[Date Prev][Date Next] [Chronological] [Thread] [Top]
Complete novice with OpenLDAP

To: openldap-software@OpenLDAP.org
Subject: Complete novice with OpenLDAP
From: Jim <ldap@vros.demon.co.uk>
Date: Tue, 20 Apr 2004 23:52:00 +0100
Content-disposition: inline
User-agent: KMail/1.5.1
Hi all,

I was wondering if any of you nice folks could help a complete noob with 
compiling and installing a clean LDAP v3 compliant install of OpenLDAP and 
its dependencies so that I can learn all about it and play with it a little.
I'm trying to write a J2EE java project that requires the use of LDAP in its 
authentication procedure.

I was looking around on the web and discovered that my distro (SusE 8.2) 
suffers from a security flaw in Openssl and a few other things.  So in order 
to avoid the flaws I downloaded the latest stable sources of all of the 
dependencies for OpenLDAP and I'd like to get comfortable with all of it in 
its own little sandbox before I unleash it on anything else.

Here's a list of what I've done so far:

Building Openssl
----------------------
1)tar zxvf openssl-0.9.7d.tar.gz
cd openssl-0.9.7d

2)./config --prefix=/data1/opensslLH --openssldir=/data1/openssl

3)make
make test
make install

So far everything worked, the built-in tests worked fine and it's happy to 
respond to a 'openssl genrsa' command.

In the openssldir (i.e. /data1/openssl) dir the following are installed:
certs/ lib/ man/ misc/ private/ openssl.cnf

In the prefix dir (i.e /data1/opensslLH) the following are installed:
bin/ include/ lib/

As root PREPEND the library directory to /etc/ld.so.conf
/data1/opensslLH/lib
...
...

and then run ldconfig to initiate the path.

Building Sleepycat Berkeley DB
-----------------------------------------
1)tar zxvf db-4.2.52.NC.tar.gz
2)copy the patch files in to the root of the untarred source tree
cp patch.4.2.52.1 db-4.2.52.NC/
cp patch.4.2.52.2 db-4.2.52.NC/

3)apply the patches to the code tree root
cd db-4.2.52.NC/
patch -p0 < patch.4.2.52.1
patch -p0 < patch.4.2.52.2

4)Now we're ready to configure!

cd build_unix
../dist/configure --prefix=/data1/bdb

make
make install

5)As root PREPEND the library path in /etc/ld.so.conf
/data1/bdb/lib
...
...

and run ldconfig to re-initialize.

Building SASL
I downloaded and attempted to compile the SASL 2.1.18
Source code 

All I seem to be getting when doing a ./configure (and I'll spare you most of 
the spam) are messages like:
configure: WARNING: Disabling SASL authentication database support
configure: WARNING: OpenSSL not found -- OTP will be disabled
configure: WARNING: OpenSSL not found -- SRP will be disabled
configure: WARNING: Disabling GSSAPI - no include files found
configure: WARNING: OpenSSL not found -- NTLM will be disabled

