This is the mail archive of the cygwin-apps mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

fetchmail and openssl

From: Vladimir Shatilo <vladimir dot shatilo at gmail dot com>
To: cygwin-apps at cygwin dot com
Date: Wed, 25 Apr 2012 23:40:50 +0300
Subject: fetchmail and openssl
References: <4F985F18.7040106@gmail.com>
Reply-to: vladimir dot shatilo at gmail dot com

In the latest cygwin package fetchmail 6.3.18-1 has been compiled with old openssl 0.9.8 library.
This causes errors in ssl certificate validation when connecting to imap or pop3 with ssl.
The problem is openssl 1.0.0 and later has different hash generation algorithm then previous 0.9.8 version.
So after c_rehash symbolic links to valid certificates have different names then fetchmail is looking for.

First I have verified it with strace and have got symbolic link names of certificates that fetchmail is looking for.
I created symbolic links with valid names (according to openssl 0.9.8 hashes) to existing certificates and fetchmail has worked well.

Finally I have compiled fetchmail 6.3.21 from source with openssl 1.0.1a-1 library and have got everything working as required.

So this is required to update fetchmail to 6.3.21 and compile it with latest openssl 1.0.1a-1 library in the main cygwin package.

Follow-Ups:
- Re: fetchmail and openssl
  - From: Christopher Faylor
- Re: fetchmail and openssl
  - From: Jason Tishler

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]