dovecot 2.2.26.0 uses the following functions, which are not available on libressl 2.4.3:
HMAC_CTX_new HMAC_CTX_free EVP_PKEY_get0_EC_KEY EVP_PKEY_get0_RSA OBJ_length EVP_MD_CTX_new EVP_MD_CTX_free
The result of calling a non-existent function is a runtime error, and we do not want that on production servers.
There are additional problems. I recommend compiling with clang-llvm 3.9.0 to see them all.
-------- Original Message -------- Subject: Re: v2.2.26.0 released Local Time: 1 November 2016 7:30 PM UTC Time: 1 November 2016 18:30 From: aki.tuomi@dovecot.fi To: Dovecot Mailing List <dovecot@dovecot.org>, Ruga <ruga@protonmail.com>
OpenSSL v1.0.1 is enough.
Aki
On November 1, 2016 at 7:46 PM Ruga <ruga@protonmail.com> wrote:
Hello,
We cannot upgrade from 2.2.24, because we use libressl and the newer dovecot versions demand openssl v1.1.
Please add the new library requirement to the INSTALL file.
All the best.
-------- Original Message -------- Subject: v2.2.26.0 released Local Time: 28 October 2016 6:51 PM UTC Time: 28 October 2016 16:51 From: tss@iki.fi To: dovecot-news@dovecot.org, Dovecot Mailing List <dovecot@dovecot.org>
http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.0.tar.gz.sig
v2.2.26 had a couple of nasty bugs left in it, so here's a fixup release. The version number is also a little bit weird, but had to be done this way (although 2.2.26.0.1 could have been another possibility).
- Fixed some compiling issues.
- auth: Fixed assert-crash when using NTLM or SKEY mechanisms and multiple passdbs.
- auth: Fixed crash when exporting to auth-worker passdb extra fields that had empty values.
- dsync: Fixed assert-crash in dsync_brain_sync_mailbox_deinit