On 4/3/21 4:40 PM, SET via arch-general wrote:
Hello,
I am having a weird issue with libesmtp : it does not use TLS, confirmed by wireshark sniffing.
The ASP repo was pulled, and here is the result of ./configure --prefix=/usr :
************************* *** libESMTP features *** ************************* --with-auth-plugin-dir: /usr/lib/esmtp-plugins --with-lwres: no --with-openssl: no --enable-pthreads: yes --enable-etrn: no --enable-ntlm: no --enable-chunking: yes --enable-xusr: yes --enable-nsauth: yes --enable-debug: no
After examining config.log, the conftest.c program, generated by configure, failed to compile :
#ifdef __cplusplus extern "C" #endif char SSL_library_init (); int main () { return SSL_library_init (); ; return 0; }
By including <openssl/ssl.h> before int main(), conftest.c does compile.
Talking to an SMTP server without TLS is obviously not an option.
How can this be fixed ? A patch by the package maintainer ? Reporting to upstream ? (Seems to be fedora here)
This happens because it uses SSL_library_init and openssl < 1.1 which the headers wrap in a compat #define I guess the solution here is to backport https://github.com/libesmtp/libESMTP/commit/22f05352122be48c8034fcfe6cba9c94... You may additionally/alternatively ask upstream to consider releasing 1.6.1 containing the currently available maintenance fixes. -- Eli Schwartz Bug Wrangler and Trusted User