[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS/SASL/Kerberos (was: Coordination of efforts)

A few hints on how I got most everything to compile
and link on my FreeBSD 3.4 box.


RSAref 2.0 1996 (from ports)
	install hacks code, renames headers, etc. to avoid conflicts
	with OpenSSL.
OpenSSL 0.9.5a (from ports)
       ./config --prefix=${PREFIX} --openssldir=${PREFIX}/openssl \
       	rsaref -L${PREFIX}/lib	
Heimdal Kerberos 0.2r (from ports)
	--prefix=${PREFIX} --enable-shared
BerkeleyDB 2.7.7 (from ports + rename back to -ldb)
	installs in ${PREFIX}/{include/lib} as {db.h,-ldb}	
Cyrus SASL 1.5.15: (from ports)
	 ./configure --prefix=${PREFIX} \
        --sysconfdir=${PREFIX}/etc \
        --with-plugindir=${PREFIX}/lib/sasl \
        --with-dbpath=${PREFIX}/etc/sasldb \
        --includedir=${PREFIX}/include/sasl \
        --enable-static \
        --enable-login \
        --with-pwcheck=/var/pwcheck \
OpenLDAP devel
	env CPPFLAGS="-I/usr/local/include -I/usr/local/include/sasl" \
		LDFLAGS="-L/usr/local/lib" ./configure

(note: relocate of sasl headers into a subdir avoids clashings)

Initial, I build Cyrus using Berkeley DB 1.86+ (FreeBSD provided)
This worked well (sample client/server), excepting DIGEST-MD5
(dynamic linking problem).  I've had problems since upgrading
to Cyrus SASL 1.5.21 and Berkeley DB 2.7.7 (because OpenLDAP
prefers 2.7.7 and I didn't want to worry about having two
DBMs codes in one executable).  Now everything fails.

I haven't been able to test, excepting ANONYMOUS, the reworked
SASL code in slapd due to the above problems and other commitments.
I'm going to rebuild Cyrus SASL to use BDB 1.86 which should safely
coexist with BDB 2.7.7 this weekend so that test CRAM-MD5 and GSSAPI.
I solve my DIGEST-MD5 dynamic linking issues later.

At 07:51 PM 5/19/00 -0700, Booker C. Bense wrote:
>On Fri, 19 May 2000, Kurt D. Zeilenga wrote:
>> Please remember to coordinate your development efforts
>> by keeping this list informed.  This will reduce duplicate
>> efforts.
>- Well, I'm working on getting TSL, cyrus SASL K4 and GSSAPI to 
>work. Frankly, just getting everything to compile is pretty 
>taxing at this point. I'm not doing any developement yet, just
>- Booker C. Bense