On Wed, Aug 28, 2019 at 10:55:05AM +0300, Reio Remma wrote:
> On 28/08/2019 10:44, gil...@poolp.org wrote:
> > 28 ao??t 2019 00:00 "Reio Remma" <r...@mrstuudio.ee> a ??crit:
> > 
> > > On 27.08.2019 21:25, Richard Narron wrote:
> > > 
> > > > The OpenSMTPD portable version from 
> > > > https://github.com/OpenSMTPD/OpenSMTPD
> > > > works fine on Slackware64 current with OpenSSL 1.1.1c and gcc 9.2
> > > > It took me a while to get it to work though.
> > > > I first downloaded the "current" portable version from
> > > > https://opensmtpd.org/archives/opensmtpd-6.4.2p1.tar.gz
> > > > And I got errors very similar to those of Denis Fateyev on Fedora 30.
> > > > Next I downloaded the portable version from github.com
> > > > and found that autoconf had not been run and this was no good.
> > > > Finally I discovered the post on the mailing list which mentioned the
> > > > "bootstrap" script and then I was able to download and build the 
> > > > portable
> > > > version from git.
> > > > The code shows version "6.6.0-portable".
> > > > It runs fine on Slackware64 current and I'm happy that it now works with
> > > > OpenSSL 1.1
> > > > Regards,
> > > > Richard Narron
> > > Your success pushed me to try 6.6.0 on CentOS 7 with OpenSSL 1.1.1c.
> > > 
> > > Can anyone tell me if changing to -lcrypto -lssl to -l:libssl.a 
> > > -l:libcrypto.a is the correct way
> > > to get OpenSSL 1.1.1c statically compiled into OpenSMTPD? I ended up 
> > > using these (and -pthreads
> > > -ldl) and managed to build an RPM based on 6.0.3 RPM from CentOS 7.
> > > 
> > I don't know about the -l:lib notation sorry
> > 
> > Out of curiosity, why would you want ssl statically compiled into OpenSMTPD 
> > ?
> > This means that when an issue hits OpenSSL, updating OpenSSL and restarting 
> > the daemon will not be
> > enough to be back on track.
> > 
> > In addition, I'm not sure why you need -pthreads because OpenSMTPD is not 
> > multi-threaded.
> 
> Hello!
> 
> CentOS 7 has OpenSSL 1.0.2k as the max version and with OpenSSL 1.1.1c
> compiled into OpenSMTPD I can run the new OpenSMTPD version on a machine
> with CentOS 7's old OpenSSL version.
> 
> I had to add -pthreads and -ldl to pass 'make' with the static OpenSSL
> libraries. Without these I ran into errors hinting at threads and dl.
> 
> I'm a little wary of just forcibly replacing the whole OpenSSL 1.0.2k on a
> production machine. :)
> 

Understood !

OpenSSL 1.0.x is going to be supported until 2019-12-31 so this will get
solved by itself soon ;-)

-- 
Gilles Chehade                                                 @poolpOrg

https://www.poolp.org            patreon: https://www.patreon.com/gilles

Reply via email to