From owner-freebsd-ports@FreeBSD.ORG Wed Mar 8 12:21:27 2006 Return-Path: X-Original-To: freebsd-ports@freebsd.org Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A72FB16A420 for ; Wed, 8 Mar 2006 12:21:27 +0000 (GMT) (envelope-from neuhauser@sigpipe.cz) Received: from isis.sigpipe.cz (fw.sigpipe.cz [62.245.70.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3EBEA43D45 for ; Wed, 8 Mar 2006 12:21:27 +0000 (GMT) (envelope-from neuhauser@sigpipe.cz) Received: by isis.sigpipe.cz (Postfix, from userid 1001) id 25F6E1F87C15; Wed, 8 Mar 2006 13:21:26 +0100 (CET) Date: Wed, 8 Mar 2006 13:21:26 +0100 From: Roman Neuhauser To: Ruslan Savchenko Message-ID: <20060308122125.GA23766@isis.sigpipe.cz> Mail-Followup-To: Ruslan Savchenko , freebsd-ports@freebsd.org References: <20060307.223131.635794621.savrus@mexmat.net> <20060307223953.GB4435@isis.sigpipe.cz> <20060308.100057.-494034712.savrus@mexmat.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060308.100057.-494034712.savrus@mexmat.net> User-Agent: Mutt/1.5.9i Cc: freebsd-ports@freebsd.org Subject: Re: little improvement in security/pam-mysql X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2006 12:21:27 -0000 # savrus@mexmat.net / 2006-03-08 10:00:57 +0300: > Tue, 7 Mar 2006 23:39:53 +0100 > Roman Neuhauser : > > > # savrus@mexmat.net / 2006-03-07 22:31:31 +0300: > > > When I tried to set crypt=md5, I saw message > > > > > > Mar 3 17:00:24 ssh login: pam_mysql - non-crypt()ish MD5 hash is not supported > > > in this build. > > > > > > Looking throw source shows that it depends on HAVE_PAM_MYSQL_MD5_DATA > > > definition. One way to get it defined is to have HAVE_MD5DATA defined > > > (and MD5Data() in md5.h). FreeBSD's sys/md5.h has MD5Data(), but no > > > HAVE_MD5DATA. If HAVE_MD5DATA is defined in pam_mysql.c md5 passwords > > > work well, so one way to fix this is to apply attached patch to > > > pam_mysql.c > > > > > --- pam_mysql.c.old Tue Mar 7 21:54:04 2006 > > > +++ pam_mysql.c Tue Mar 7 21:55:56 2006 > > > @@ -121,6 +121,7 @@ > > > > > > #ifndef HAVE_OPENSSL > > > #ifdef HAVE_MD5_H > > > +#define HAVE_MD5DATA > > > #include > > > #endif > > > > This is not the right fix. HAVE_MD5DATA is probably supposed to get > > set by pam-mysql's configure script. What's the output of running > > make configure in the port, and what's in ${WRKSRC}/config.log? > > Thank you for the answer. > In my case it is not set, you see. I also can't see this (and even > MD5Data) in any file except pam_mysql.c. I was wrong, sorry for wasting your time. I don't know where the HAVE_MD5DATA constant is supposed to come from. -- How many Vietnam vets does it take to screw in a light bulb? You don't know, man. You don't KNOW. Cause you weren't THERE. http://bash.org/?255991