Hi, I use libressl. It just been updated. I need to rebuild mail/exim-ldap2. It fails with : ``` cc tls.c In file included from tls.c:137: ./tls-openssl.c:2334:22: error: incomplete definition of type 'struct ssl_cipher_st' ushort id = 0xffff & SSL_CIPHER_get_id(SSL_get_current_cipher(ssl)); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./tls-openssl.c:131:34: note: expanded from macro 'SSL_CIPHER_get_id' # define SSL_CIPHER_get_id(c) (c->id) ~^ /usr/local/include/openssl/ssl.h:364:16: note: forward declaration of 'struct ssl_cipher_st' typedef struct ssl_cipher_st SSL_CIPHER; ``` Exim is 4.94.2, libressl is 3.4.1 I didn't found any workaround that do not require to uninstall my running exim... As libressl has been updated, if I stop exim it won't restart (as it requires previous version of libressl)
Hi, I found a REALLY UGLY fix. Duno wether it opens security hole but a least exim-ldap2 compiles and distribute mails. I'm not proud of it :/ ``` --- src/tls-openssl.c.old 2021-11-10 15:21:03.370920000 +0100 +++ src/tls-openssl.c 2021-11-10 15:21:53.323224000 +0100 @@ -67,6 +67,7 @@ into even twistier knots. If LibreSSL gains the same API, we can just change this guard and punt the issue for a while longer. */ +#define EXIM_HAVE_OPENSSL_CIPHER_GET_ID #ifndef LIBRESSL_VERSION_NUMBER # if OPENSSL_VERSION_NUMBER >= 0x010100000L # define EXIM_HAVE_OPENSSL_CHECKHOST ```
Moin! Thanks for report, will try this fix with all *ssl variants, if it works. My personal opinion is 'libressl is dead-borned stuff': it have a tons of compat issues and not really supported as drop-in replase for base-embedded one :(
These kind of checks are kinda bad, and are everywhere: if OPENSSL_VERSION_NUMBER >= 0x010100000L
Hi there, exim 4.95.1 compiles fine under freebsd 13.0-RELEASE-p4 amd64 with libressl \o/