Home
Main website
Display Sidebar
Hide Ads
Recent Changes
View Source:
SASLNotes
Edit
PageHistory
Diff
Info
LikePages
You are viewing an old revision of this page.
View the current version
.
[SASL] is Cyrus's Simple Authentication and Security Layer. And like every other Cyrus project I've seen, its a big mystery. See [SASL] for information on what its (supposed) to do. See here for notes on its use. !! [SASL] Re-entrance bug libsasl has an unfortunate bug in that it is non re-entrant. This has the unfortunate effect of casuing segfaults in applications using libsasl. I've seen this occur mainly when using libnss-ldap and libpam-ldap coupled with cyrus imapd. The big problem here is that both libldap2 and cyrus imapd's auth module are linked against libsasl - this can cause a chain of events which leads to a double free, which causes the application to die with SIGSEGV (SIG11, segmentation fault) Solution: recompile libldap2 without cyrus sasl support. Under Debian: * apt-get source libldap2 (gets the openldap2 source package) * edit debian/rules and change --with-cyrus-sasl to read --without-cyrus-sasl, and also remove the --with-spasswd directive (this depends on cyrus-sasl. * edit debian/changelog and add a new changelog entry, bumping the version number to indicate a new build so that it doesn't get overridden later on. * run dpkg-buildpackage, and install Under RedHat: AddToMe * get the srpm and unpack it (rpm -i <whatever the rpm is called>.srpm * edit the SPEC file (/usr/src/redhat/SPECS/openldap2.spec or whatever) * and change --with-cyrus-sasl to read --without-cyrus-sasl, and also remove the --with-spasswd directive (this depends on cyrus-sasl. * change the version number of the rpm so that it wont be overridden * run rpm -bb <SPECFILE> to rebuild
2 pages link to
SASLNotes
:
SASL
LDAPAuthentication