From owner-freebsd-current@FreeBSD.ORG Fri Oct 2 08:13:31 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4B21C1065672; Fri, 2 Oct 2009 08:13:31 +0000 (UTC) (envelope-from john.marshall@riverwillow.com.au) Received: from mail1.riverwillow.net.au (mail1.riverwillow.net.au [203.58.93.36]) by mx1.freebsd.org (Postfix) with ESMTP id C1BC78FC0C; Fri, 2 Oct 2009 08:13:30 +0000 (UTC) Received: from rwpc12.mby.riverwillow.net.au (rwpc12.mby.riverwillow.net.au [172.25.24.168]) (authenticated bits=0) by mail1.riverwillow.net.au (8.14.3/8.14.3) with ESMTP id n928DL6C017327 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 2 Oct 2009 18:13:22 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=riverwillow.com.au; s=m1001; t=1254471202; bh=/23oj9u057CxLX++wWYor/DUHQhbXfV+BruTadI+ryA=; h=Date:From:To:Cc:Subject:Message-ID:References:Mime-Version: Content-Type:In-Reply-To; b=o34QNVg7vn7jKaZJw5W6ewSE8ayo7in+sOcyQ+C0gO6S++PPomHWIZCKM2lnWHcj9 BGe1VbetjmeXxVCFTRrV/6e3Nq/R3zwl082UxLP6FZxiIjJE2I5RCOQqO/IKuhFeut DUD8YORZdwnyc0JQaU8Wdviif/pzGA3BdtyqLgXE= Received: from rwpc12.mby.riverwillow.net.au (localhost [127.0.0.1]) by rwpc12.mby.riverwillow.net.au (8.14.3/8.14.3) with ESMTP id n928DLNS058793; Fri, 2 Oct 2009 18:13:21 +1000 (AEST) (envelope-from john.marshall@riverwillow.com.au) Received: (from john@localhost) by rwpc12.mby.riverwillow.net.au (8.14.3/8.14.3/Submit) id n928DJMj058792; Fri, 2 Oct 2009 18:13:19 +1000 (AEST) (envelope-from john) Date: Fri, 2 Oct 2009 18:13:19 +1000 From: John Marshall To: freebsd-current@freebsd.org Message-ID: <20091002081319.GN37304@rwpc12.mby.riverwillow.net.au> Mail-Followup-To: freebsd-current@freebsd.org, Rick Macklem , George Mamalakis , Doug Rabson References: <4AB27FB6.4010806@eng.auth.gr> <20090918034933.GI1231@rwpc12.mby.riverwillow.net.au> <20090918233157.GK1231@rwpc12.mby.riverwillow.net.au> <20090921012855.GA1001@rwpc12.mby.riverwillow.net.au> <4AB768C3.6030003@eng.auth.gr> <20090921222241.GF1001@rwpc12.mby.riverwillow.net.au> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="dDnEQgWzhgf+8aPe" Content-Disposition: inline In-Reply-To: <20090921222241.GF1001@rwpc12.mby.riverwillow.net.au> User-Agent: Mutt/1.4.2.3i OpenPGP: id=A29A84A2; url=http://pki.riverwillow.net.au/pgp/johnmarshall.asc Cc: Doug Rabson , Rick Macklem , George Mamalakis Subject: [PATCH] SASL problems with spnego on 8.0-BETA4 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Oct 2009 08:13:31 -0000 --dDnEQgWzhgf+8aPe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, 22 Sep 2009, 08:22 +1000, John Marshall wrote: > On Mon, 21 Sep 2009, 11:26 -0400, Rick Macklem wrote: > > On Mon, 21 Sep 2009, George Mamalakis wrote: > >=20 [snip] > > >> > > >>SUCCESS! > > >> > > >>So, this fix obviates THAT reason for installing the Heimdal port. If > > >>George meets with similar success adding -lgssapi_spnego for his spne= go > > >>problem, I suggest that both libraries be added to the list in line 96 > > >>of /usr/bin/krb5-config prior to release of FreeBSD 8.0. > > >> [snip] > > >> > > >>krb5-config. It looks like magic needs to happen somewhere in the ba= se > > >>kerberos build system. > > >> > > >>I notice that the Heimdal port doesn't build the separate libraries a= nd > > >>everything seems to be included in libgssapi (which explains why sasl2 > > >>"works" when linked against the Heimdal port). > > >> > > > > > >I changed my /usr/bin/krb5-config's line 96 to include -lgssapi_spnego= and=20 > > >-lgssapi_krb5, and ever since both client and server work correctly!! = Of=20 > > >course I get some other error, but at least this must be a configurati= on=20 > > >error :). > > > [snip] > > > > > Now, hopefully someone who understands enough about dynamic linking will > > know if this is the correct fix for 8.0? (I'm going on a couple of weeks > > vacation at the end of this week, so I won't be around to commit anythi= ng > > and don't understand it well enough to know if this is the correct way > > to fix it.) > >=20 > > So, hopefully someone else can pick this one up? > >=20 > > Thanks for testing it, rick >=20 > Thanks Rick for your very valuable guidance on this problem. Have a > great vacation! >=20 > I have submitted a patch to the FreeBSD Makefile which patches the > vendor-supplied template for krb5-config. I should be grateful if dfr@ > or another src committer would please review this with a view to > obtaining re@ approval to commit it before 8.0-RC2. >=20 > Any src committers able to help with this? --=20 John Marshall --dDnEQgWzhgf+8aPe Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (FreeBSD) iEYEARECAAYFAkrFth8ACgkQw/tAaKKahKIxlQCeMViy177fzcNTnL0Wg7ox21YV yEoAn0DbVmZxJG7cMa1/mhX/KPHFw87H =cRtK -----END PGP SIGNATURE----- --dDnEQgWzhgf+8aPe--