Date: Fri, 2 Oct 2009 08:24:14 -0400 From: John Baldwin <john@baldwin.cx> To: freebsd-current@freebsd.org Cc: George Mamalakis <mamalos@eng.auth.gr>, Doug Rabson <dfr@freebsd.org>, Rick Macklem <rmacklem@uoguelph.ca>, John Marshall <john.marshall@riverwillow.com.au> Subject: Re: [PATCH] SASL problems with spnego on 8.0-BETA4 Message-ID: <200910020824.15488.john@baldwin.cx> In-Reply-To: <20091002081319.GN37304@rwpc12.mby.riverwillow.net.au> References: <4AB27FB6.4010806@eng.auth.gr> <20090921222241.GF1001@rwpc12.mby.riverwillow.net.au> <20091002081319.GN37304@rwpc12.mby.riverwillow.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 02 October 2009 4:13:19 am John Marshall wrote: > On Tue, 22 Sep 2009, 08:22 +1000, John Marshall wrote: > > On Mon, 21 Sep 2009, 11:26 -0400, Rick Macklem wrote: > > > On Mon, 21 Sep 2009, George Mamalakis wrote: > > > > [snip] > > > >> > > > >>SUCCESS! > > > >> > > > >>So, this fix obviates THAT reason for installing the Heimdal port. If > > > >>George meets with similar success adding -lgssapi_spnego for his spnego > > > >>problem, I suggest that both libraries be added to the list in line 96 > > > >>of /usr/bin/krb5-config prior to release of FreeBSD 8.0. > > > >> > [snip] > > > >> > > > >>krb5-config. It looks like magic needs to happen somewhere in the base > > > >>kerberos build system. > > > >> > > > >>I notice that the Heimdal port doesn't build the separate libraries and > > > >>everything seems to be included in libgssapi (which explains why sasl2 > > > >>"works" when linked against the Heimdal port). > > > >> > > > > > > > >I changed my /usr/bin/krb5-config's line 96 to include -lgssapi_spnego and > > > >-lgssapi_krb5, and ever since both client and server work correctly!! Of > > > >course I get some other error, but at least this must be a configuration > > > >error :). > > > > > [snip] > > > > > > > Now, hopefully someone who understands enough about dynamic linking will > > > know if this is the correct fix for 8.0? (I'm going on a couple of weeks > > > vacation at the end of this week, so I won't be around to commit anything > > > and don't understand it well enough to know if this is the correct way > > > to fix it.) > > > > > > So, hopefully someone else can pick this one up? > > > > > > Thanks for testing it, rick > > > > Thanks Rick for your very valuable guidance on this problem. Have a > > great vacation! > > > > I have submitted a patch to the FreeBSD Makefile which patches the > > vendor-supplied template for krb5-config. I should be grateful if dfr@ > > or another src committer would please review this with a view to > > obtaining re@ approval to commit it before 8.0-RC2. > > > > <http://www.freebsd.org/cgi/query-pr.cgi?pr=139037>; > > Any src committers able to help with this? Hmmm, I thought that libgssapi was supposed to use dlopen to load the proper back-end libraries using /etc/gss/mech rather than having applications directly link against them. -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910020824.15488.john>