[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Incomplete documentation

To: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>
Subject: Re: Incomplete documentation
From: Love <lha@stacken.kth.se>
Date: Thu, 18 Sep 2003 19:32:18 +0200
Cc: heimdal-discuss@sics.se
In-Reply-To: <Pine.OSF.4.51.0309181817060.456757@tao.natur.cuni.cz> (Martin MOKREJŠ's message of "Thu, 18 Sep 2003 18:35:41+0200 (CEST)")
References: <Pine.OSF.4.51.0309041617460.382176@tao.natur.cuni.cz><xofoey01uwp.fsf@blubb.pdc.kth.se><Pine.OSF.4.51.0309041641310.382176@tao.natur.cuni.cz><xofk78o1lyc.fsf@blubb.pdc.kth.se><Pine.OSF.4.51.0309172328290.370291@tao.natur.cuni.cz><Pine.OSF.4.51.0309181817060.456757@tao.natur.cuni.cz>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (berkeley-unix)


Martin MOKREJŠ <mmokrejs@natur.cuni.cz> writes:

> On Wed, 17 Sep 2003, Martin MOKREJŠ wrote:
>
> I seems everyone is either busy or doesn't know anwers to my questions ...
> and I have continuation already ... :)

mmmm, upgrading ssh.

>> So, how am I supposed to configure heimdal whe want to use AFS? With or
>> without --with-krb4. How about the --enable-kaserver option. As I do not
>> need to convert from krb4 to krb5 type databse, I can omit
>> --enable-kaserver-db, right?
>
> I gave it a last shot: tried compiling heimdal against krb4(with it's own libdes)
> and asking heimdal to add support for krb4 and openssl(0.9.7b):

heimdal think it must use the same crypto lib as the krb4 stuff if compiled
with kerberos 4 support, it will refuse to use anything else.

> configure: error: the crypto library used by krb4 lacks features
> required by Kerberos 5; to continue, you need to install a newer
> Kerberos 4 or configure --without-krb4

yes, current heimdal requires openssl>=0.9.7, and there is not released
kth-krb4 that can handle that.

> configure:10538: cc  -o conftest -DHAVE_OLD_HASH_NAMES -I/usr/athena/include -O2 -arch ev56 -I/software/@sys/usr/include -I/usr/local/in
> clude -I/usr/local/openssl/include  conftest.c -L/usr/athena/lib -ldes -L/usr/local/lib -L/software/@sys/usr/lib -L/usr/local/openssl/li
> b -L/usr/lib >&5
> cc: Severe: configure, line 10488: Cannot find file <aes.h> specified in #include directive. (noinclfilef)
>                 #include <aes.h>
> -----------------^
>
> Sure it cannot find it, it should look for openssl/aes.h !

It first check for <openssl/aes.h> and then <aes.h>.


> I tried comfiguring heimdal --without-openssl , as krb4 was also compiled without
> openssl support:
[..]
> configure: error: the crypto library used by krb4 lacks features
> required by Kerberos 5; to continue, you need to install a newer
> Kerberos 4 or configure --without-krb4

krb4 libdes is old and doesn't contain any DES_ nor AES_ functions.

> I'm waiting for official patch and configure command-line. ;)

There are some issues with telnet, openssh 0.9.7b and DES_ I've not been
able to find yet. I don't even know how to reproduce it.

Love

PGP signature

Follow-Ups:
- Re: Incomplete documentation
  - From: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>
- Re: Incomplete documentation
  - From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>

References:
- Incomplete documentation
  - From: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>
- Re: Incomplete documentation
  - From: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>

Prev by Date: Re: Incomplete documentation
Next by Date: Re: Error: expected ADAT in reply. got: 431 Security resourceunavailable
Prev by thread: Re: Incomplete documentation
Next by thread: Re: Incomplete documentation
Index(es):
- Date
- Thread