Mark Constable writes:
Hi Sam, FWIW Debian "stretch" is currently rebuilding all SSL related packages based on OpenSSL v1.1.0 which will also flow through to Ubuntu packages pretty soon. Perhaps you could provide a tweak to help ondrej build new deb packages, and no doubt this will affect rpm packages too.
Without having openssl 1.1.0 available, I can't really verify this, but try the following. Note that this will require rebuilding libs/tcpd/configure
diff --git a/tcpd/configure.ac b/tcpd/configure.ac
index 447ba72..e3c25b1 100644
--- a/tcpd/configure.ac
+++ b/tcpd/configure.ac
@@ -286,6 +286,7 @@ AC_MSG_RESULT($spipe)
AC_CHECK_HEADER(openssl/ssl.h,have_ssl_h=yes,have_ssl_h=no)
AC_CHECK_LIB(ssl, SSL_load_error_strings, have_ssl=yes, have_ssl=no,
-lcrypto)
+AC_CHECK_LIB(ssl, OPENSSL_cleanup,have_ssl=yes)
if test "$have_ssl" = "yes"
then
diff --git a/tcpd/libcouriertls.c b/tcpd/libcouriertls.c
index 81ef3e2..0c091ba 100644
--- a/tcpd/libcouriertls.c
+++ b/tcpd/libcouriertls.c
@@ -608,8 +608,10 @@ SSL_CTX *tls_create_int(int isserver, const struct
tls_info *info,
if (first)
{
first=0;
+#if OPENSSL_API_COMPAT < 0x10100000L
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
+#endif
while (RAND_status() != 1)
{
pgpyMn5sxCpfS.pgp
Description: PGP signature
------------------------------------------------------------------------------ Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San Francisco, CA to explore cutting-edge tech and listen to tech luminaries present their vision of the future. This family event has something for everyone, including kids. Get more information and register today. http://sdm.link/attshape
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
