[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP

To: openldap-software@OpenLDAP.org
Subject: Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
From: jseymour@LinxNet.com (Jim Seymour)
Date: Mon, 13 Oct 2003 13:32:57 -0400 (EDT)
In-reply-to: <3F89B24B.3050809@sxw.org.uk>

Simon Wilkinson <simon@sxw.org.uk> wrote:
> 
> Quanah Gibson-Mount wrote:
> > No.  And when you build OpenLDAP with Kerberos support, make sure you 
> > use Heimdal K5 and not MIT K5 at this time. 
> 
> Its not the OpenLDAP build that's the issue, but the Cyrus SASL one (the 
> Kerberos calls come from SASL, not OpenLDAP). If you patch Cyrus SASL 
> (my patches are available upon request) to mutex protect all of the 
> calls to the GSSAPI libraries then you can run with MIT Kerberos without 
> any issues.

No offense intended, Simon, but I try to use un-third-party-patched
stuff as much as I can, where production systems are concerned.

But I will take your comments under advisement... *urg*  especially as
I observed, as I was typing this, that the Heimdal Kerberos build just
chocked with a couple of ``missing terminating " character'' errors
:/.  *sigh*

I had a feeling this was going to be a hair-pulling exercise :(.  And
me with not much left to pull...

-- 
Jim Seymour                  | PGP Public Key available at:
jseymour@LinxNet.com         | http://www.uk.pgp.net/pgpnet/pks-commands.html
http://jimsun.LinxNet.com    |

Follow-Ups:
- Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
  - From: Chris Whalen <christopher.whalen@cchmc.org>
- Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

References:
- Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
  - From: Simon Wilkinson <simon@sxw.org.uk>

Prev by Date: Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
Next by Date: Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
Index(es):
- Chronological
- Thread