[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: OpenLDAP uses crypt() of OpenSSL instead of system libraries (ITS#2123)
The OpenSSL library is defective. See the FAQ-o-Matic.
http://www.openldap.org/faq/data/cache/185.html
This is not an OpenLDAP bug, this issue will be closed.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
> -----Original Message-----
> From: owner-openldap-bugs@OpenLDAP.org
> [mailto:owner-openldap-bugs@OpenLDAP.org]On Behalf Of ast@domdv.de
> Sent: Thursday, October 03, 2002 3:29 AM
> To: openldap-its@OpenLDAP.org
> Subject: OpenLDAP uses crypt() of OpenSSL instead of system libraries
> (ITS#2123)
>
>
> Full_Name: Andreas Steinmetz
> Version: 2.1.5
> OS: Linux 2.4
> URL:
> Submission from: (NULL) (217.229.56.110)
>
>
> Description:
>
> OpenLDAP links against OpenSSL (-lcrypto) without prior
> linking against the
> proper system library (-lcrypt) so the crypt() function of
> OpenSSL is used
> instad of the system crypt() function.
>
> Problem:
>
> Unfortunately the OpenSSL crypt() function does not handle
> MD5 passwords as does
> the system crypt() function (part of glibc 2.2.5). Thus
> transparent migration to
> OpenLDAP from Shadow or NIS will fail for all more modern
> installations as the
> user passwords are not processed correctly.
>
> Solution:
>
> Assert to link against -lcrypt prior to linking against
> -lcrypto on systems
> which do have an explicit crypt library, i.e. include
> LUTIL_LIBS for linking
> (seems to be defined but ignored) and do it before including TLS_LIBS.
>
>