similar to: [PATCH] Fix dovecot 1.2 build with LibreSSL

On Friday 06 April 2018 21:31:01 Bernard Spil wrote: > Hi, > > When using OpenSSH with LibreSSL 2.7.x it cannot read existing RSA and > ECDSA private keys. > > Error loading key "./id_rsa": invalid format > > Rebuilding OpenSSH with LibreSSL 2.6.x fixes the issue. I had fixed this > issue early on with LibreSSL 2.7 by converting the key to "new

On 2018-04-07 11:24, Bernard Spil wrote: > On 2018-04-07 9:04, Joel Sing wrote: >> On Friday 06 April 2018 21:31:01 Bernard Spil wrote: >>> Hi, >>> >>> When using OpenSSH with LibreSSL 2.7.x it cannot read existing RSA >>> and >>> ECDSA private keys. >>> >>> Error loading key "./id_rsa": invalid format

Hello list, I've recently been working with LibreSSL on CentOS 7 and I thought I'd share it. I would be cautious about using it on production servers, but it seems to be behaving itself for me. https://librelamp.com/ I packaged it to install in parallel with OpenSSL rather than replace it. Apache (2.4.16), MariaDB (5.5.45) and PHP (5.6.12) complete the lamp stack. With MariaDB I

Hi, Yesterday I tried to replace the system openssl in a gentoo system with libressl. With openssh an interesting issue popped up: * RAND_bytes in libressl calls arc4random * arc4random is a compat function both in openssh and libressl * arc4random from openssh uses RAND_bytes So what's happening is a recursion. arc4random wants to use RAND_bytes and RAND_bytes wants to use arc4random. The

Howdy, I'm attempting to compile openssh-7.1p1 using libressl-2.2.4 for the ssl implementation. Unfortunately, this fails to work (tested on Debian Unstable and Gentoo): cd libressl-2.2.4 ./configure --prefix=/opt/libressl-2.2.4 && make -j8 && sudo make install cd ../openssh-7.1p1 ./configure --with-ssl-dir=/opt/libressl-2.2.4 fails with: checking OpenSSL header version...

One of my hobbies (I need a life) is working on getting stuff to build against LibreSSL in CentOS 7 Part of that involves some test (not production) machines where openssl has been removed. Discovered some issues with Python built again LibreSSL - it passes the test suite in %check if you just change the BuildRequires but the result is some modules have some unresolved symbols the test suite

Sorry for finnish. I think it might also work with libtool flag -static in Makefile.am LDADD flags.---Aki TuomiDovecot oy -------- Original message --------From: Aki Tuomi <aki.tuomi at dovecot.fi> Date: 05/02/2017 20:21 (GMT+02:00) To: Dovecot Mailing List <dovecot at dovecot.org> Subject: Re: Panic error from dovecot 2.2.27 using libressl 2.4.5 (cross-posting at GitHub) jos

jos ldflags laittaa -static vivun niin se preferoi .a filedn linkkausta. ---Aki TuomiDovecot oy -------- Original message --------From: Timo Sirainen <tss at iki.fi> Date: 05/02/2017 20:19 (GMT+02:00) To: Dovecot Mailing List <dovecot at dovecot.org> Subject: Re: Panic error from dovecot 2.2.27 using libressl 2.4.5 (cross-posting at GitHub) On 5 Feb 2017, at 19.58, Timo Sirainen

On Mon, Nov 9, 2015 at 5:35 PM, Darren Tucker <dtucker at zip.com.au> wrote: > On Tue, Nov 10, 2015 at 9:22 AM, Austin English <austinenglish at gmail.com> wrote: >> Howdy, >> >> I'm attempting to compile openssh-7.1p1 using libressl-2.2.4 for the >> ssl implementation. Unfortunately, this fails to work (tested on >> Debian Unstable and Gentoo):

