cyrus-sals-2.1.25 and openldap-2.4.29
Dan White
dwhite at olp.net
Thu Mar 29 09:32:59 EDT 2012
On 03/29/12 12:18 +0100, luxInteg wrote:
>Greetings,
>
>i am new to this list. I have a computer with these:-
>cpu: amd64 2 cores
>os linux 64bit distro=cblfs kernel-3.2.1, gcc-4.5.2
>auth progs: MIT-kerberos-1.10, sasl-2.1.25. openldap-2.4.29
>
>
>I verified ldap is running without sasl with the ldapsearch command like
>so:-
>ldapsearch -xWLLL "ou=people" -H ldaps://tester.example.com
>
>When I tried the same command for a sasl bind:-
>ldappsearch -LLL "ou=people" -H ldaps://tester.example.com
>
>I get this
>###################################################
>SASL/GSSAPI authentication started
>ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: SASL(-13): authentication failure: GSSAPI Failure:
>gss_accept_sec_context
>###################################################
>
>
>When I didpensed with tls i.e. I do
>ldappsearch -LLL "ou=people" -H ldap://tester.example.com
>
>I get the same result.
>
>
> It seems that there is something wrong with sasl-installation and I would
>be grateful for some advice including source of any needed patches.
To apply the patch I mentioned on the openldap list:
wget ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-2.1.25.tar.gz
wget -O gssapi-flags.patch https://bugzilla.cyrusimap.org/attachment.cgi?id=1393
tar -xvzf cyrus-sasl-2.1.25.tar.gz
cd cyrus-sasl-2.1.25/
patch -p1 < ../gssapi-flags.patch
Then ./configure etc. If you're using a package from an OS that you did
not compile yourself, consider filing a bug with your vendor to get them
to review this patch for inclusion.
Another patch you may want to look at is:
https://bugzilla.cyrusimap.org/show_bug.cgi?id=3445
--
Dan White
More information about the Cyrus-sasl
mailing list