[Fetchmail-users] How to build a fetchmail 7 rpm on CentOS 7

[ckeader <ck...@di...>]

HACK ALERT

Objective: build a fetchmail 7 alpha rpm on CentOS/RHEL 7.
Why? Some people prefer packages to installing from source on some types
of systems.

Create a fetchmail 7 alpha distribution archive
===============================================

Follow instructions to clone the fetchmal git repo, "next" branch.
Configure and "make dist", which should result in an archive named
fetchmail-7.0.0-alpha10.tar.xz or newer.

Unpack this archive, rename the directory to fetchmail-7.0.0, and repack as
fetchmail-7.0.0.tar.xz. This simplifies the spec file somewhat.

OpenSSL 3.x
===========

Download openssl-3.x source archive and signature file.

CentOS 7 fetchmail SRPM
=======================

Download and install the latest CentOS 7 fetchmail SRPM. Assuming all files
are copied into your builduser's ~/rpmbuild, copy the fetchmail-7.x and
openssl-3.x files from above into the SOURCES directory.

RPM SPEC file
=============

In the SPECS directory, take a backup of fetchmail.spec and apply the attached
patch. I found that fetchmail's configure gave different results for openssl
when built with and without mock, the sed expression in the %build section
tries to cover all bases.

Build
=====

Build it. With mock,

 rpmbuild -bs fetchmail.spec
 cd ../SRPMS
 mock fetchmail-7.0.0-1.el7.src.rpm

 otherwise just use rpmbuild -ba.

Grab a coffee, the openssl build will take a while.

All going well, the build completes and prints the location of the resulting
rpms. There should be three packages, binary for your %arch, SRPM and
debuginfo. The included fetchmail binary is statically linked against
openssl 3.x. It is completely untested and may not even work. In particular,
the ephemeral locations of SSL engines and modules are built into the openssl
libraries, and I do not know if fetchmail tries to load any of them in
operation; which will fail.

$ ldd fetchmail |grep -E "ssl|crypto"
	libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007f7c78b8c000)
$ ./fetchmail -V
This is fetchmail release 7.0.0-alpha10+GSS+RPA+NTLM+SDPS+SSL-SSLv2-SSLv3+HESIOD+NLS+KRB5.
Compiled with SSL library 0x30000020 "OpenSSL 3.0.2 15 Mar 2022"
Run-time uses SSL library 0x30000020 "OpenSSL 3.0.2 15 Mar 2022"
OpenSSL: OPENSSLDIR: "/etc/pki/tls"
Engines: ENGINESDIR: "/tmp/local/lib64/engines-3"

Copyright (C) 2002, 2003 Eric S. Raymond
Copyright (C) 2004 Matthias Andree, Eric S. Raymond,
                   Robert M. Funk, Graham Wilson
Copyright (C) 2005 - 2012 Sunil Shetye
Copyright (C) 2005 - 2021 Matthias Andree
Fetchmail comes with ABSOLUTELY NO WARRANTY. This is free software, and you
are welcome to redistribute it under certain conditions. For details,
please see the file COPYING in the source or documentation directory.
This product includes software developed by the OpenSSL Project
for use in the OpenSSL Toolkit. (http://www.openssl.org/)

Linux centos7-buildvm 3.10.0-1160.59.1.el7.x86_64 #1 SMP Wed Feb 23 16:47:03 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Taking options from command line
No mailservers set up -- perhaps ~/.fetchmailrc is missing?
[builder@c7x64 bin]$ 

For comparison, on a different type of system:

$ ldd `which fetchmail` | grep -E "ssl|crypto"
	libssl.so.1.1 => /usr/lib64/libssl.so.1.1 (0x00007fcee0da5000)
	libcrypto.so.1.1 => /usr/lib64/libcrypto.so.1.1 (0x00007fcee0ae6000)
$