[Date Prev][Date Next]
Re: 2.2.23's slapd segfaults when using ldapsearch
- To: OpenLDAP software list <openldap-software@OpenLDAP.org>
- Subject: Re: 2.2.23's slapd segfaults when using ldapsearch
- From: Greg Petras <firstname.lastname@example.org>
- Date: Wed, 2 Feb 2005 11:11:28 -0500
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=ZJrndY4P9NcEaqs97IqIPwKAu6UOy+MXCI9G0UAGL23YV9fKMyyH806UcJTk/hFY1MiQhIVsIY5TiKC9UESqAs+vQiemsbJSu/8GGQ/C9t7UvnC7pl5Gz9x+7bfD9jdlp4Wl8GjKznnOxyVT8QhwOWZ7Y505gVPwkOha/03/MzI=
- In-reply-to: <2D06D99A3449DB0302B3506B@10.0.0.1>
- References: <email@example.com> <E29DBA72B20D4D7CD7EBFEF4@cadabra-dsl.stanford.edu> <firstname.lastname@example.org> <2D06D99A3449DB0302B3506B@10.0.0.1>
> MIT kerberos 1.3 is not thread safe. MIT Kerberos 1.4 is thread safe, but
> has problems with its replay cache. If you use MIT Krb5 1.3, you'll want
> to make sure mutexes are enabled in Cyrus-SASL 2.1.20. If you use 1.4,
> you'll want to disable them. Neither set of libraries handles requests as
> quickly as Heimdal Kerberos does.
> Stanford runs MIT Kerberos for nearly everything, and has MIT Kerberos
> KDC's. There has been no problem having the OpenLDAP servers be compiled
> against Heimdal. Kerberos 5 is a protocol, both Heimdal & MIT speak it.
Thanks again for the info. I'll have to look into this some more and
see if I can figure out what works best in our environment. I'll send
out an update when I get through some more testing.