Re: SASL 2.1.27 rc6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


It looks like Dan White may have found and tested a fix for the ldaps+GSSAPI issues in the tracker.  I'd like to have some peer review of this before I cut the final release on the morning of the 31st (US/Eastern time).

On 12/22/2017 01:03 PM, Ken Murchison wrote:
Unfortunately, I don't know where to look.  Alexey knows way more about GSS that I do.  I do recall from my time at CMU that the kerb libraries seem to suck at error reporting/logging.

On 12/22/2017 11:49 AM, Dan White wrote:

I'm running in to this:

additional info: SASL(-1): generic failure: Unable to find a callback: 32775


but with GSSAPI, and not GSS-SPNEGO.

In the following scenarios:

ldapwhoami/heimdal -> slapd/mit
ldapwhoami/heimdal -> slapd/heimdal
ldapwhoami/heimdal -> Microsoft AD

But these work:

ldapwhoami/mit -> slapd/mit
ldapwhoami/mit -> MS AD

I can set security properties with the libldab library (ldap.conf(5)). I
tried playing around with maxbufsize, since there are hints that may be
related when searching on google, but it had no effect.

All Heimdal tests are using version 7.5.0, manually compiled.

Do you have suggestions of where to debug?

On 12/20/17 10:14 -0600, Dan White wrote:

I'll try to lab up my original test case (for bug 3480) tomorrow

On 12/20/17 11:00 -0500, Ken Murchison wrote:
We haven't had much, if any, feedback on this release candidate.

Do the GSSAPI/LDAP folks have any further comments on

I'd really like to make a final release by Christmas as promised, but I also don't want to make a release that folks will have to patch immediately.

Kenneth Murchison
Cyrus Development Team
FastMail Pty Ltd

[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux