Am 04.04.2010, 17:39 Uhr, schrieb Sjoerd Simons:
Package: fetchmail
Version: 6.3.15-1
Severity: important
Tags: patch
As the subject says, during openssl initialisation fetchmail doesn't
seem to load all ssl algorithms causing the ssl negotiation to fail
depending on what the server wants to use..
ssl(3) doesn't state that this OpenSSL_add_all_algorithms() is needed.
Neither does SSL_connect or SSL_library_init. The only EVP reference is
EVP_md5() explicitly, which doesn't need OpenSSL_add_all_algorithms()
either. So could you:
1. please demonstrate an actual failure case
2. tell me how I as programmer should/could have known this in advance?
I'm really annoyed that so much ssl lore needs to be retrofitted over time
whenever there appears to be some new failure. ssl(3) states I need to run
SSL_library_init and seed the RNG on machines without /dev/*random.
Nothing about OpenSSL_add_all_algorithms().
If the OpenSSL documentation is so incomplete, I may have to switch the
SSL library inside stable versions to avoid such issues.
Thank you.
--
Matthias Andree
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
