Date: Sat, 2 Oct 2010 15:11:07 +0200 From: Martin Schweizer <lists_freebsd@bluewin.ch> To: freebsd-stable@freebsd.org Subject: Broken SASL/Kerberos authentication: openldap client GSSAPI authentication segfaults on FreeBSD 8.1 Release too Message-ID: <20101002131106.GH74320@saturn.pcs.ms>
next in thread | raw e-mail | index | archive | help
Hello I use the system as a mail server (Cyrus Impad) which I authenticate against Kerberos5 (Windows Active Directory) with Cyrus SASL (saslauthd -a kerberos5). Here are the details: cyrus-imapd-2.3.16_2 The cyrus mail server, supporting POP3 and IMAP4 protocols cyrus-sasl-2.1.23 RFC 2222 SASL (Simple Authentication and Security Layer) cyrus-sasl-saslauthd-2.1.23 SASL authentication server for cyrus-sasl2 My system: FreeBSD acsvfbsd04.acutronic.ch 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Thu Sep 30 12:33:18 CEST 2010 martin@acsvfbsd04.acutronic.ch:/usr/obj/usr/src/sys/GENERIC i386 After I upgaded from 7.2 to 8.1 the SASL authentication (with Kerberos5) is broken. See http://docs.freebsd.org/cgi/getmsg.cgi?fetch=301304+0+archive/2010/freebsd-stable/20100718.freebsd-stable and the following threads. See alo PR 147454. I did what you suggested in different threads around july regarding the subject: 1. cvsup a fresh copy of RELEASE 8.1 in /usr/src 2. Now I apply the patch in /usr/src with patch -p1 -E < patch name 3. Now I make buildworld && make buidlkernel && make installkernel and I get the following messages: cc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/kerb cc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/kerb cc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/kerb cc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/kerb cc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/kerb cc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/kerb cc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/kerb cc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/kerb cc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/kerb acc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/ker cc -fpic -DPIC -O2 -pipe -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi -I/usr/src/kerberos5/lib/libgssapi/../../../crypto/heimdal/lib/gssapi/krb5 -I/usr/src/kerb make: don't know how to make /usr/obj/usr/src/tmp/usr/lib/libpthread.a. Stop *** Error code 2 Stop in /usr/src. What I'm doing wrong? Kind regards, -- Martin Schweizer <office@pc-service.ch> PC-Service M. Schweizer GmbH; Bannholzstrasse 6; CH-8608 Bubikon Tel. +41 55 243 30 00; Fax: +41 55 243 33 22
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101002131106.GH74320>