Re: [Fetchmail-users] OAUTH2 Dilemma

[ckeader <ck...@di...>]

Matthias Andree writes:
> Am 27.03.22 um 22:07 schrieb ckeader via Fetchmail-users:
> >> You can install the latest OpenSSL 3.0.x to a separate directory,
> >> WARNING UNTESTED because I do not have CentOS 7,
> >> but somewhere along the lines of but maybe needs tweaking:
> >> unpack OpenSSL 3.0.x, then
> >> ./config --prefix /opt/openssl3 --openssldir=/usr/lib64
> >> -Wl,-rpath=/opt/openssl3/lib
> >> -- and then point your fetchmail 7 alpha build there to use it, with
> >> ./configure --with-ssl=/opt/openssl3
> >>
> >> The additional burden on you will then be to watch future OpenSSL 3.0.x
> >> releases and upgrade your /opt/openssl3 should security fixes become
> >> necessary in some future OpenSSL version, so take notes of what worked
> >> for you if you had to tweak things.
> > I can improve on that ... does this list server strip attachments?
> Yes, some attachment types, and also bigger attachments. The mailing
> list is not intended to distribute larger or binary attachments. Smaller
> plain text attachments (few kBytes, so your .spec file or something)
> should work, for something bigger, file them through fetchmail's
> ticketing systems on SourceForge or GitLab please and mail the pointer.
> > I've been rolling my own fetchmail 6.4 rpm on CentOS 6, statically compiled against openssl 1.1.1. The method might work on CentOS 7 with fetchmail 7 and openssl 3.0 in a similar way. Obviously, one should update when either fetchmail or openssl release a new version.

My method doea not work for fetchmail 7 alpha. It looks like it does not support openssl 3.x yet.

/tmp/fetchmail-7.0.0-alpha9/socket.c:997: undefined reference to `SSL_load_error_strings'
/tmp/fetchmail-7.0.0-alpha9/socket.c:998: undefined reference to `SSL_library_init'
/tmp/fetchmail-7.0.0-alpha9/socket.c:999: undefined reference to `OpenSSL_add_all_algorithms'
/tmp/fetchmail-7.0.0-alpha9/socket.c:1000: undefined reference to `SSLeay'

The rpm I have right now is really only suitable for a static openssl that gets built on the fly. I can get that part working after a fashion by manually modifying the fetchmail Makefile after configure.