Hi,
I am trying to build an openldap server on RHEL4 using openldap 2.3.27, cyrus sasl 2.1.22 ,
db-4.4.20 and heimdal 0.7.2. Due to the fact that RHEL4 already has some SASL libraries compiled
against MIT kerberos, I have to put everything in a different location that the regular /usr/
folder. I am installing all my custom software in /opt/local.
Here is what I did to compile and build sasl after having already compiled and installed db and
heimdal in /opt/local:
1. Set environment variables to include /opt/local first.
export LD_LIBRARY_PATH="/opt/local/lib:/opt/local/lib/sasl2"
export LDFLAGS="-L/opt/local/lib -L/opt/local/lib/sasl2 -L/usr/lib64"
export CFLAGS="-L/opt/local/lib -L/opt/local/lib/sasl2 -fPIC"
export CPPFLAGS="-I/opt/local/include -I/opt/local/include/sasl -I/opt/local/include/openssl"
2. Run configure
./configure --prefix=/opt/local --disable-krb4 --enable-gssapi=/opt/local
3. Run make and build all the binaries
4. Run make install to have everything installed
5. cd sample and make sample-client as well as make sample-server
6. Since RHEL4 already has its own sasl2 library in /usr/lib/sasl2, then I set SASL_PATH in both
shells where I am going to run the sample-client and sample-server programs.
export SASL_PATH=/opt/local/lib/sasl2
7. /etc/krb5.keytab contains the host/FQHN@REALM keytab
kinit -kt /etc/krb5.keytab works which mean the keytab is correct since klist show a ticket.
8. I obtain a ticket for a user called Manager. klist correctly displays the ticket.
9. On shell one I launch the server:
./sample-server -s host -p ../plugins/.libsGenerating client mechanism list...
Sending list of 6 mechanism(s)
S: RElHRVNULU1ENSBQTEFJTiBDUkFNLU1ENSBPVFAgR1NTQVBJIEFOT05ZTU9VUw==
Waiting for client mechanism...
10. On shell two I launch the client after obatining the kerberos ticket and where I pasted the S: line:
[root@newgandalf sample]# ./sample-client -s host -n newgandalf.ibb.gatech.edu -u Manager -p
../plugins/.libs
service=host
Waiting for mechanism list from server...
S: RElHRVNULU1ENSBQTEFJTiBDUkFNLU1ENSBPVFAgR1NTQVBJIEFOT05ZTU9VUw==
lt-sample-client: Decoding data from base64: bad protocol / cancel
I get the error message shown above. Does anyone know how can I fix this?
Thanks,
Diego