Re: Cyrus SASL 2.1.28 testing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

for me GSSAPI, SPNEGO, and GS2-KRB5 work on the master branch:

# the Kerberos server is obtained by DNS lookup SRV _kerberos._udp.aegee.org )
$ echo abc|kinit aaa@xxxxxxxxx
Password for aaa@xxxxxxxxx:
$ curl -v --negotiate -u: -XPROPFIND https://mail.aegee.org/dav/calendars/user/aaa/Default 
prints
authorization: Negotiate YIICiAYGKwYBBQUCoIICfDCCAnigDTALBgkqhkiG9xIBAgKiggJlBIICYWCCAl0GCSqGSIb3EgECAgEAboICTDCCAkigAwIBBaEDAgEOogcDB 
QAgAAAAo4IBZGGCAWAwggFcoAMCAQWhCxsJQUV...
Both when curl is compiled with Cyrus SASL (curl --version says nothing about SASL and is linked with libsasl2) and with libgsasl (curl --version prints “libgsasl/1.10.0” and is linked with libsasl2 and libgsasl). 

# Next commands also work:
$ imtest -t "" -m GSSAPI mail.aegee.org # (without Channel bindings for GSSAPI on both sides) 
$ imtest -t "" -m GS2-KRB5 mail.aegee.org # (without Channel bindings)
$ ldapsearch -ZZY GSSAPI -b"dc=aegee,dc=org" -H ldap://ldap.aegee.org # (I do not know, if openldap utilizes channel binding here, but it likely syncs with the ldapsearch client on this) 
$ ldapsearch -ZZY GS2-KRB5  -b"dc=aegee,dc=org" -H ldap://ldap.aegee.org
$ sivtest -t "" -m GSSAPI  mail.aegee.org # (no GSSAPI Channel binding)

Greetings
  Дилян

----- Message from Quanah Gibson-Mount <quanah@xxxxxxxxx> ---------
    Date: Tue, 16 Nov 2021 14:50:45 -0800
    From: Quanah Gibson-Mount <quanah@xxxxxxxxx>
Reply-To: SASL <sasl@xxxxxxxxxxxxxxxxxx>
 Subject: Cyrus SASL 2.1.28 testing
      To: sasl@xxxxxxxxxxxxxxxxxx



Hi everyone,

The cyrus-sasl-2.1 branch is ready for testing for the proposed
2.1.28 Cyrus SASL release.  For those who know how to build from
source, it would be great if you can test and verify things work as
expected.  If you have a kerberos based environment that makes use
of SASL/GSSAPI for a variety of purposes, please note that in any
feedback.

A general list of fixed issues for this release can be found at:

<https://github.com/cyrusimap/cyrus-sasl/milestone/2?closed=1>

Thanks in advance!

Regards,
Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>



----- End message from Quanah Gibson-Mount <quanah@xxxxxxxxx> -----




------------------------------------------
Cyrus: SASL
Permalink: https://cyrus.topicbox.com/groups/sasl/T382d628144c05df6-M85fb7b60618adeffb8e2fb95
Delivery options: https://cyrus.topicbox.com/groups/sasl/subscription
[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux