HELP!!! Re: [Dovecot] Specifying which openssl to use

infowolfe infowolfe at gmail.com
Sun Jun 4 10:16:32 EEST 2006


not sure if you've tried ./configure --help, but ./configure
--with-openssl=/usr/local/openssl-0.9.8b would probably fix things for
you (assuming you installed into that directory vs compiled in that
directory.

On 6/3/06, Chase <chase at osdev.org> wrote:
> We'll I've spent the entire day trying to make Dovecot with TLS/SSL work
> on Solaris 10 and I'm not any closer.
>
> This is Solaris 10 x86 Update 1 and Dovecot 1 Beta 8.
>
> bash-3.00# /usr/sfw/bin/openssl version
> OpenSSL 0.9.7d 17 Mar 2004
>
> The reason I think the bundled openssl is broken is because Thunderbird
> can receive the cert but the connection drops, turning on all the
> logging in dovecot I find this in my syslog:
>
> Jun  4 00:50:30 hosting dovecot: [ID 107833 mail.warning] imap-login:
> SSL_accept() failed: error:1409D08A:SSL
> routines:SSL3_SETUP_KEY_BLOCK:cipher or hash unavailable [205.19
> 6.182.15]
>
> I found some messages on the imap-uw mailing list that indicate that
> this error could be caused by the bundled openssl. I've installed the
> latest openssl from source without problem and an updated packaged
> version from sunfreeware.com. I just can't seem to make Dovecot use them.
>
> I've used crle to include /usr/local/ssl/lib in my library path.
> I've tried PKG_CONFIG_PATH=/usr/local/ssl/lib/pkgconfig with my configure
> I've tried CPPFLAGS=-I/usr/local/ssl/include
> LDFLAGS='-L/usr/local/ssl/lib' ./configure --prefix=/opt/dovecot
> --with-ssl=openssl --with-ssldir=/etc/sslcerts
> I've tried CPPFLAGS=-I/usr/local/ssl/include
> LDFLAGS='-L/usr/local/ssl/lib -ldl' ./configure --prefix=/opt/dovecot
> --with-ssl=openssl --with-ssldir=/etc/sslcerts
>
> When I set the PKG_CONFIG_PATH the messages produced by configure and
> make make me think that /usr/local/ssl will be used.
>
> Using "truss -f /opt/dovecot/sbin/dovecot 2> /tmp/dove.txt" I can see
> several references to the wrong libssl such as
> "open("/usr/sfw/lib/libssl.so.0.9.7", O_RDONLY)  = 3".
>
> Does anyone know how to make Dovecot use a specified install of openssl?
> Or how to make Dovecot and the Solaris bundled openssl work?
>
> -Chase
>
>
> Chase wrote:
> > I'm trying to setup dovecot on Solaris 10. I can get it all working
> > except TLS/SSL. I traced my problem down to the version of openssl
> > that Solaris 10 ships with. The fix is supposed to be to use a newer
> > version of openssl. Without removing the built-in version of openssl
> > I've installed openssl-0.9.8b to /usr/local.
> >
> > When I "./configure" dovecot it seems to always pick up the broken
> > version of openssl in /usr/sfw.  How do I make dovecot use an
> > alternate copy of openssl? How is it even finding the one in /usr/sfw?
> >
> > Thanks,
> > -Chase
> >
> > I tried setting CPPFLAGS and LDFLAGS already.
> >
>
>


More information about the dovecot mailing list