[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP



I think you may need these two patches.

> Simon Wilkinson <simon@sxw.org.uk> wrote:
>> 
>> Quanah Gibson-Mount wrote:
>>> No.  And when you build OpenLDAP with Kerberos support, make sure you
>>> use Heimdal K5 and not MIT K5 at this time.
>> 
>> Its not the OpenLDAP build that's the issue, but the Cyrus SASL one (the
>> Kerberos calls come from SASL, not OpenLDAP). If you patch Cyrus SASL
>> (my patches are available upon request) to mutex protect all of the
>> calls to the GSSAPI libraries then you can run with MIT Kerberos without
>> any issues.
> 
> No offense intended, Simon, but I try to use un-third-party-patched
> stuff as much as I can, where production systems are concerned.
> 
> But I will take your comments under advisement... *urg*  especially as
> I observed, as I was typing this, that the Heimdal Kerberos build just
> chocked with a couple of ``missing terminating " character'' errors
> :/.  *sigh*
> 
> I had a feeling this was going to be a hair-pulling exercise :(.  And
> me with not much left to pull...

Attachment: db3.diff
Description: Binary data

Attachment: ndbm_wrap.diff
Description: Binary data