From owner-freebsd-ports@FreeBSD.ORG Tue Mar 7 21:50:00 2006 Return-Path: X-Original-To: freebsd-ports@freebsd.org Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E6D9B16A420 for ; Tue, 7 Mar 2006 21:50:00 +0000 (GMT) (envelope-from savrus@mexmat.net) Received: from gulipin.mexmat.net (gulipin.mexmat.net [217.67.124.100]) by mx1.FreeBSD.org (Postfix) with ESMTP id 24ADC43D48 for ; Tue, 7 Mar 2006 21:49:54 +0000 (GMT) (envelope-from savrus@mexmat.net) Received: from mail@gulipin by gulipin.mexmat.net (8.13.4/8.13.4) with ESMTP id k27Lnka8041775 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 8 Mar 2006 00:49:48 +0300 (MSK) Received: from localhost (localhost. [127.0.0.1]) by savrus.fds. (8.13.4/8.13.3) with ESMTP id k27JVV4T030854 for ; Tue, 7 Mar 2006 22:31:32 +0300 (MSK) (envelope-from savrus@mexmat.net) Date: Tue, 07 Mar 2006 22:31:31 +0300 (MSK) Message-Id: <20060307.223131.635794621.savrus@mexmat.net> To: freebsd-ports@freebsd.org From: Ruslan Savchenko X-Mailer: Mew version 4.2 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Multipart/Mixed; boundary="--Next_Part(Tue_Mar__7_22_31_31_2006_697)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV version 0.87.1, clamav-milter version 0.87 on gulipin.mexmat.net X-Virus-Status: Clean Subject: little improvement in security/pam-mysql X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2006 21:50:01 -0000 ----Next_Part(Tue_Mar__7_22_31_31_2006_697)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hello! I had a problem with using md5 passwords with this port (not crypt()ed md5). When I tried to set crypt=md5, I saw message Mar 3 17:00:24 ssh login: pam_mysql - non-crypt()ish MD5 hash is not supported in this build. Looking throw source shows that it depends on HAVE_PAM_MYSQL_MD5_DATA definition. One way to get it defined is to have HAVE_MD5DATA defined (and MD5Data() in md5.h). FreeBSD's sys/md5.h has MD5Data(), but no HAVE_MD5DATA. If HAVE_MD5DATA is defined in pam_mysql.c md5 passwords work well, so one way to fix this is to apply attached patch to pam_mysql.c This looks like pr, but should I send it on such a problem? I'm waiting for answer. uname -a FreeBSD shadow 5.4-RELEASE-p7 FreeBSD 5.4-RELEASE-p7 #0: Sun Sep 25 15:51:58 MSD 2005 root@boo.fds.:/usr/obj/usr/src/sys/BOO i386 pkg_info -aI bash-3.0.16_1 The GNU Project's Bourne Again SHell emacs-21.3_8 GNU editing macros gettext-0.14.5 GNU gettext package gkrellm-2.2.7 A GTK based system monitor glib-1.2.10_11 Some useful routines of C programming (previous stable vers glib-2.6.6 Some useful routines of C programming (current stable versi leim-21.3_1 Libraries of (GNU) Emacs Input Method libiconv-1.9.2_1 A character set conversion library libnss-mysql-1.5 NSS module using a MySQL database for backend mc-4.6.1_2 Midnight Commander, a free Norton Commander Clone mysql-client-4.1.14 Multithreaded SQL database (client) nss_ldap-1.239 RFC 2307 NSS module openldap-client-2.2.28 Open source LDAP client implementation pam_ldap-1.8.0 A pam module for authenticating with LDAP pam_mkhomedir-0.1 Create HOME with a PAM module on demand pam_mysql-0.6.2 A pam module for authenticating with MySQL perl-5.8.7 Practical Extraction and Report Language pkgconfig-0.17.2 A utility to retrieve information about installed libraries ----Next_Part(Tue_Mar__7_22_31_31_2006_697)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="patch_pam_mysql.c" --- pam_mysql.c.old Tue Mar 7 21:54:04 2006 +++ pam_mysql.c Tue Mar 7 21:55:56 2006 @@ -121,6 +121,7 @@ #ifndef HAVE_OPENSSL #ifdef HAVE_MD5_H +#define HAVE_MD5DATA #include #endif ----Next_Part(Tue_Mar__7_22_31_31_2006_697)----