Mark Constable writes:
Hi Sam, FWIW Debian "stretch" is currently rebuilding all SSL related packages based on OpenSSL v1.1.0 which will also flow through to Ubuntu packages pretty soon. Perhaps you could provide a tweak to help ondrej build new deb packages, and no doubt this will affect rpm packages too.
Without having openssl 1.1.0 available, I can't really verify this, but try the following. Note that this will require rebuilding libs/tcpd/configure
diff --git a/tcpd/configure.ac b/tcpd/configure.ac index 447ba72..e3c25b1 100644 --- a/tcpd/configure.ac +++ b/tcpd/configure.ac @@ -286,6 +286,7 @@ AC_MSG_RESULT($spipe) AC_CHECK_HEADER(openssl/ssl.h,have_ssl_h=yes,have_ssl_h=no) AC_CHECK_LIB(ssl, SSL_load_error_strings, have_ssl=yes, have_ssl=no, -lcrypto) +AC_CHECK_LIB(ssl, OPENSSL_cleanup,have_ssl=yes) if test "$have_ssl" = "yes" then diff --git a/tcpd/libcouriertls.c b/tcpd/libcouriertls.c index 81ef3e2..0c091ba 100644 --- a/tcpd/libcouriertls.c +++ b/tcpd/libcouriertls.c @@ -608,8 +608,10 @@ SSL_CTX *tls_create_int(int isserver, const struct tls_info *info, if (first) { first=0; +#if OPENSSL_API_COMPAT < 0x10100000L SSL_load_error_strings(); SSLeay_add_ssl_algorithms(); +#endif while (RAND_status() != 1) {
pgpyMn5sxCpfS.pgp
Description: PGP signature
------------------------------------------------------------------------------ Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San Francisco, CA to explore cutting-edge tech and listen to tech luminaries present their vision of the future. This family event has something for everyone, including kids. Get more information and register today. http://sdm.link/attshape
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users