Spil Oss wrote:
Hi Howard,
Thanks for the pointer. --enable-lmpasswd was indeed enabled in the FreeBSD port. Notifying maintainer of port to switch it off and provided a patch for the port. Hope the patch I created for OpenLDAP is usable after all! Deprecated code in a function that should not be used, would it not be better to remove it completely? (or is that violating the RFCs?)
Very likely we should remove it. Will queue that up for 2.5. 2.4 is end-of-life and feature-frozen so nothing will be added or removed from it.
Kind regards,
Bernard.
On Wed, Nov 5, 2014 at 5:48 PM, Howard Chu hyc@symas.com wrote:
spil.oss@gmail.com wrote:
Full_Name: Bernard Spil Version: 2.4.40 OS: FreeBSD 10.1-RC2 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (185.9.255.20)
When compiling OpenLDAP against the LibreSSL OpenSSL fork, compilation fails because deprecated types and functions are used. These types and functions have been marked deprecated by OpenSSL since 2002 and moved from des.h to des_old.h. LibreSSL removed these deprecated types and functions in April 2014 see
https://github.com/libressl-portable/openbsd/commit/e0d211052a6946b9f8af1123...
From the make output:
It appears you're compiling with the old LANMAN hash support. Nobody should be using LANMAN any more, it's trivially insecure. I'm inclined to ignore this ITS.
-
hyc@symas.com