[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP



Simon Wilkinson <simon@sxw.org.uk> wrote:
> 
> Quanah Gibson-Mount wrote:
> > No.  And when you build OpenLDAP with Kerberos support, make sure you 
> > use Heimdal K5 and not MIT K5 at this time. 
> 
> Its not the OpenLDAP build that's the issue, but the Cyrus SASL one (the 
> Kerberos calls come from SASL, not OpenLDAP). If you patch Cyrus SASL 
> (my patches are available upon request) to mutex protect all of the 
> calls to the GSSAPI libraries then you can run with MIT Kerberos without 
> any issues.

No offense intended, Simon, but I try to use un-third-party-patched
stuff as much as I can, where production systems are concerned.

But I will take your comments under advisement... *urg*  especially as
I observed, as I was typing this, that the Heimdal Kerberos build just
chocked with a couple of ``missing terminating " character'' errors
:/.  *sigh*

I had a feeling this was going to be a hair-pulling exercise :(.  And
me with not much left to pull...

-- 
Jim Seymour                  | PGP Public Key available at:
jseymour@LinxNet.com         | http://www.uk.pgp.net/pgpnet/pks-commands.html
http://jimsun.LinxNet.com    |