[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP 2.1 (?) on RedHat Enterprise summary

To: openldap-software@OpenLDAP.org
Subject: Re: OpenLDAP 2.1 (?) on RedHat Enterprise summary
From: Donn Cave <donn@u.washington.edu>
Date: Thu, 6 May 2004 14:35:42 -0700
In-reply-to: <AD8618DDF7FD3DAC206617D1@cadabra-dsl.stanford.edu>

On Thursday, May 6, 2004, at 01:49 PM, Quanah Gibson-Mount wrote:
...

No symbol polluting. We install all the libraries into /usr/local/, and that works just fine. Note that OpenLDAP is a multi-threaded application, which is why this matters. I found that the entire application stack (openssl,cyrus-sasl,openldap) became unstable when using MIT Kerberos, even if I was simply doing anonymous binds to the OpenLDAP server.

I'm using MIT on RHE3, with my own posix mutex patch to cyrus-sasl gssapi.c. Heavy concurrent GSSAPI connection load works fine. Without the patch, concurrent GSSAPI connections were trouble, but isolated GSSAPI still worked, and heavily concurrent SASL EXTERNAL access worked fine either way. I don't know why non-GSSAPI functions would ever be compromised by the presence of the MIT krb5 library - maybe it brings along some unhelpful library, or maybe the damage from concurrent GSSAPI access survives to plague some other connection, but either explanation seems tenuous to me.

	Donn Cave, donn@u.washington.edu

References:
- Re: OpenLDAP 2.1 (?) on RedHat Enterprise summary
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: OpenLDAP 2.1 (?) on RedHat Enterprise summary
Next by Date: RE: OpenLDAP 2.1 (?) on RedHat Enterprise summary
Index(es):
- Chronological
- Thread