Actually this OS is quite a lot manually updated and so far all works
On 4.12.2010, at 8.37, Mart Pirita wrote:
> Timo Sirainen kirjutas:
>>
>> Or there are some other parameters that conflict with it. Show the gcc
>> command line when compiling ssl-proxy-openssl.c and when linking
>> imap-login binary? If there is -I/usr/include that could explain it..
>
> Can't
Timo Sirainen kirjutas:
Or there are some other parameters that conflict with it. Show the gcc
command line when compiling ssl-proxy-openssl.c and when linking
imap-login binary? If there is -I/usr/include that could explain it..
Can't find anything:
[m...@tibu dovecot-1.2.16]# grep imap-logi
On Fri, 2010-12-03 at 20:38 +0200, Mart Pirita wrote:
> Timo Sirainen kirjutas:
> >
> > This looks messed up. Some part of OpenSSL is from 0.9.6b and some part
> > is from 0.9.8l.
>
> Noticed too, seems dovecot doesn't fully trust export CPPFLAGS/LDFLAGS
> paths?
Or there are some other paramete
Timo Sirainen kirjutas:
This looks messed up. Some part of OpenSSL is from 0.9.6b and some part
is from 0.9.8l.
Noticed too, seems dovecot doesn't fully trust export CPPFLAGS/LDFLAGS
paths?
BTW, why dovecot uses "export CPPFLAGS/LDFLAGS" and not typical
--with-ssl=/usr/local/ssl etc style
On Fri, 2010-12-03 at 19:35 +0200, Mart Pirita wrote:
> > strings imap-login | grep OpenSSL
>
> [m...@tibu imap-login]# strings imap-login | grep OpenSSL
> OpenSSL 0.9.6b [engine] 9 Jul 2001
> OpenSSL malloc() failed. You may need to increase login_process_size
> TLSv1 part of OpenSSL 0.9.8l 5 Nov
Timo Sirainen kirjutas:
Here's a way to find out for sure. Apply the attached patch, compile and check
the resulting imap-login binary:
Done:
strings imap-login | grep OpenSSL
[m...@tibu imap-login]# strings imap-login | grep OpenSSL
OpenSSL 0.9.6b [engine] 9 Jul 2001
OpenSSL malloc() fai
On 3.12.2010, at 16.59, Mart Pirita wrote:
> Tom Talpey kirjutas:
>>
>> I assume that you re-ran configure in dovecot-1.2.16 and verified that
>> it actually picked up the openssl libs from /usr/local afterwards?
>> Beyond that, I guess I don't have a further suggestion.
> Yes, I did it multile t
Tom Talpey kirjutas:
I assume that you re-ran configure in dovecot-1.2.16 and verified that
it actually picked up the openssl libs from /usr/local afterwards?
Beyond that, I guess I don't have a further suggestion.
Yes, I did it multile times, and config.log seems also OK, so I also
have no clu
On 12/3/2010 11:23 AM, Mart Pirita wrote:
Tom Talpey kirjutas:
I built 1.2.16 against openssl-0.9.8p just last week; it linked
and is running fine for me. Have you tried any version after 0.9.8l?
Tested with openssl-0.9.8m, 0.9.8q, 1.0.0a, 1.0.0c, config options are
simple:
./config --prefix
Timo Sirainen kirjutas:
The only change to SSL code I've done for almost a year has been adding that
OpenSSL_add_all_algorithms() call, because without it some other OpenSSL
installations failed.
Hmm, but if I'm comping Dovecot with special made OpenSSL, then if even
RedHat -s old OpenSSL is
Mart Pirita kirjutas:
./config --prefix=/usr/local/openssl &&
make &&
make install
And linked in spec:
export CPPFLAGS
export LDFLAGS
CPPFLAGS=-I/usr/local/ssl/include/openssl
LDFLAGS=-L/usr/local/ssl/lib
Las message included typo, the real path is /usr/local/ssl, so this is
not an issue:)
David Ford kirjutas:
openssl < 0.9.8o and <1.0.0b are vulnerable to exploits.
