Right. Only 4.0.5 supports the new SSL options.
I think you are outta luck. This is going to be one of this
"can't have your cake and eat it, too" situations. Your choices:
old openssl (without default behavior changes) and 4.0.4 qpopper:
* security problem with openssl
new openssl and 4.0.4:
* Eudora clients can't get mail (at least mine couldn't)
new openssl and 4.0.5p1
* works, but you are into beta software
Your call.
Brian
======================================================================
On Wed, Sep 11, 2002 at 03:08:32PM -0500, Scott Johnson wrote:
> I'm trying to stay away from beta-level software at my
> installation. Here's what I'm running:
>
> OS: FreeBSD 4.5
> OpenSSL: 0.9.6g
> qpopper: 4.0.4
> Eudora: 5.1.1
>
> I haven't tried connecting to qpopper via SSL with other clients because I
> quite frankly haven't found any other POP3 clients that I can stand to use.
>
> The tls-options setting that Brian mentioned below definitely doesn't work
> with 4.0.4:
>
> Unrecognized option; scanning "tls-options" at line 9 of config file
> /etc/popper.conf
>
> So does qpopper just not work with the more recent versions of OpenSSL?
>
> -Scott
>
>
> At 02:42 PM 9/11/2002, you wrote:
> > Which clients are causing this problem for everyone?
> >
> > I only had it with Eudora 5.1.1 (the latest available) only
> >when I upgraded to OpenSSL 0.97-beta3 - Outlook, Outlook Express,
> >Netscape, and Opera didn't generate that message.
> >
> > Getting 4.0.5b1 and setting SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
> >fixed it.
> >
> >OS: SunOS 5.8/sparc
> >OpenSSL: 0.97-beta3
> >qpopper: 4.0.5b1
> >
> ># SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
> >set tls-options=0x00000800
> >
> > Setting this setting doesn't seem desirable in the long run
> >(why else would it not be default behavior?) - hopefully a newer
> >release of Eudora will address this.
> >
> > I am guessing that OpenSSL 0.96g may be causing the same problem
> >for everyone that is using it.
> >
> > I did not need to set the more sweeping tls-workarounds setting.
> >
> >Brian
> >======================================================================
> >On Wed, Sep 11, 2002 at 01:08:50PM -0500, Scott Johnson wrote:
> >> At 04:42 AM 9/11/2002, you wrote:
> >> >At 10:08 PM 9/10/02 -0700, Chuck Yerkes wrote:
> >> >>Start with "ldd qpopper"
> >> >>
> >> >>see which libraries it's using, which .h files the build
> >> >>is hitting.
> >> >>
> >> >>You might get adventurous on your build machine and gzip
> >> >>the appropriate .h files in /usr/include/ and maybe the libssl.*
> >> >>stuff. Just to be sure your build isn't using it.
> >> >>
> >> >>Force it to link static (CFLAGS+=-static) so you don't
> >> >>catch the wrong static libssl.so
> >> >
> >> >Chuck! Chuck!
> >> >
> >> >I think you may have found it! Under FreeBSD it seems to be utilizing
> >the
> >> >wrong libraries!
> >> >
> >> >I recompiled and tweaked the library loc settings and I think I got it
> >> >working! Give me a few days to play with it to make sure I'm right, but
> >> >you pointed me in the right direction! I think we may have figured out
> >> >what the FreeBSD problem is.
> >> >
> >> >Thanks very much!!
> >>
> >>
> >> I finally got qpopper to build on FreeBSD last night after cleaning out
> >> more libraries. It seems that a stale libcrypto was the cause this
> >> time. I still get an error when trying to connect to qpopper via
> >SSL/TLS,
> >> however:
> >>
> >> Possible probe of account xxxxxxxx
> >>
> >> I think I'm just going to need to go through and remove more old headers
> >> and libraries, but I'm going to make this work one way or another.
> >>
> >> -Scott
> >
> >--
> > _____________________________________________________________________
> > / Brian C. Hill [EMAIL PROTECTED] http://brian.bch.net \
> > | Unix Specialist BCH Technical Services http://www.bch.net |
--
_____________________________________________________________________
/ Brian C. Hill [EMAIL PROTECTED] http://brian.bch.net \
| Unix Specialist BCH Technical Services http://www.bch.net |
