Re: OpenSMTPD build on OpenSSL 1.1.x
On 27.08.2019 21:25, Richard Narron wrote: The OpenSMTPD portable version from https://github.com/OpenSMTPD/OpenSMTPD works fine on Slackware64 current with OpenSSL 1.1.1c and gcc 9.2 It took me a while to get it to work though. I first downloaded the "current" portable version from https://opensmtpd.org/archives/opensmtpd-6.4.2p1.tar.gz And I got errors very similar to those of Denis Fateyev on Fedora 30. Next I downloaded the portable version from github.com and found that autoconf had not been run and this was no good. Finally I discovered the post on the mailing list which mentioned the "bootstrap" script and then I was able to download and build the portable version from git. The code shows version "6.6.0-portable". It runs fine on Slackware64 current and I'm happy that it now works with OpenSSL 1.1 Regards, Richard Narron Your success pushed me to try 6.6.0 on CentOS 7 with OpenSSL 1.1.1c. Can anyone tell me if changing to -lcrypto -lssl to -l:libssl.a -l:libcrypto.a is the correct way to get OpenSSL 1.1.1c statically compiled into OpenSMTPD? I ended up using these (and -pthreads -ldl) and managed to build an RPM based on 6.0.3 RPM from CentOS 7. The fresh RPM installed nicely on a clean CentOS 7 with their OpenSSH 1.0.2k and OpenSMTPD started too: Aug 28 00:54:54 localhost smtpd[25943]: info: OpenSMTPD 6.6.0-portable starting Aug 28 00:50:07 localhost smtpd[9338]: cfa3e1042696f77a mta connecting address=smtp://108.177.14.27:25 host=lt-in-f27.1e100.net Aug 28 00:50:07 localhost smtpd[9338]: cfa3e1042696f77a mta connected Aug 28 00:50:07 localhost smtpd[9338]: cfa3e1042696f77a mta tls ciphers=TLSv1.3:TLS_AES_256_GCM_SHA384:256 Aug 28 00:50:07 localhost smtpd[9338]: cfa3e1042696f77a mta server-cert-check result="success" Aug 28 00:50:07 localhost smtpd[9338]: cfa3e1042696f77a mta delivery evpid=953ab16d13e43b2f from= to= rcpt=<-> source="192.168.1.142" relay="108.177.14.27 (lt-in-f27.1e100.net)" delay=3m12 s result="Ok" stat="250 2.0.0 OK 1566942607 w6si428635lfk.121 - gsmtp" More testing will have to wait until tomorrow. :) Good luck, Reio
Re: smtpd / mail.lmtp rewrites from address, breaking lmtp
Hi again Gilles,
> A possible fix to your issue would be to add ' to the allowed charset in
> util.c, can you try and see if it is enough to solve your issue ?
If I read the code correctly, the ' is already allowed. valid_localpart()
inside util.c defines IS_ATEXT macro as below:
#define IS_ATEXT(c) (isalnum((unsigned char)(c)) ||
strchr(MAILADDR_ALLOWED, (c)))
then MAILADDR_ALLOWED is defined inside smtpd.h as:
#define MAILADDR_ALLOWED"!#$%&'*/?^`{|}~+-=_”
therefore it contains the ' character.
Am I looking at the correct place?
Thanks!
Mike
--
Michal Krzysztofowicz
http://beautifulocean.org/
Re: OpenSMTPD build on OpenSSL 1.1.x
The OpenSMTPD portable version from https://github.com/OpenSMTPD/OpenSMTPD works fine on Slackware64 current with OpenSSL 1.1.1c and gcc 9.2 It took me a while to get it to work though. I first downloaded the "current" portable version from https://opensmtpd.org/archives/opensmtpd-6.4.2p1.tar.gz And I got errors very similar to those of Denis Fateyev on Fedora 30. Next I downloaded the portable version from github.com and found that autoconf had not been run and this was no good. Finally I discovered the post on the mailing list which mentioned the "bootstrap" script and then I was able to download and build the portable version from git. The code shows version "6.6.0-portable". It runs fine on Slackware64 current and I'm happy that it now works with OpenSSL 1.1 Regards, Richard Narron
Re: smtpd / mail.lmtp rewrites from address, breaking lmtp
> On 10 Aug 2019, at 16:19, Gilles Chehade wrote: > > On Wed, Jun 26, 2019 at 10:56:50AM +0100, Michal Krzysztofowicz wrote: >> Hi All, >> > > Hi, Hi Gilles, > [...] > Sorry, it took a while to start looking at this. Thanks a lot for getting back on this and sorry for a delayed response - I somehow managed to miss your response! > > We're very close to 6.6 freeze so I'm not comfortable addressing this in > the current timeframe. > > A possible fix to your issue would be to add ' to the allowed charset in > util.c, can you try and see if it is enough to solve your issue ? I’ll try that tonight or tomorrow. I actually have a test plan I can run to replicate this issue, so I’ll be able to confirm if this works. I’ll send an update to the list in the next day or two. Best Regards, Mike -- Michal Krzysztofowicz http://beautifulocean.org/
