[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 2.1 upgrade issue



[ Howard Chu ]

> > Further troubles: Passwords encrypted with the typical
> > {CRYPT} hashes seem
> > to no longer work: I can't bind against them anymore:
> 
> Did you configure with --enable-crypt? Are you building with
> OpenSSL? If so, have you patched your OpenSSL library so that it
> doesn't interfere with normal crypt() behavior? <
> http://www.openldap.org/faq/data/cache/185.html Note about OpenSSL
> and crypt() >

On old versions of 2.1 OpenLDAP I used to change the following:

# In openldap-2.1.X/servers/slapd/Makefile.in:
-XXLIBS = $(LDBM_LIBS) $(SLAPD_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS) \
    $(LUTIL_LIBS)
+XXLIBS = $(LDBM_LIBS) $(SLAPD_LIBS) $(LUTIL_LIBS) $(SECURITY_LIBS) \
    $(LDIF_LIBS)

This was because of a distributed version of openssl which I could not
patch very easily. The above made crypt(3) and MD5-crypt work in
OpenLDAP.

In recent 2.1 releases, adding '-lcrypt' to LDFLAGS before compiling
seems to be sufficient(plus --enable-crypt). No editing needed.

-- 
Mathias Meisfjordskar
GNU/Linux addict.

"If it works; HIT IT AGAIN!"