Date: Tue, 21 Sep 1999 10:54:49 +0200 From: Pierre Beyssac <beyssac@enst.fr> To: Mark Murray <mark@grondar.za> Cc: freebsd-current@FreeBSD.ORG Subject: Re: DANGER: login and friends with libscrypt/libdescrypt Message-ID: <19990921105449.A21254@enst.fr> In-Reply-To: <199909210629.IAA70984@gratis.grondar.za>; from Mark Murray on Tue, Sep 21, 1999 at 08:29:26AM %2B0200 References: <199909210629.IAA70984@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 21, 1999 at 08:29:26AM +0200, Mark Murray wrote: > > - /usr/bin/login and friends are now linked against libscrypt > > instead of libcrypt. > > This is a link bug. The Makefile says "-lcrypt". JDP? Then there's the problem that libcrypto.so.3 won't magically be a link to a working libdescrypt.so.3 if the latter doesn't exist, especially if you don't have crypto sources. Then, the fact that login SIGSEV's in strcmp from inside PAM doesn't look very normal to me either. I suppose there's an error check missing somewhere when the libscrypt is called while you use DES passwords. (gdb) where #0 0x280d0cf4 in strcmp () from /usr/lib/libc.so.3 #1 0x28115365 in pam_sm_authenticate () from /usr/lib/pam_unix.so #2 0x280754b9 in pam_getenvlist () from /usr/lib/libpam.so.1 #3 0x2807577d in _pam_dispatch () from /usr/lib/libpam.so.1 #4 0x28074b37 in pam_authenticate () from /usr/lib/libpam.so.1 #5 0x804a88a in setlogin () #6 0x8049c3a in setlogin () #7 0x804986d in setlogin () -- Pierre Beyssac pb@enst.fr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990921105449.A21254>