[Date Prev][Date Next] [Chronological] [Thread] [Top]

openldap with TLS/SSL ???

To: openssl-users@openssl.org, openldap-software@OpenLDAP.org
Subject: openldap with TLS/SSL ???
From: Lara Adianto <m1r4cle_26@yahoo.com>
Date: Tue, 16 Mar 2004 02:55:27 -0800 (PST)

Hello,

Firstly, I'm a newbie of openssl,openldap,sasl,and
kerberos and I'm not sure whether this question is
supposed to be sent to openssl or openldap forum...
anyway, I sent to both...

What I want to achieve is an openldap server with
GSSAPI mechanism (using MIT Kerberos-1.3.2)and TLS/SSL
support.

Until now, I have managed to include GSSAPI and
Digest-MD5 in my openldap server (2.1.25)...so my next
goal is to include TLS/SSL support.

I have built openssl-0.9.6l and used it in cyrus-sasl
compilation without any problem. But, I failed to
recompile openldap with 'with-tls'.

These are the steps to reproduce the problem:
*** OpenSSL installation ***
shell% ./configure shared --openssldir=/usr/lib/ssl
shell% make -f Makefile.ssl all
shell% make -f Makefile.ssl install 

*** Building OpenLDAP ***
shell% CPPFLAGS="-I/usr/local/BerkeleyDB.4.1/include
-I/usr/local/ssl/include/openssl"
LDFLAGS="-L/usr/local/BerkeleyDB.4.1/lib
-L/usr/local/ssl/lib" ./configure --prefix=/usr
--libexecdir=/usr/sbin --sysconfdir=/etc
--localstatedir=/var/run --enable-debug --disable-ipv6
--with-cyrus-sasl --with-tls --enable-crypt
--enable-spasswd --enable-ldbm --enable-wrappers
--disable-cleartext --disable-rlookups --enable-slapd
--without-threads --enable-passwd --enable-kpasswd
shell% make depend
shell% make clean
shell% make
...
In file included from /usr/include/openssl/ssl.h:179,
                 from tls.c:33:
/usr/include/openssl/kssl.h:134: parse error before
'*' token
/usr/include/openssl/kssl.h:147: parse error before
'*' token
/usr/include/openssl/kssl.h:148: parse error before
'*' token
/usr/include/openssl/kssl.h:149: parse error before
'*' token
/usr/include/openssl/kssl.h:149: parse error before
'*' token
/usr/include/openssl/kssl.h:150: parse error before
'*' token
/usr/include/openssl/kssl.h:151: parse error before
'*' token
/usr/include/openssl/kssl.h:153: parse error before
'*' token
/usr/include/openssl/kssl.h:155: parse error before
'*' token
/usr/include/openssl/kssl.h:157: parse error before
'*' token
/usr/include/openssl/kssl.h:165: parse error before
'*' token
In file included from tls.c:33:
/usr/include/openssl/ssl.h:909: parse error before
"KSSL_CTX"
/usr/include/openssl/ssl.h:931: parse error before '}'
token
make[2]: *** [tls.lo] Error 1
make[2]: Leaving directory
`/usr/local/openldap-2.1.25/libraries/libldap'
make[1]: *** [all-common] Error 1
make[1]: Leaving directory
`/usr/local/openldap-2.1.25/libraries'
make: *** [all-common] Error 1

Strangely, I have explicitly pointed out (in CPPFLAGS
and LDFLAGS) that openssl library and include files
are in /usr/local/ssl/lib and
/usr/local/ssl/include/openssl but it seems that the
compiler still look for the include files in
/usr/include/openssl...

I know that this problem has been posted before, but
seems that no worthy suggestions or solutions have
been provided yet...so I try my luck this time :P

cheers,
lara

=====
------------------------------------------------------------------------------------ 
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
                                                                        - Guy de Maupassant -
------------------------------------------------------------------------------------

__________________________________
Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam
http://mail.yahoo.com

Follow-Ups:
- Re: openldap with TLS/SSL ???
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: The real suffix alias?
Next by Date: Re: server current time
Index(es):
- Chronological
- Thread