Date: Tue, 6 Jun 2000 22:15:21 -0500 From: "Scot W. Hetzel" <hetzels@westbend.net> To: "Terry Lambert" <tlambert@primenet.com>, "Phil Regnauld" <regnauld@eu.org> Cc: "FreeBSD-Ports" <FreeBSD-Ports@freebsd.org>, <FreeBSD-Current@freebsd.org> Subject: Re: FrontPage Extensions Message-ID: <001d01bfd02e$9db01960$8dfee0d1@westbend.net> References: <00ea01be374a$b11fa020$1acb2e9c@westbend.net> <199901190354.UAA04699@usr04.primenet.com> <20000606103459.40497@flow.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
From: "Phil Regnauld" <regnauld@eu.org> > Terry Lambert writes: > > For what it's worth, the FP security issues are very well documented > > by ReadyToRun Software's site (these are the folks who do the UNIX > > ports for Microsoft). > > > > They also keep both BSDI 2.1 and 3.0 binaries available, and they > > know about FreeBSD (it's mentioned in the FAQ as an unsupported > > platform; apparently someone was having problems with the MD5 > > password hashing. Someone who cares should send them mail on how > > to update their FAQ to be more correct, and to raise FreeBSD's > > visibility as a platform -- e.g. what versions to us4e for > > what, install instructions for FreeBSD, etc.). > > FWIW, they now have a native FreeBSD version (FP extensions > SR1, the port needs to be updated BTW) -- works like a charm with minor > changes to one of the port patches. > Yes, there is only a minor change that is needed to the port to get it working with FP 2K SR1. See PR 18581, PR 18788 I did find a problem with fpsrvadm.exe. If you have libcrypt linked to libscrypt, then fpsrvadm.exe creates an invalid MD5 password (I believe the buffer RTR used to hold the password returned from the crypt function is too small for the MD5 passwords). I have informed RTR and they said a fix would be available in the next release. For the time being the port (apache13-fp, or upcomming mod_frontpage) will still need to use the BSDI extentions, and statically compile the apache server with libdescrypt.a on systems where libcrypt is linked to libscrypt. > Caveat: if you misconfigure your VirtualHost in some way, any call > to the FP-patched Apache to that subweb's /_vti_bin/ will make it > (apache) segfault. > > Will debug this if I find time. > I haven't come across this problem. But I do know that it will segfault if you are not using a patched suexec, as the unpatched suexec will not allow fpexe to run. Scot PS. This is off topic for current, so please remove current when replying. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001d01bfd02e$9db01960$8dfee0d1>