Skip to content

feat: add statically compiled native-tls to binary#801

Open
b4iterdev wants to merge 1 commit intoRightNow-AI:mainfrom
b4iterdev:main
Open

feat: add statically compiled native-tls to binary#801
b4iterdev wants to merge 1 commit intoRightNow-AI:mainfrom
b4iterdev:main

Conversation

@b4iterdev
Copy link

@b4iterdev b4iterdev commented Mar 23, 2026
edited
Loading

Summary

Originally native-tls pulls in openssl as a transitive dependency for IMAP support, and native-tls doesn't use the vendored feature by default. It links against the system's libssl, which on Debian Trixie is OpenSSL 3.x (libssl3), not libssl.so.1.0.0. As a result, running openfang on Debian trixie will results in

openfang: error while loading shared libraries: libssl.so.1.0.0: cannot open shared object file: No such file or directory

This PR add features = ["vendored"] into native-tls. Which causes it (and the imap crate's transitive OpenSSL dependency) to statically compile OpenSSL rather than link against the system's libssl at runtime. The binary will no longer depend on libssl.so.1.0.0 being present on the target system.

Previously, commit 135c37f adds features = ["vendored"] to openssl, however it does not fully resolve the linking issue.

Changes

  • Cargo.toml: add features = ["vendored"] to native-tls

Testing

  • cargo clippy --workspace --all-targets -- -D warnings passes: Proof
  • cargo test --workspace passes: Proof
  • Live integration tested (if applicable): Installed binary with existing Github Action workflow on Debian trixie and the problem no longer exists

Security

  • No new unsafe code
  • No secrets or API keys in diff: N/A
  • User input validated at boundaries: N/A

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@b4iterdev