[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
* Simon Wilkinson <simon@sxw.org.uk> [031012 13:15]:
> Quanah Gibson-Mount wrote:
> >No. And when you build OpenLDAP with Kerberos support, make sure you
> >use Heimdal K5 and not MIT K5 at this time.
>
> Its not the OpenLDAP build that's the issue, but the Cyrus SASL one (the
> Kerberos calls come from SASL, not OpenLDAP). If you patch Cyrus SASL
> (my patches are available upon request) to mutex protect all of the
> calls to the GSSAPI libraries then you can run with MIT Kerberos without
> any issues.
I'll speak for many (I imagine); I'm very interested in looking at these
patches. Are you comfortable making them generally available? Have you
used them in a "production environment"?
Ben
--
---------------------------------------------------------------------------
Ben Poliakoff email: <benp@imap.reed.edu>
Reed College tel: (503)-788-6674
Unix System Administrator PGP key: http://www.reed.edu/~benp/key.html
---------------------------------------------------------------------------
0x6AF52019 fingerprint = A131 F813 7A0F C5B7 E74D C972 9118 A94D 6AF5 2019