Bug#703113: libsasl2-modules-gssapi-mit: Java client GSSAPI connections to OpenLDAP fail
Bill MacAllister
whm at stanford.edu
Thu Mar 21 23:44:20 UTC 2013
--On Thursday, March 21, 2013 10:02:10 AM -0700 Bill MacAllister <whm at stanford.edu> wrote:
> --On Thursday, March 21, 2013 09:51:45 AM -0700 Russ Allbery <rra at debian.org> wrote:
>
>> Ondřej Surý <ondrej at sury.org> writes:
>>
>>> Basically you have much deeper knowledge of SASL and Kerberos internals
>>> than I have :). So while I would be happy to assist you, but I guess the
>>> only thing I can do for you at this moment is to report the bug to
>>> upstream bugzilla. And even that would be better if reported by Bill,
>>> since he can provide valuable input.
>>
>> Yeah, it's almost certainly an upstream bug. Ah, I see that Cyrus SASL
>> has a Bugzilla and everything these days.
>
> Once I complete testing today I will file the bug.
And I confirmed that if I use TLS encryption the client works.
I sent a note to the cyrus-sasl list and got a response from Quanah
saying that "cyrus-sasl 2.1.25 had multiple problems with GSSAPI
unless it was patched heavily". I'll try packaging that we see
what happens. I did file a bugzilla, but if the newer version
works that is mote.
Bill
--
Bill MacAllister
Infrastructure Delivery Group, Stanford University
More information about the Pkg-cyrus-sasl2-debian-devel
mailing list