[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: openldap/sasl/krb5 authentication question:
> -----Original Message-----
> From: jhallum@tymora.astro.lsa.umich.edu
> [mailto:jhallum@tymora.astro.lsa.umich.edu]On Behalf Of Jeremy Hallum
> On Thu, 18 Dec 2003, Howard Chu wrote:
>
> > > krb5-*-1.2.7-14
> >
> > One more problem - MIT Kerberos is not thread-safe and
> *will* crash when used
> > by slapd. Use Heimdal instead.
> >
>
> Are you referring to the server side of kerberos?
> Thankfully the
> kdc is some place else, so this might not be a problem.
The KDC is not the issue, the problem is the Kerberos libraries that get
linked. If you're using SASL/GSSAPI and the gssapi module is linked against
the MIT libraries, then you have a problem. All of this has been covered
before on this mailing list, search the archives if you want more details.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support