little improvement in security/pam-mysql

Ruslan Savchenko savrus at mexmat.net
Tue Mar 7 21:50:01 UTC 2006 

Hello!

I had a problem with using md5 passwords with this port (not crypt()ed
md5).

When I tried to set crypt=md5, I saw message

Mar  3 17:00:24 ssh login: pam_mysql - non-crypt()ish MD5 hash is not supported 
in this build.


Looking throw source shows that it depends on HAVE_PAM_MYSQL_MD5_DATA
definition. One way to get it defined is to have HAVE_MD5DATA defined
(and MD5Data() in md5.h). FreeBSD's sys/md5.h has MD5Data(), but no
HAVE_MD5DATA. If HAVE_MD5DATA is defined in pam_mysql.c md5 passwords
work well, so one way to fix this is to apply attached patch to
pam_mysql.c 


This looks like pr, but should I send it on such a problem? I'm
waiting for answer.



uname -a

FreeBSD shadow 5.4-RELEASE-p7 FreeBSD 5.4-RELEASE-p7 #0: Sun Sep 25
15:51:58 MSD 2005     root at boo.fds.:/usr/obj/usr/src/sys/BOO  i386


pkg_info -aI

bash-3.0.16_1       The GNU Project's Bourne Again SHell
emacs-21.3_8        GNU editing macros
gettext-0.14.5      GNU gettext package
gkrellm-2.2.7       A GTK based system monitor
glib-1.2.10_11      Some useful routines of C programming (previous stable vers
glib-2.6.6          Some useful routines of C programming (current stable versi
leim-21.3_1         Libraries of (GNU) Emacs Input Method
libiconv-1.9.2_1    A character set conversion library
libnss-mysql-1.5    NSS module using a MySQL database for backend
mc-4.6.1_2          Midnight Commander, a free Norton Commander Clone
mysql-client-4.1.14 Multithreaded SQL database (client)
nss_ldap-1.239      RFC 2307 NSS module
openldap-client-2.2.28 Open source LDAP client implementation
pam_ldap-1.8.0      A pam module for authenticating with LDAP
pam_mkhomedir-0.1   Create HOME with a PAM module on demand
pam_mysql-0.6.2     A pam module for authenticating with MySQL
perl-5.8.7          Practical Extraction and Report Language
pkgconfig-0.17.2    A utility to retrieve information about installed libraries
-------------- next part --------------
--- pam_mysql.c.old	Tue Mar  7 21:54:04 2006
+++ pam_mysql.c	Tue Mar  7 21:55:56 2006
@@ -121,6 +121,7 @@
 
 #ifndef HAVE_OPENSSL
 #ifdef HAVE_MD5_H
+#define HAVE_MD5DATA
 #include <md5.h>
 #endif

More information about the freebsd-ports mailing list