Hi folks, I searched the list for LibreSSL and found only one mention of it! Has anyone gotten this working? I have it compiling no problem, but removing OpenSSL is another story of course. It seems to be compiled with FIPS support and of course there is no such thing in LibreSSL - that is something they tore out thanks, -Alan -- "Don't eat anything you've ever seen advertised

With 2.2.2 release http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.2-relnotes.txt is there a paln to provide a drop-in replacement of OpenSSL? -- Ciao, luigi / +--[Luigi Rosa]-- \ Furious activity is no substitute for understanding. --H. H. Williams

On 5 Feb 2017, at 19.49, Timo Sirainen <tss at iki.fi> wrote: > > On 4 Feb 2017, at 20.03, Ruga <ruga at protonmail.com> wrote: >> >> https://github.com/libressl-portable/portable/issues/278 > > I've no idea why that would happen. The only idea I had got rejected by someone. Oh, that's with OSX. I think that's the reason. Nothing to do with

Hi, We carry some compat code for old OpenSSL <1.1.1 and LibreSSL <3.1.0. OpenSSL 1.0.x is no longer supported upstream and AFAIK LibreSSL do not support old versions at all. I'd like to retire this config code, which would mean that users on platforms that include the versions of libcrypto would have to either bring their own libcrypto or compile OpenSSH --without-openssl (and accept

Hi all, Reverted back to 2.2.34 and pigeonhole 0.4.22 and (after reverting config changes) it's working again including Sieve. I was notified of commit https://github.com/stephanbosch/dovecot-core/commit/6553f20bb31b5f0eebb73a0db526f00816b47d71 which I'll try. It's in a different option -f (not -d) but will try. Cheers, Bernard. 2018-04-08 20:10 GMT+02:00 Bernard Spil <brnrd at

Timo, re: What OS is this? OS 10.12.3 with Xcode 8.2.1 and the official clang 3.9.0 re: test-time-util.c t_strftime and variants now .......................................... : ok Info: 'Thu, 08 Dec 2016 18:42:16 +0100' test-time-util.c:124: Assert failed: strcmp(t_strftime(RFC2822_FMT, gmtime(&ts)), exp) == 0 Info: 'Thu, 08 Dec 2016 18:42:16 +0100'

https://github.com/libressl-portable/portable/issues/278

On 4 Feb 2017, at 20.03, Ruga <ruga at protonmail.com> wrote: > > https://github.com/libressl-portable/portable/issues/278 I've no idea why that would happen. The only idea I had got rejected by someone.

>openssl version Libressl 2.4.4 Patch for dovecot: perl -i -ple 's/^(#if OPENSSL_VERSION_NUMBER < 0x10100000L\s*)$/$1 || defined (LIBRESSL_VERSION_NUMBER)/' ./src/lib-dcrypt/dcrypt-openssl.c; perl -i -ple 's/^(#if OPENSSL_VERSION_NUMBER < 0x10100000L\s*)$/$1 || defined (LIBRESSL_VERSION_NUMBER)/' ./src/lib-ssl-iostream/dovecot-openssl-common.c; perl -i -ple 's/^(#if

Hi Stephan, Shared the message to you in person only via separate mail. With to Return-Path, I've not seen any difference in failures, all messages were consistently failing with the same error. Thank you! Bernard. 2018-04-10 2:54 GMT+02:00 Stephan Bosch <stephan at rename-it.nl>: > Op 4/8/2018 om 8:10 PM schreef Bernard Spil: >> Hi, >> >> Since updating to 2.3.1

Hi, Since updating to 2.3.1 on my FreeBSD mailserver mail delivery using lda is broken if I have sieve enabled. (Before updating this was 2.2 and pigeonhole 0.4) FreeBSD 11.1-p8 amd64 Dovecot 2.3.1 Pigeonhole 0.5.1 Mailflow is OpenSMTPd as MTA, using mda delivery to rspamc which utlimately delivers using dovecot-lda. smtpd.conf deliver to mda "rspamc -h scan --mime -e