[Date Prev][Date Next]
Re: FreeBSD 4.3 and SASL
At 03:44 PM 2001-09-24, MCGLADREY, KAYNE A wrote:
>I've been working on getting OpenLDAP 2.0.11 to work with SASL for some time
>now. At last count, I had spent 75 hours on this task. I was running Red
>Hat 7.1. I've recently been informed by the company that I work with that
>Linux isn't appropriate; FreeBSD is the preferred platform. Platform
>arguments aside, I need to make this work.
>The objective is to encrypt the username and password of the replication
>account as it travels over the wire. Replication data can be transferred in
>plain text - there is no data that has been designated as "sensitive". My
>understanding after many, many hours is that SASL is the key to getting this
>I have spent 10 hours so far attempting to compile OpenLDAP on FreeBSD 4.3
>RELEASE with the required SASL support.
>Here is the issue I have encountered:
>checking for sasl.h... no
>configure: warning: Could not locate Cyrus SASL
>configure: warning: SASL authentication not supported!
>The configure command I used was:
>env CPPGLAGS="-I/usr/local/include/sasl" LDFLGS="-L/usr/local/lib
>-L/usr/local/lib/sasl" ./configure --enable-login --disable-krb4
>--disable-gssapi --with-des=/usr/include/openssl/ --without-kerberos
Seems you are making up arguments to configure (and making a
number of typos: CPPGFLAGS, LDFLGS. See "./configure --help"
for the list of supported arguments.
Since you appear to be using FreeBSD ports, you might try
using the OpenLDAP2 port. If nothing else, it's Makefile
will likely provide some insight as to the required flags.
On FreeBSD 4.4, I use:
env CPPFLAGS="-I/usr/local/include /usr/local/include/sasl" \
Note that don't have a linker arguments to add /usr/local/lib to
my rpath as I have in my rc.conf:
I also tend to use modified ports as I'm particular about
versions, modifications, and placement. So, your mileage
>As I understand the error message, the compiler cannot find the file sasl.h.
>Here's the relevant excerpt from config.log:
>configure:13464: checking for sasl.h
>configure:13474: cc -E conftest.c >/dev/null 2>conftest.out
>configure:13470: sasl.h: No such file or directory
>configure: failed program was:
>#line 13469 "configure"
>In the configure command I used, I've set the "with-cyrus-sasl-includes"
>path to /usr/local/include/sasl. Here's the directory listing:
>[root@server openldap-2.0.11]# ls /usr/local/include/sasl/
>drwxr-xr-x 2 root wheel 512 Sep 24 11:15 ./
>drwxr-xr-x 5 root wheel 512 Sep 24 11:15 ../
>-r--r--r-- 1 root wheel 1262 Aug 11 19:22 hmac-md5.h
>-r--r--r-- 1 root wheel 1432 Aug 11 19:22 md5.h
>-r--r--r-- 1 root wheel 1007 Aug 11 19:22 md5global.h
>-r--r--r-- 1 root wheel 35390 Aug 11 19:22 sasl.h
>-r--r--r-- 1 root wheel 17530 Aug 11 19:22 saslplug.h
>-r--r--r-- 1 root wheel 2560 Aug 11 19:22 saslutil.h
>The file is to be there, and it's readable by root.
>For your reference, here are the packages that I have installed:
>[root@server openldap-2.0.11]# pkg_info
>OpenSSH-2.9_3 OpenBSD's secure shell client and server (remote login
>bash-2.05 The GNU Bourne Again Shell
>cvsup-bin-16.1 A general network file distribution system optimized for
>cyrus-sasl-1.5.24_6 RFC 2222 SASL (Simple Authentication and Security Layer)
>db3-3.2.9_2,1 The Berkeley DB package, revision 3
>gettext-0.10.35 GNU gettext package
>ispell-3.1.20c_2 An interactive spelling checker for multiple languages
>libslang-1.4.4_1 Routines for rapid alpha-numeric terminal applications
>lynx-126.96.36.199 A non-graphical, text-based World-Wide Web client
>mutt-1.2.5 The Mongrel of Mail User Agents (part Elm, Pine, Mush,
>tcl-8.2.3 Tool Command Language
>urlview-0.9 URL extractor/launcher
>I would appreciate an answer, a hint, or guidance on how to best proceed.
>After a cumulative 85 hours on this topic, I will not find humor in the
> * "Read the manpage for slapd.conf"
> * "There are hints in the archives"
> * "Check to see if the sample-client and sample-server with SASL are
>Thanks in advance,