From owner-freebsd-current Mon Sep 20 18: 9:33 1999 Delivered-To: freebsd-current@freebsd.org Received: from enst.enst.fr (enst.enst.fr [137.194.2.16]) by hub.freebsd.org (Postfix) with ESMTP id D168A15BF1 for ; Mon, 20 Sep 1999 18:09:24 -0700 (PDT) (envelope-from beyssac@enst.fr) Received: from bofh.enst.fr (bofh-2.enst.fr [137.194.2.37]) by enst.enst.fr (8.9.1a/8.9.1) with ESMTP id DAA29534; Tue, 21 Sep 1999 03:09:20 +0200 (MET DST) Received: by bofh.enst.fr (Postfix, from userid 12426) id A7C25D226; Tue, 21 Sep 1999 03:09:19 +0200 (CEST) Message-ID: <19990921030919.A14737@enst.fr> Date: Tue, 21 Sep 1999 03:09:19 +0200 From: Pierre Beyssac To: freebsd-current@freebsd.org Subject: DANGER: login and friends with libscrypt/libdescrypt Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I've just been bitten by the following, so I figured I might as well warn others. From a quick glance it doesn't seem to have been mentioned, or not clearly enough, in this list. - libscrypt/libdescrypt major number has been bumped a few days ago. - /usr/bin/login and friends are now linked against libscrypt instead of libcrypt. The bottom line is, if: - you don't have crypto sources on your machine - you were using a symbolic link from libcrypt* to libscrypt*/libdescrypt* - you used that to link to an old libdes binary then ***test*** your compiled login binary before you reinstall everything. Thanksfully I kept an older -current on another machine from which I could find a working copy of login, which saved me from totally ruining my night. But I'll be sure to install complete crypto sources first thing tomorrow morning on my machines. -- Pierre Beyssac pb@enst.fr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message