and sure enough when trying to build this using make, it barfs with the 
following:
digestmd5.c:77:19: des.h: No such file or directory
digestmd5.c:736: error: parse error before "des_key_schedule"
digestmd5.c:736: warning: no semicolon at end of struct or union
digestmd5.c:737: warning: type defaults to `int' in declaration of `ivec'
digestmd5.c:737: warning: data definition has no type or storage class
digestmd5.c:738: error: parse error before "keysched2"
digestmd5.c:738: warning: type defaults to `int' in declaration of `keysched2'
digestmd5.c:738: warning: data definition has no type or storage class
digestmd5.c: In function `dec_3des':
digestmd5.c:773: warning: implicit declaration of function 
`des_ede2_cbc_encrypt'
digestmd5.c:776: error: dereferencing pointer to incomplete type
digestmd5.c:777: error: dereferencing pointer to incomplete type
digestmd5.c:778: error: dereferencing pointer to incomplete type
digestmd5.c:779: error: `DES_DECRYPT' undeclared (first use in this function)
digestmd5.c:779: error: (Each undeclared identifier is reported only once
digestmd5.c:779: error: for each function it appears in.)
digestmd5.c: In function `enc_3des':
digestmd5.c:824: error: dereferencing pointer to incomplete type
digestmd5.c:825: error: dereferencing pointer to incomplete type
digestmd5.c:826: error: dereferencing pointer to incomplete type
digestmd5.c:827: error: `DES_ENCRYPT' undeclared (first use in this function)
digestmd5.c: In function `init_3des':
digestmd5.c:842: error: invalid application of `sizeof' to an incomplete type
digestmd5.c:847: warning: implicit declaration of function `des_key_sched'
digestmd5.c:847: error: `des_cblock' undeclared (first use in this function)
digestmd5.c:847: error: parse error before ')' token
digestmd5.c:851: error: parse error before ')' token
digestmd5.c:853: error: dereferencing pointer to incomplete type
digestmd5.c:858: error: increment of pointer to unknown structure
digestmd5.c:858: error: arithmetic on pointer to an incomplete type
digestmd5.c:860: error: parse error before ')' token
digestmd5.c:864: error: parse error before ')' token
digestmd5.c:867: error: dereferencing pointer to incomplete type
digestmd5.c: In function `dec_des':
digestmd5.c:891: warning: implicit declaration of function `des_cbc_encrypt'
digestmd5.c:894: error: dereferencing pointer to incomplete type
digestmd5.c:895: error: dereferencing pointer to incomplete type
digestmd5.c:896: error: `DES_DECRYPT' undeclared (first use in this function)
digestmd5.c:900: error: dereferencing pointer to incomplete type
digestmd5.c: In function `enc_des':
digestmd5.c:945: error: dereferencing pointer to incomplete type
digestmd5.c:946: error: dereferencing pointer to incomplete type
digestmd5.c:947: error: `DES_ENCRYPT' undeclared (first use in this function)
digestmd5.c:951: error: dereferencing pointer to incomplete type
digestmd5.c: In function `init_des':
digestmd5.c:966: error: invalid application of `sizeof' to an incomplete type
digestmd5.c:971: error: `des_cblock' undeclared (first use in this function)
digestmd5.c:971: error: parse error before ')' token
digestmd5.c:973: error: dereferencing pointer to incomplete type
digestmd5.c:978: error: increment of pointer to unknown structure
digestmd5.c:978: error: arithmetic on pointer to an incomplete type
digestmd5.c:980: error: parse error before ')' token
digestmd5.c:982: error: dereferencing pointer to incomplete type
digestmd5.c: In function `digestmd5_server_mech_step2':
digestmd5.c:2000: warning: dereferencing type-punned pointer will break 
strict-aliasing rules
digestmd5.c:2017: warning: dereferencing type-punned pointer will break 
strict-aliasing rules

What I think should work, given that I'm not really interested in kerberos or 
otp right now is the following:

./configure <<!
--prefix=/data1/sasl
--exec-prefix=/data1/sasl/exec
--enable-anon
--enable-plain
--enable-login
--disable-krb4
--disable-otp
--enable-cram
--enable-digest
--enable-java
--with-bdb-libdir=/data1/bdb/lib
--with-bdb-incdir=/data1/bdb/include
--with-openssl=/data1/opensslLH
--with-plugindir=/usr/lib/sasl2
--with-dbpath=/data1/sasl/sasldb2
!

I still get the same Openssl warnings and sure enough it still barfs with the 
same errors during make.

I've searched high and low all over the web for some useful information about 
Cyrus SASL, but the only thing that seems to be found is Cyrus-IMAP Cyrus 
Server and the like, nothing useful to me for this project.
Pretty much everything has suggested to download and use the binary RPM files 
(which are now wildly out of date and very security prone).  Nearly all of 
the howtos are suggesting versions like 1.5.x SASL 4.0.x bdb and 2.0.x 
OpenLDAP which I think is a bad thing.

I'm looking for a nice simple set of configuration options for the cyrus-sasl 
libraries that will allow me to link properly to the pre-requisites (without 
dying horribly) and also some OpenLDAP ./configure options to link properly.

TIA,
Jim
Follow-Ups:
- Re: Complete novice with OpenLDAP
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Prev by Date: Re: rfc2307 Schema
Next by Date: Re: telephoneNumber Syntax...
Index(es):
- Chronological
- Thread