From Newsgroup: comp.mail.pine
On 15/7/25 03:11, Eduardo Chappa wrote:
On Sun, 13 Jul 2025, Thorsten Glaser wrote:
Eduardo Chappa dixit:
you seem to be using an old version of imapd.c. From the current bits
ptext is between lines 3878 and 3883, so it seems you are using an
old version. The advice in these cases is to upgrade your version to
a newer version.
AFAICT I have the latest known version, perhaps did the distribution
site change? Can you point me to the latest?
Tough question to answer, since there is no official distribution of
imapd. This is what I can tell you.
The latest bits created by Mark Crispin are located at
https://github.com/jonabbey/panda-imap
I do not know if they have ever been updated. For example to update the
code based on changes in the openssl library API.
The bits for imapd in the source code of alpine have been updated for changes in the openssl library API, but I have never updated the imapd
code, so it is probably the same as in github, but I have updated the underlying c-client library to work with Alpine, no testing of the imapd code has ever been done, so if you go that way, use it at your own risk.
I hope this helps.
Someone - Erik Kangas - did the OpenSSL 1.1.x changes to Panda-IMAP,
and they may have been checked in to that repository.
If they haven't, here's the email from the IMAP mailing list: ======================================================================
1. There is only 1 critical change. There are a lot of fatal compile
errors around use of "cert->name". Openssl-ano longer exposes the
contents of the X509 structure. The solution seems to be to replace
this with something like:
cert->name
replace with
X509_NAME_oneline(X509_get_subject_name(cert),NULL,0)
which extracts the name from the cert object and returns it as a newly allocated char*. This could be a very small memory leak; but for most purposes each imapd and ipop3d only exist for the single connection --
so its probably not a concern, just a few bytes. You could fix by
adding a few more lines to create a buffer and have
X509_NAME_oneline-asave to your buffer, etc.
2. There are a couple deprecated functions that should be updated:
TLSv1_client_method
TLS_client_method
RSA_generate_key
RSA_generate_key_ex
That is it -- things seem to be compiling and tests (so far) show things
are working properly. There are still compile warnings here and there
(as there always have been with imapd) but they seem OK. I will still
be testing for some time before I push out. Also, linking to
openssl-av1.1.1 also seems to have cleared up some issues with C-Client
using STARTTLS-awith TLS 1.2-only servers (we already have support for
DHE and ECDHE-abuilt in). ======================================================================
Cheers,
Gary B-)
--- Synchronet 3.21a-Linux NewsLink 1.2