[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: openldap/sasl/krb5 authentication question:



> -----Original Message-----
> From: jhallum@tymora.astro.lsa.umich.edu
> [mailto:jhallum@tymora.astro.lsa.umich.edu]On Behalf Of Jeremy Hallum

> On Thu, 18 Dec 2003, Howard Chu wrote:
>
> > > krb5-*-1.2.7-14
> >
> > One more problem - MIT Kerberos is not thread-safe and
> *will* crash when used
> > by slapd. Use Heimdal instead.
> >
>
> 	Are you referring to the server side of kerberos?
> Thankfully the
> kdc is some place else, so this might not be a problem.

The KDC is not the issue, the problem is the Kerberos libraries that get
linked. If you're using SASL/GSSAPI and the gssapi module is linked against
the MIT libraries, then you have a problem. All of this has been covered
before on this mailing list, search the archives if you want more details.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support