Thanks, Brian!!!
On 6/29/2018 1:32 AM, Brian Ghidinelli wrote:
Good news - I seemed to have solved this. It's a combo of these old notes from
2011 and an upgraded openssl:
http://www.ghidinelli.com/2011/10/20/october-qmail-follow-up
I'm attaching my modified qmail-toaster.spec from 1.3.21. I installed
openssl-1.0.2o from source on CentOS 5 and linked:
/usr/include/openssl -> /usr/local/ssl/include/openssl/
Then I rebuilt the RPM:
rpmbuild -bb --target i686 --with cnt50
/usr/src/redhat/SPECS/qmail-toaster.spec
This generated the RPM. I extracted the files:
rpm2cpio qmail-toaster-1.03-1.3.22.i686.rpm | cpio -idmv
I backed up my existing qmail-smtpd and qmail-remote.orig, and copied
the new binaries over (from /usr/src/redhat/RPMS/i686/var/qmail/bin
where cpio extracted them to)
And then tested with checktls.com and everything shows TLS 1.2 now.*whew*
This buys us a little time to complete a migration. Hope this helps someone
else!
Brian
On 6/27/18 09:09, Eric Broch wrote:
Have a look at this thread:
https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg41029.html
IMHO, there were to many packages that were dependent on openssl-9.8
on the CentOS 5 box to make this practical.
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
--
Eric Broch
White Horse Technical Consulting (WHTC)
