On Wed, Aug 28, 2019 at 10:55:05AM +0300, Reio Remma wrote: > On 28/08/2019 10:44, [email protected] wrote: > > 28 ao??t 2019 00:00 "Reio Remma" <[email protected]> a ??crit: > > > > > On 27.08.2019 21:25, Richard Narron wrote: > > > > > > > The OpenSMTPD portable version from > > > > https://github.com/OpenSMTPD/OpenSMTPD > > > > works fine on Slackware64 current with OpenSSL 1.1.1c and gcc 9.2 > > > > It took me a while to get it to work though. > > > > I first downloaded the "current" portable version from > > > > https://opensmtpd.org/archives/opensmtpd-6.4.2p1.tar.gz > > > > And I got errors very similar to those of Denis Fateyev on Fedora 30. > > > > Next I downloaded the portable version from github.com > > > > and found that autoconf had not been run and this was no good. > > > > Finally I discovered the post on the mailing list which mentioned the > > > > "bootstrap" script and then I was able to download and build the > > > > portable > > > > version from git. > > > > The code shows version "6.6.0-portable". > > > > It runs fine on Slackware64 current and I'm happy that it now works with > > > > OpenSSL 1.1 > > > > Regards, > > > > Richard Narron > > > Your success pushed me to try 6.6.0 on CentOS 7 with OpenSSL 1.1.1c. > > > > > > Can anyone tell me if changing to -lcrypto -lssl to -l:libssl.a > > > -l:libcrypto.a is the correct way > > > to get OpenSSL 1.1.1c statically compiled into OpenSMTPD? I ended up > > > using these (and -pthreads > > > -ldl) and managed to build an RPM based on 6.0.3 RPM from CentOS 7. > > > > > I don't know about the -l:lib notation sorry > > > > Out of curiosity, why would you want ssl statically compiled into OpenSMTPD > > ? > > This means that when an issue hits OpenSSL, updating OpenSSL and restarting > > the daemon will not be > > enough to be back on track. > > > > In addition, I'm not sure why you need -pthreads because OpenSMTPD is not > > multi-threaded. > > Hello! > > CentOS 7 has OpenSSL 1.0.2k as the max version and with OpenSSL 1.1.1c > compiled into OpenSMTPD I can run the new OpenSMTPD version on a machine > with CentOS 7's old OpenSSL version. > > I had to add -pthreads and -ldl to pass 'make' with the static OpenSSL > libraries. Without these I ran into errors hinting at threads and dl. > > I'm a little wary of just forcibly replacing the whole OpenSSL 1.0.2k on a > production machine. :) >
Understood ! OpenSSL 1.0.x is going to be supported until 2019-12-31 so this will get solved by itself soon ;-) -- Gilles Chehade @poolpOrg https://www.poolp.org patreon: https://www.patreon.com/gilles
