Hi folks,

I plan on using mail/dovecot at work with a LDAP backend for
authentication.

Long story short, dovecot-auth links against libldap and libcrypt, through
its configure script.  It is what it should do, no problem here.

There is a problem, though, when it is considered that libldap is linked
against libcrypto, thus the crypt() from libcrypto takes precedence over
the one from libcrypt because the order of the libs is '-lldap -lcrypt'
(the test for libcrypt is made after the one for libldap in configure).

But in NetBSD 1.6.2, well, in openssl 0.9.6 I might guess, the crypt()
from libcrypto doesn't know about the "$1$" trick to have MD5 password.
Thus, it fails at ciphering correctly the password given by the POP3 user.

Re-ordering the libs solves the issue, but dovecot might not be the only
package potentially affected.  Also, it seems that the crypt from
libcrypto in NetBSD-current does the expected thing, therefore the issue
shouldn't happen on -current.

I will probably commit the fix for dovecot (along with trivial ldaps
support addition), but maybe it should be worth it to investigate a
solution using buildlink.  Is there a way to re-order libraries with
buildlink?

-- 
Quentin Garnier - cube@NetBSD.org
The NetBSD Project - http://www.NetBSD.org/