[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unable to build OpenLDAP with kerberos because of bug in configure script (ITS#3027)

On Thu, Mar 18, 2004 at 12:56:20AM -0500, Kurt D. Zeilenga wrote:
>>>>> "Kurt" == Kurt D Zeilenga <Kurt@OpenLDAP.org> writes:

I am replying from a different email address because I mistakenly used
the wrong address when I submitted my issue.

    Kurt> At 11:32 AM 3/17/2004, boehm@nc.rr.com wrote:
    >> Full_Name: Eric M. Boehm Version: 2.1.25 and 2.2.6 OS: Solaris
    >> 8 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL)
    >> (
    >> There is a bug in the configure script as of OpenLDAP 2.1.25
    >> and OpenLDAP 2.2.6
    >> Looking at lines 2802-2823 of configure for OpenLDAP 2.2.6,
    >> even if you specify --with-kerberos and --enable-kpasswd,
    >> configure never builds with kerberos because the code below
    >> sets --with-kerberos to no.

    Kurt> By design.  These configure options are deprecated as are
    Kurt> the features they use to enable.  Use {SASL} instead of
    Kurt> {KERBEROS}.  See FAQ/archives of the software list for
    Kurt> additional information.  This report will be closed as not
    Kurt> requiring further developer action.

Thank you for your reply. I had some difficulty locating the
information you suggested. I did search the archives before submitting
my issue -- apparently not well enough.

The problem I am seeing is that linking in libsasl2.a requires the
libgssapi_krb5 from Kerberos. Even when building --with-kerberos worked, this
library was not included.

So ... even following the suggestions from the FAQ, i.e., building
Cyrus SASL with Kerberos (which I did), I am having difficulty
building OpenLDAP this way.

This particular compile needs the Kerberos libraries

cc -xarch=v9a -xarch=v9a -o apitest apitest.o  -L/usr/local/lib -L/usr/local/sam
ba/lib ./.libs/libldap.a /localdisk/software/source/SunOS/openldap-2.2.6/librari
es/liblber/.libs/liblber.a -L/usr/local/openssl/lib ../../libraries/liblber/.lib
s/liblber.a ../../libraries/liblutil/liblutil.a /usr/local/samba/lib/libsasl2.a 
-ldl -lgssapi_krb5 -lresolv -lgen -lnsl -lsocket -R/usr/local/samba/lib -R\$ORIG
IN/../lib -R/usr/local/lib -R/../lib -R/usr/local/openssl/lib
Undefined                       first referenced
 symbol                             in file
gss_display_status                  /usr/local/samba/lib/libsasl2.a(gssapi.o)
gss_unwrap                          /usr/local/samba/lib/libsasl2.a(gssapi.o)
gss_delete_sec_context              /usr/local/samba/lib/libsasl2.a(gssapi.o)
EVP_DigestUpdate                    /usr/local/samba/lib/libsasl2.a(otp.o)
gss_compare_name                    /usr/local/samba/lib/libsasl2.a(gssapi.o)
EVP_cleanup                         /usr/local/samba/lib/libsasl2.a(otp.o)
DES_key_sched                       /usr/local/samba/lib/libsasl2.a(digestmd5.o)
DES_cbc_encrypt                     /usr/local/samba/lib/libsasl2.a(digestmd5.o)
gss_release_cred                    /usr/local/samba/lib/libsasl2.a(gssapi.o)
HMAC_Update                         /usr/local/samba/lib/libsasl2.a(ntlm.o)
EVP_get_digestbyname                /usr/local/samba/lib/libsasl2.a(otp.o)

I did search OpenLDAP-Software for gssapi_krb5 -- only two messages
that were not helpful.

Sorry to be a pain but the only way I have been able to get OpenLDAP
to build with SASL is to include Kerberos libraries -- which would
normally be taken care of by the --with-kerberos switch, which is now

If there is a specific message or FAQ item that addresses this, I
would appreciate a pointer -- I am having difficulty locating it.

Eric M. Boehm                  /"\  ASCII Ribbon Campaign
boehm@nortelnetworks.com       \ /  No HTML or RTF in mail
                                X   No proprietary word-processing
Respect Open Standards         / \  files in mail