Hello people,

The portable branch of OpenSMTPD should build with OpenSSL again as long
as your system is using >= 1.1.x

Last month I committed a few things to LibreSSL which allowed me to make
changes to OpenSMTPD in order to have the same code build for either one
of LibreSSL and OpenSSL.

Note that LibreSSL is my target, OpenSSL is only supported as long as it
doesn't get in my way and make the code full of ifdefs. I think we'll be
fine for the years to come as we don't bring new TLS features every four
days but my goal is still to move towards libtls then write a standalone
libtls wrapper for OpenSSL.

Now a few things:

1- This needs testing as I'm not sure I got the autoconf layer right for
   all combinations of LibreSSL/OpenSSL, systems with base arc4random(),

2- It's currently impossible to write an ECDSA privsep crypto engine for
   both LibreSSL and OpenSSL with same code as far as I know. I will get
   into this when time allows but until then ECDSA server certificate is
   only supported with LibreSSL.

OpenSMTPD portable has been built and tested with Ubuntu only, please do
provide feedback !

Gilles Chehade                                                 @poolpOrg

https://www.poolp.org            patreon: https://www.patreon.com/gilles

You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Reply via email to