On Mon, 21 Sep 2009, 11:26 -0400, Rick Macklem wrote: > > On Mon, 21 Sep 2009, George Mamalakis wrote: > > [stuff snipped] > >> > >>SUCCESS! > >> > >>So, this fix obviates THAT reason for installing the Heimdal port. If > >>George meets with similar success adding -lgssapi_spnego for his spnego > >>problem, I suggest that both libraries be added to the list in line 96 > >>of /usr/bin/krb5-config prior to release of FreeBSD 8.0. > >> > >>It doesn't look like this fix is as simple as submitting a patch to > >>krb5-config. It looks like magic needs to happen somewhere in the base > >>kerberos build system. > >> > >>I notice that the Heimdal port doesn't build the separate libraries and > >>everything seems to be included in libgssapi (which explains why sasl2 > >>"works" when linked against the Heimdal port). > >> > >> > >Guys, > > > >I changed my /usr/bin/krb5-config's line 96 to include -lgssapi_spnego and > >-lgssapi_krb5, and ever since both client and server work correctly!! Of > >course I get some other error, but at least this must be a configuration > >error :). > > > >So, to sum up: > > > >Still running on fbsd.8-BETA4, changed krb5-config to include the missing > >libraries, recompiled cyrus-sasl-2.1.23 after I changed the krb5-config, > >restarted openldap-sasl-server-2.4.18_1 and after performing an > >ldapsearch, the client does not complain (and exits) about missing > >libraries, NOR does the server crash on sasl authentication. > > > >Great job guys, thank you all very very much for your help! I posted my > >query on the 17th of Sep. and in four days (weekend inclusive!) someone > >came up with an answer that resolves my issue! Great job, once more, and > >thank you all again! > > > Now, hopefully someone who understands enough about dynamic linking will > know if this is the correct fix for 8.0? (I'm going on a couple of weeks > vacation at the end of this week, so I won't be around to commit anything > and don't understand it well enough to know if this is the correct way > to fix it.) > > So, hopefully someone else can pick this one up? > > Thanks for testing it, rick Thanks Rick for your very valuable guidance on this problem. Have a great vacation! I have submitted a patch to the FreeBSD Makefile which patches the vendor-supplied template for krb5-config. I should be grateful if dfr_at_ or another src committer would please review this with a view to obtaining re_at_ approval to commit it before 8.0-RC2. <http://www.freebsd.org/cgi/query-pr.cgi?pr=139037> -- John Marshall
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:55 UTC