Yes I know, but ANY software is good until someone finds a bug in it.
Theoretically some may trying exploit it, but I'm pretty sure there are
a lot more interesting places to do that:).
--
Mart
On 3.12.2010, at 16.23, Mart Pirita wrote:
> I can test more versions, but first I'd like to know did Timo changed
> something in code, as it compiles fine, but fails to run.
The only change to SSL code I've done for almost a year has been adding that
OpenSSL_add_all_algorithms() call, because
Tom Talpey kirjutas:
I built 1.2.16 against openssl-0.9.8p just last week; it linked
and is running fine for me. Have you tried any version after 0.9.8l?
Tested with openssl-0.9.8m, 0.9.8q, 1.0.0a, 1.0.0c, config options are
simple:
./config --prefix=/usr/local/openssl &&
make &&
make insta
On 12/3/2010 10:55 AM, Mart Pirita wrote:
Timo Sirainen kirjutas:
I wonder if this is the reason for all your trouble.. Are there some
old OpenSSL versions still installed? Maybe it's mixing headers of old
OpenSSL with libs of new, or vice versa.
...
The last good OpenSSL is openssl-0.9.8l.
openssl < 0.9.8o and <1.0.0b are vulnerable to exploits.
-david
On 12/03/10 10:55, Mart Pirita wrote:
[...]
The last good OpenSSL is openssl-0.9.8l.tar.gz , 1.2.15 compiles and
runs fine, however 1.2.16 compiling still fails:
Timo Sirainen kirjutas:
I wonder if this is the reason for all your trouble.. Are there some old
OpenSSL versions still installed? Maybe it's mixing headers of old OpenSSL with
libs of new, or vice versa.
I did some tests, dovecot 1.2.15 compiles fine withh latest OpenSSL, but
doesn't allo
Timo Sirainen kirjutas:
I wonder if this is the reason for all your trouble.. Are there some old
OpenSSL versions still installed? Maybe it's mixing headers of old OpenSSL with
libs of new, or vice versa.
Yes. But strange, why until 1.2.16 all went fine? I'll try to compile
older SSL, maybe
On 3.12.2010, at 9.04, Mart Pirita wrote:
> Timo Sirainen kirjutas:
>>> RedHat 9 based distro, 2.6.24.2 kernel, OpenSSL 1.0.0a 1 Jun 2010
>> Hmm. v1.0.0a, really?..
>
> Yes - compiled manually from openssl-1.0.0a.tar.gz
I wonder if this is the reason for all your trouble.. Are there some old
Op
Timo Sirainen kirjutas:
/usr/src/redhat/BUILD/dovecot-1.2.16/src/login-common/ssl-proxy-openssl.c:950:
undefined reference to `OpenSSL_add_all_algorithms'
I just hate OpenSSL. You can comment out that line from the code until I figure
out what to do about this. That function was supposed to h
Timo Sirainen kirjutas:
/usr/src/redhat/BUILD/dovecot-1.2.16/src/login-common/ssl-proxy-openssl.c:950:
undefined reference to `OpenSSL_add_all_algorithms'
I just hate OpenSSL. You can comment out that line from the code until I figure
out what to do about this. That function was supposed to h
Timo Sirainen kirjutas:
RedHat 9 based distro, 2.6.24.2 kernel, OpenSSL 1.0.0a 1 Jun 2010
Hmm. v1.0.0a, really?..
Yes - compiled manually from openssl-1.0.0a.tar.gz and I'm pointing in
dovecot.spec dovecot to use it:
export CPPFLAGS
export LDFLAGS
CPPFLAGS=-I/usr/local/ssl/include/openssl
On 3.12.2010, at 8.36, Mart Pirita wrote:
> RedHat 9 based distro, 2.6.24.2 kernel, OpenSSL 1.0.0a 1 Jun 2010
Hmm. v1.0.0a, really?..
> /usr/src/redhat/BUILD/dovecot-1.2.16/src/login-common/ssl-proxy-openssl.c:950:
> undefined reference to `OpenSSL_add_all_algorithms'
I just hate OpenSSL. You
26 matches
Mail list logo
