Bug#889811: gosa-encrypt-password is broken since PHP7.2's php-mcrypt removal
Wolfgang Schweer
w.schweer at gmx.de
Wed Feb 28 14:52:28 UTC 2018
On Wed, Feb 28, 2018 at 02:24:59PM +0100, Benjamin Zapiec wrote:
> the plugin uses gosaSupportDaemon for communication.
> This class uses mcrypt extension. That is the reason why
> it was removed.
>
> Using an incompatible openssl implementation is useless
> so the only other option is to provide further support
> for the Daemon. But this is most likely not to happen.
>
> Another way, I want to mention, is that it looks like
> the communication to the daemon can be unencrypted.
> This would allow the communication classes without
> mcrypt dependencies.
>
> But even if I wouldn't strongly recommend not
> to use unencrypted network traffic, the daemon
> remains unsupported.
>
> I don't know if there is a benefit in using this
> plugin without gosaSupportDaemon.
>
> If you do think so, tell me and I may revert the commit.
> Do you have a running setup with gosa-si?
Thanks for the feedback.
Debian Edu doesn't use gosa-si. AFAIK there's no need for the
gosaSupportDaemon as there's no communication happening; only the LDAP
related goto plugin features are needed.
It would be nice if the goto plugin could live on, stripped down like
that.
Wolfgang
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/debian-edu-pkg-team/attachments/20180228/508334a4/attachment.sig>
More information about the Debian-edu-pkg-team
mailing list