[Date Prev][Date Next] [Chronological] [Thread] [Top]

newbie openldap/sasl question ...

To: openldap-software@OpenLDAP.org
Subject: newbie openldap/sasl question ...
From: Adam Shand <larry@spack.org>
Date: Wed, 24 Jan 2001 18:35:45 -0800 (PST)

hi.

i'm in the process of building openldap solaris packages and trying to do
it the "right way" with sasl/openssl etc.  i'm getting there (slowly) but
i have a couple questions.

first i don't quite understand why i need/want sasl?  i understand that
it's an authentication library, however so long as it's using openssl for
tls shouldn't simple authentications be secure?  further my intention is
to use ldap to store user authentication information for access via pam
(instead of passwd/shadow/etc) so i don't understand the purpose of
wanting an external authentication file to ldap (ie. sasldb).  the reason
i'm installing it is because of the note that it won't be fully v3 without
sasl and i'm worried about client interoperability.

i assume i'm misunderstanding something, what do i loose by not having
openldap linked to the sasl libraries?

second i can't get it to recognise the sasl libraries.  i compiled sasl
like this (might be wrong but it worked for someone on my postfix list and
seemed like a reasonable place to start) this is what i'm doing:

# export LDFLAGS="-L/usr/local/BerkeleyDB.3.1/lib -R/usr/local/BerkeleyDB.3.1/lib"
# export CPPFLAGS="-I/usr/local/BerkeleyDB.3.1/include"
# ./configure  --enable-login --disable-krb4 --disable-gssapi --disable-anon

and openldap like this:

# export LDFLAGS="-L/usr/local/BerkeleyDB.3.1/lib -L/usr/local/sasl"
# export CPPFLAGS="-I/usr/local/BerkeleyDB.3.1/include"
# ./configure --enable-wrappers --with-cyrus-sasl

and the error i'm getting is:

checking for sasl.h... yes
checking for sasl_client_init in -lsasl... no
configure: error: Could not locate Cyrus SASL

and when i look in config.log it looks like the problem is with sasl
finding the berkely db libraries?

configure:13274: checking for sasl.h
configure:13284: gcc -E -I/usr/local/BerkeleyDB.3.1/include conftest.c
>/dev/nul
l 2>conftest.out
configure:13313: checking for sasl_client_init in -lsasl
configure:13332: gcc -o conftest -g -O2
-I/usr/local/BerkeleyDB.3.1/include -L/u
sr/local -L/usr/local/BerkeleyDB.3.1/lib conftest.c -lsasl  -lnsl -lresolv
-lgen
 -lnsl -lsocket  1>&5
Undefined                       first referenced
 symbol                             in file
db_create                           /usr/local/lib/libsasl.so
ld: fatal: Symbol referencing errors. No output written to conftest
collect2: ld returned 1 exit status
configure: failed program was:
#line 13321 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error.  */
/* We use char because int might match the return type of a gcc2
    builtin and then its argument prototype would still apply.  */
char sasl_client_init();

any advice would be much appreciated.

thanks,
adam.

Follow-Ups:
- Re: newbie openldap/sasl question ...
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: About 1GB records - 1MB records
Next by Date: Re: some important questions....
Index(es):
- Chronological
- Thread