[Date Prev][Date Next]
Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP
Simon Wilkinson <firstname.lastname@example.org> wrote:
> Quanah Gibson-Mount wrote:
> > No. And when you build OpenLDAP with Kerberos support, make sure you
> > use Heimdal K5 and not MIT K5 at this time.
> Its not the OpenLDAP build that's the issue, but the Cyrus SASL one (the
> Kerberos calls come from SASL, not OpenLDAP). If you patch Cyrus SASL
> (my patches are available upon request) to mutex protect all of the
> calls to the GSSAPI libraries then you can run with MIT Kerberos without
> any issues.
No offense intended, Simon, but I try to use un-third-party-patched
stuff as much as I can, where production systems are concerned.
But I will take your comments under advisement... *urg* especially as
I observed, as I was typing this, that the Heimdal Kerberos build just
chocked with a couple of ``missing terminating " character'' errors
I had a feeling this was going to be a hair-pulling exercise :(. And
me with not much left to pull...
Jim Seymour | PGP Public Key available at:
jseymour@LinxNet.com | http://www.uk.pgp.net/pgpnet/pks-commands.html