postfix / openssl issues

[msantos@…]

I was getting the following errors from Postfix when using +tls and +sasl variants:

Nov  1 15:02:47 Server postfix/smtpd[45923]: initializing the server-side TLS engine
Nov  1 15:02:47 Server postfix/smtpd[45923]: warning: run-time library vs. compile-time header version mismatch: OpenSSL 0.9.8 may not be compatible with OpenSSL 0.9.7
Nov  1 15:02:48 Server postfix/master[147]: warning: process /opt/local/libexec/postfix/smtpd pid 45923 killed by signal 10
Nov  1 15:02:48 Server postfix/master[147]: warning: /opt/local/libexec/postfix/smtpd: bad command startup -- throttling

Using otool, I was able to determine that Postfix was correctly linking against the openssl library in /opt/local. So the problem is that postfix was being compiled against the system headers. 0.9.7 is the version of openssl included with Leopard (10.5.0), whereas 0.9.8 is the version I have installed via macports. I think I was able to determine what the problem was. When the TLS variant is invoked, -I${prefix}/include/openssl gets added to the include path. However, postfix source code seems to include openssl headers via <openssl/header.h>, so the search path that was added doesn't help. Therefore, the source finds the header in the system include path, /usr/include. I believe the solution is to add -I${prefix}/include rather than (or in addition to) -I${prefix}/include/openssl.

Indirectly, one can work around the problem for now by also enabling the +pcre variant. The PCRE variant ends up adding -I${prefix}/include to the include path already, and so indirectly causes the TLS variant to use the correct compile-time header.

[markd@…]

I modified the include path for AUXLIBS in the tls variant to ${prefix}/include in revision 1 to the port. Please test this and report if it fixed it.

[markd@…]

Well this can be reopened, otherwise I'll assume the problem was solved with the latest patch.

[(none)]

Milestone Port Bugs deleted