[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Unable to build OpenLDAP with kerberos because of bug in configure script (ITS#3027)
The --kerberos flag never intended to be used in support of the
--with-cyrus-sasl flag. When using Cyrus SASL, you need to either
use properly built shared libraries (and hence automatically load
necessary dependencies) or use LIBS to back fill as necessary.
Kurt
At 05:19 AM 3/18/2004, boehm@nortelnetworks.com wrote:
>On Thu, Mar 18, 2004 at 12:56:20AM -0500, Kurt D. Zeilenga wrote:
>>>>>> "Kurt" == Kurt D Zeilenga <Kurt@OpenLDAP.org> writes:
>
>I am replying from a different email address because I mistakenly used
>the wrong address when I submitted my issue.
>
> Kurt> At 11:32 AM 3/17/2004, boehm@nc.rr.com wrote:
> >> Full_Name: Eric M. Boehm Version: 2.1.25 and 2.2.6 OS: Solaris
> >> 8 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL)
> >> (47.234.0.52)
> >>
> >>
> >> There is a bug in the configure script as of OpenLDAP 2.1.25
> >> and OpenLDAP 2.2.6
> >>
> >> Looking at lines 2802-2823 of configure for OpenLDAP 2.2.6,
> >> even if you specify --with-kerberos and --enable-kpasswd,
> >> configure never builds with kerberos because the code below
> >> sets --with-kerberos to no.
>
> Kurt> By design. These configure options are deprecated as are
> Kurt> the features they use to enable. Use {SASL} instead of
> Kurt> {KERBEROS}. See FAQ/archives of the software list for
> Kurt> additional information. This report will be closed as not
> Kurt> requiring further developer action.
>
>Thank you for your reply. I had some difficulty locating the
>information you suggested. I did search the archives before submitting
>my issue -- apparently not well enough.
>
>The problem I am seeing is that linking in libsasl2.a requires the
>libgssapi_krb5 from Kerberos. Even when building --with-kerberos worked, this
>library was not included.
>
>So ... even following the suggestions from the FAQ, i.e., building
>Cyrus SASL with Kerberos (which I did), I am having difficulty
>building OpenLDAP this way.
>
>This particular compile needs the Kerberos libraries
>
>cc -xarch=v9a -xarch=v9a -o apitest apitest.o -L/usr/local/lib -L/usr/local/sam
>ba/lib ./.libs/libldap.a /localdisk/software/source/SunOS/openldap-2.2.6/librari
>es/liblber/.libs/liblber.a -L/usr/local/openssl/lib ../../libraries/liblber/.lib
>s/liblber.a ../../libraries/liblutil/liblutil.a /usr/local/samba/lib/libsasl2.a
>-ldl -lgssapi_krb5 -lresolv -lgen -lnsl -lsocket -R/usr/local/samba/lib -R\$ORIG
>IN/../lib -R/usr/local/lib -R/../lib -R/usr/local/openssl/lib
>Undefined first referenced
> symbol in file
>gss_display_status /usr/local/samba/lib/libsasl2.a(gssapi.o)
>gss_unwrap /usr/local/samba/lib/libsasl2.a(gssapi.o)
>gss_delete_sec_context /usr/local/samba/lib/libsasl2.a(gssapi.o)
>EVP_DigestUpdate /usr/local/samba/lib/libsasl2.a(otp.o)
>gss_compare_name /usr/local/samba/lib/libsasl2.a(gssapi.o)
>EVP_cleanup /usr/local/samba/lib/libsasl2.a(otp.o)
>DES_key_sched /usr/local/samba/lib/libsasl2.a(digestmd5.o)
>DES_cbc_encrypt /usr/local/samba/lib/libsasl2.a(digestmd5.o)
>gss_release_cred /usr/local/samba/lib/libsasl2.a(gssapi.o)
>HMAC_Update /usr/local/samba/lib/libsasl2.a(ntlm.o)
>EVP_get_digestbyname /usr/local/samba/lib/libsasl2.a(otp.o)
>[...etc...]
>
>I did search OpenLDAP-Software for gssapi_krb5 -- only two messages
>that were not helpful.
>
>Sorry to be a pain but the only way I have been able to get OpenLDAP
>to build with SASL is to include Kerberos libraries -- which would
>normally be taken care of by the --with-kerberos switch, which is now
>deprecated.
>
>
>If there is a specific message or FAQ item that addresses this, I
>would appreciate a pointer -- I am having difficulty locating it.
>
>
>--
>Eric M. Boehm /"\ ASCII Ribbon Campaign
>boehm@nortelnetworks.com \ / No HTML or RTF in mail
> X No proprietary word-processing
>Respect Open Standards / \ files in mail