[Date Prev][Date Next] [Chronological] [Thread] [Top]

FreeBSD 4.3 and SASL

To: "'openldap-software@OpenLDAP.org'" <openldap-software@OpenLDAP.org>
Subject: FreeBSD 4.3 and SASL
From: "MCGLADREY, KAYNE A" <KAYMCG@SAFECO.com>
Date: Mon, 24 Sep 2001 15:44:04 -0700

Hello everyone,

I've been working on getting OpenLDAP 2.0.11 to work with SASL for some time
now.  At last count, I had spent 75 hours on this task.  I was running Red
Hat 7.1.  I've recently been informed by the company that I work with that
Linux isn't appropriate; FreeBSD is the preferred platform.  Platform
arguments aside, I need to make this work.

The objective is to encrypt the username and password of the replication
account as it travels over the wire.  Replication data can be transferred in
plain text - there is no data that has been designated as "sensitive".  My
understanding after many, many hours is that SASL is the key to getting this
to work.

I have spent 10 hours so far attempting to compile OpenLDAP on FreeBSD 4.3
RELEASE with the required SASL support.

Here is the issue I have encountered:
checking for sasl.h... no
configure: warning: Could not locate Cyrus SASL
configure: warning: SASL authentication not supported!

The configure command I used was:
env CPPGLAGS="-I/usr/local/include/sasl" LDFLGS="-L/usr/local/lib
-L/usr/local/lib/sasl" ./configure --enable-login --disable-krb4
--disable-gssapi --with-des=/usr/include/openssl/ --without-kerberos
--disable-kpasswd --with-cyrus-sasl-includes=/usr/local/include/sasl/
--with-cyrus-sasl-libraries=/usr/local/lib/sasl/

As I understand the error message, the compiler cannot find the file sasl.h.
Here's the relevant excerpt from config.log:
configure:13464: checking for sasl.h
configure:13474: cc -E  conftest.c >/dev/null 2>conftest.out
configure:13470: sasl.h: No such file or directory
configure: failed program was:
#line 13469 "configure"
#include "confdefs.h"
#include <sasl.h>

In the configure command I used, I've set the "with-cyrus-sasl-includes"
path to /usr/local/include/sasl.  Here's the directory listing:
[root@server openldap-2.0.11]# ls /usr/local/include/sasl/
total 63
drwxr-xr-x  2 root  wheel    512 Sep 24 11:15 ./
drwxr-xr-x  5 root  wheel    512 Sep 24 11:15 ../
-r--r--r--  1 root  wheel   1262 Aug 11 19:22 hmac-md5.h
-r--r--r--  1 root  wheel   1432 Aug 11 19:22 md5.h
-r--r--r--  1 root  wheel   1007 Aug 11 19:22 md5global.h
-r--r--r--  1 root  wheel  35390 Aug 11 19:22 sasl.h
-r--r--r--  1 root  wheel  17530 Aug 11 19:22 saslplug.h
-r--r--r--  1 root  wheel   2560 Aug 11 19:22 saslutil.h

The file is to be there, and it's readable by root.

For your reference, here are the packages that I have installed:
[root@server openldap-2.0.11]# pkg_info
OpenSSH-2.9_3       OpenBSD's secure shell client and server (remote login
prog
bash-2.05           The GNU Bourne Again Shell
cvsup-bin-16.1      A general network file distribution system optimized for
CV
cyrus-sasl-1.5.24_6 RFC 2222 SASL (Simple Authentication and Security Layer)
db3-3.2.9_2,1       The Berkeley DB package, revision 3
gettext-0.10.35     GNU gettext package
ispell-3.1.20c_2    An interactive spelling checker for multiple languages
libslang-1.4.4_1    Routines for rapid alpha-numeric terminal applications
deve
lynx-2.8.3.1        A non-graphical, text-based World-Wide Web client
mutt-1.2.5          The Mongrel of Mail User Agents (part Elm, Pine, Mush,
mh,
tcl-8.2.3           Tool Command Language
urlview-0.9         URL extractor/launcher

I would appreciate an answer, a hint, or guidance on how to best proceed.
After a cumulative 85 hours on this topic, I will not find humor in the
following "answers":
  * "Read the manpage for slapd.conf"
  * "There are hints in the archives"
  * "Check to see if the sample-client and sample-server with SASL are
working"

Thanks in advance,


Kayne McGladrey
kaymcg@safeco.com

Follow-Ups:
- Re: FreeBSD 4.3 and SASL
  - From: Turbo Fredriksson <turbo@bayour.com>

Prev by Date: Re: ldappasswd(1)
Next by Date: ACL Detailed Documentation?
Index(es):
- Chronological
- Thread