Finally, I feel like I'm getting somewhere here. What changed in openssl that broke 4.0.4 w/Eudora?
-Scott At 03:14 PM 9/11/2002, Brian C. Hill wrote: > Right. Only 4.0.5 supports the new SSL options. > > I think you are outta luck. This is going to be one of this >"can't have your cake and eat it, too" situations. Your choices: > > old openssl (without default behavior changes) and 4.0.4 qpopper: > > * security problem with openssl > > new openssl and 4.0.4: > > * Eudora clients can't get mail (at least mine couldn't) > > new openssl and 4.0.5p1 > > * works, but you are into beta software > > Your call. > >Brian >====================================================================== >On Wed, Sep 11, 2002 at 03:08:32PM -0500, Scott Johnson wrote: > > I'm trying to stay away from beta-level software at my > > installation. Here's what I'm running: > > > > OS: FreeBSD 4.5 > > OpenSSL: 0.9.6g > > qpopper: 4.0.4 > > Eudora: 5.1.1 > > > > I haven't tried connecting to qpopper via SSL with other clients because I > > quite frankly haven't found any other POP3 clients that I can stand to use. > > > > The tls-options setting that Brian mentioned below definitely doesn't work > > with 4.0.4: > > > > Unrecognized option; scanning "tls-options" at line 9 of config file > > /etc/popper.conf > > > > So does qpopper just not work with the more recent versions of OpenSSL? > > > > -Scott > > > > > > At 02:42 PM 9/11/2002, you wrote: > > > Which clients are causing this problem for everyone? > > > > > > I only had it with Eudora 5.1.1 (the latest available) only > > >when I upgraded to OpenSSL 0.97-beta3 - Outlook, Outlook Express, > > >Netscape, and Opera didn't generate that message. > > > > > > Getting 4.0.5b1 and setting SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS > > >fixed it. > > > > > >OS: SunOS 5.8/sparc > > >OpenSSL: 0.97-beta3 > > >qpopper: 4.0.5b1 > > > > > ># SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS > > >set tls-options=0x00000800 > > > > > > Setting this setting doesn't seem desirable in the long run > > >(why else would it not be default behavior?) - hopefully a newer > > >release of Eudora will address this. > > > > > > I am guessing that OpenSSL 0.96g may be causing the same problem > > >for everyone that is using it. > > > > > > I did not need to set the more sweeping tls-workarounds setting. > > > > > >Brian > > >====================================================================== > > >On Wed, Sep 11, 2002 at 01:08:50PM -0500, Scott Johnson wrote: > > >> At 04:42 AM 9/11/2002, you wrote: > > >> >At 10:08 PM 9/10/02 -0700, Chuck Yerkes wrote: > > >> >>Start with "ldd qpopper" > > >> >> > > >> >>see which libraries it's using, which .h files the build > > >> >>is hitting. > > >> >> > > >> >>You might get adventurous on your build machine and gzip > > >> >>the appropriate .h files in /usr/include/ and maybe the libssl.* > > >> >>stuff. Just to be sure your build isn't using it. > > >> >> > > >> >>Force it to link static (CFLAGS+=-static) so you don't > > >> >>catch the wrong static libssl.so > > >> > > > >> >Chuck! Chuck! > > >> > > > >> >I think you may have found it! Under FreeBSD it seems to be utilizing > > >the > > >> >wrong libraries! > > >> > > > >> >I recompiled and tweaked the library loc settings and I think I got it > > >> >working! Give me a few days to play with it to make sure I'm right, but > > >> >you pointed me in the right direction! I think we may have figured out > > >> >what the FreeBSD problem is. > > >> > > > >> >Thanks very much!! > > >> > > >> > > >> I finally got qpopper to build on FreeBSD last night after cleaning out > > >> more libraries. It seems that a stale libcrypto was the cause this > > >> time. I still get an error when trying to connect to qpopper via > > >SSL/TLS, > > >> however: > > >> > > >> Possible probe of account xxxxxxxx > > >> > > >> I think I'm just going to need to go through and remove more old headers > > >> and libraries, but I'm going to make this work one way or another. > > >> > > >> -Scott > > > > > >-- > > > _____________________________________________________________________ > > > / Brian C. Hill [EMAIL PROTECTED] http://brian.bch.net \ > > > | Unix Specialist BCH Technical Services http://www.bch.net | > >-- > _____________________________________________________________________ > / Brian C. Hill [EMAIL PROTECTED] http://brian.bch.net \ > | Unix Specialist BCH Technical Services http://www.bch.net |
