Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP

[Quanah Gibson-Mount <quanah@stanford.edu>]

--On Monday, October 13, 2003 9:13 PM +0100 Simon Wilkinson 
<simon@sxw.org.uk> wrote:

> Ben Poliakoff wrote:
>
> > I'll speak for many (I imagine); I'm very interested in looking at these
> > patches.  Are you comfortable making them generally available?
>
> I've (finally) got around to submitting these to the Cyrus SASL folks:
>
> https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2255
>
> I think Debian were looking at including them in their SASL package, too.
>
> > Have you used them in a "production environment"?
>
> Yes, we're using them live. We've been doing so for the last few months
> with Cyrus SASL 2.1.15, and before that with 1.5.28. We haven't seen any
> threading-related issues in that time.
>
> (Running without them on a hyperthreaded dual-processor machine fairly
> rapidly leads to data corruption and crashes in the Kerberos library)

Helpful, but this still doesn't address the underlying issues with MIT 
Kerberos, which is what they want to get fixed, to make these sorts of 
patches unnecessary. ;)

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html