Hello
On Thu, Mar 18, 2021 at 11:03:00PM +0100, Oswald Buddenhagen wrote: > On Thu, Mar 18, 2021 at 09:09:53PM +0100, Joel Granados wrote: > > I indeed went back to my original comment and restarted from there. I > > notcied that there is a link that is created when openssl is installed > > in debian bullseye /lib/ssl/openssl.cnf -> /etc/ssl/openssl.cnf. > > > fwiw, it's /usr/lib/ssl/openssl.cnf. nope, on my system it is /lib/ssl/openssl.cnf. and I cannot find what package installed it: # apt-file search openssl.cnf dovecot-core: /usr/share/dovecot/dovecot-openssl.cnf ftpd-ssl: /etc/ftpd-ssl/openssl.cnf libnode-dev: /usr/include/nodejs/openssl.cnf mariadb-test: /usr/share/mysql/mysql-test/lib/openssl.cnf nodejs: /usr/share/doc/nodejs/openssl.cnf.gz opa-fastfabric: /usr/share/doc/opa-fastfabric/samples/opa_ca_openssl.cnf-sample.gz opa-fastfabric: /usr/share/doc/opa-fastfabric/samples/opa_comp_openssl.cnf-sample opa-fastfabric: /usr/share/opa/samples/opa_ca_openssl.cnf-sample opa-fastfabric: /usr/share/opa/samples/opa_comp_openssl.cnf-sample opa-fm: /usr/share/opa-fm/samples/opa_ca_openssl.cnf-sample opa-fm: /usr/share/opa-fm/samples/opa_comp_openssl.cnf-sample openssl: /etc/ssl/openssl.cnf openssl: /usr/lib/ssl/openssl.cnf openvpn: /usr/share/doc/openvpn/examples/sample-keys/openssl.cnf osptoolkit: /etc/osp/openssl.cnf php-phpseclib: /usr/share/doc/php-phpseclib/examples/openssl.cnf php-seclib: /usr/share/doc/php-seclib/examples/openssl.cnf python-certbot-doc: /usr/share/doc/python3-certbot/examples/openssl.cnf ruby-amqp: /usr/share/doc/ruby-amqp/examples/tls_certificates/testca/openssl.cnf stunnel4: /usr/share/doc/stunnel4/examples/openssl.cnf telnetd-ssl: /etc/telnetd-ssl/openssl.cnf tigervnc-common: /etc/tigervnc/openssl.cnf > > > If I change the name of this link, mbsync (the one installed by debian) > > works again. > > > > I'm not really sure what that means, though. The openssl.cnf is not > > really changed. there is just a new link to it. > > > what that means is that only the file in /usr/lib is read, while the one in > /etc is ignored. you can confirm that with strace. strace confirms only /usr/lib/ssl/openssl.cnf is used and this is true when both when mbsync works (when I remofe /lib/ssl/openssl.cnf) and when it does not. In other words /etc/ssl/openssl.cnf is getting ignored when it works and when it does not work. > > so there are two problems here: > - your openssl.cnf in /etc is somehow causing that weird error, which > deserves investigation I don't think so as both the /usr/lib/ssl/openssl.cnf and /etc/ssl/openssl.cnf are unchanged when mbsync actually works. Note that /usr/lib/ssl/openssl.cnf is a link to /etc/ssl/openssl.cnf > - the debian packaging deserves a bug report - it's insane that installing > an opional package with command line tools changes the behavior of the > underlying library package. Not sure I follow here. what optional package are you talking about? TBH, i'm thinking its just a matter of removing /lib/ssl/* this directory looks very fishy as I cannot find any package that actually installed this. Best
signature.asc
Description: PGP signature
_______________________________________________ isync-devel mailing list isync-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/isync-devel
