Subject: libcrypt vs. libcrypto
To: None <firstname.lastname@example.org>
From: Quentin Garnier <cube@NetBSD.org>
Date: 01/24/2004 13:29:00
I plan on using mail/dovecot at work with a LDAP backend for
Long story short, dovecot-auth links against libldap and libcrypt, through
its configure script. It is what it should do, no problem here.
There is a problem, though, when it is considered that libldap is linked
against libcrypto, thus the crypt() from libcrypto takes precedence over
the one from libcrypt because the order of the libs is '-lldap -lcrypt'
(the test for libcrypt is made after the one for libldap in configure).
But in NetBSD 1.6.2, well, in openssl 0.9.6 I might guess, the crypt()
from libcrypto doesn't know about the "$1$" trick to have MD5 password.
Thus, it fails at ciphering correctly the password given by the POP3 user.
Re-ordering the libs solves the issue, but dovecot might not be the only
package potentially affected. Also, it seems that the crypt from
libcrypto in NetBSD-current does the expected thing, therefore the issue
shouldn't happen on -current.
I will probably commit the fix for dovecot (along with trivial ldaps
support addition), but maybe it should be worth it to investigate a
solution using buildlink. Is there a way to re-order libraries with
Quentin Garnier - cube@NetBSD.org
The NetBSD Project - http://www.NetBSD.org/