Date: Tue, 28 Jan 2003 23:50:59 -0800 From: Peter Wemm <peter@wemm.org> To: "Jacques A. Vidrine" <nectar@FreeBSD.org>, "Matthew N. Dodd" <winter@jurai.net>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/secure/lib/libcrypto opensslconf-alpha.h opensslconf-i386.h opensslconf-ia64.h opensslconf-powerpc.h opensslconf-sparc64.h Message-ID: <20030129075059.0F4ED2A89E@canning.wemm.org> In-Reply-To: <20030129074300.5237A2A89E@canning.wemm.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter Wemm wrote:
> "Jacques A. Vidrine" wrote:
> > On Tue, Jan 28, 2003 at 09:13:12PM -0500, Matthew N. Dodd wrote:
> > > On Tue, 28 Jan 2003, Peter Wemm wrote:
> > > > Ok, but what does this mean in the real world? Do krb5 users need to s
to
> p
> > > > building world?
> > >
> > > Krb5 users just need to use MIT Krb5.
> >
> > More completely: Kerberos 5 users who want support for the Kerberos
> > 5 cipher suites in SSL/TLS (RFC 2712) must use OpenSSL 0.9.7 from the
> > ports tree, along with MIT Kerberos 5.
> >
> > This shouldn't mean much to anyone, since previously there has never
> > been support for RFC 2712 in the versions of OpenSSL included with
> > FreeBSD.
>
> Well, there is an ever so slight problem on the freebsd.org cluster:
>
> Jan 28 23:39:40 panther sshd[76989]: in openpam_load_module(): no pam_krb5.so
found
> Jan 28 23:39:40 panther sshd[76989]: fatal: PAM: initialisation failed
>
> But not being able to log in probably doesn't mean much to anyone.
>
> :-(
Looks like this is yet another ABI change. The new pam_krb5.so was
incompatable with the running sshd+openssl libraries.
*grump* :-(
Cheers,
-Peter
--
Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com
"All of this is for nothing if we don't go to the stars" - JMS/B5
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030129075059.0F4ED2A89E>