bugzilla-daemon at mindrot.org
2013-Jun-11 17:56 UTC
[Bug 2121] New: Enable runtime loading of GSSAPI libraries
https://bugzilla.mindrot.org/show_bug.cgi?id=2121 Bug ID: 2121 Summary: Enable runtime loading of GSSAPI libraries Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Kerberos support Assignee: unassigned-bugs at mindrot.org Reporter: aeneby at gmail.com Created attachment 2301 --> https://bugzilla.mindrot.org/attachment.cgi?id=2301&action=edit Patch to enable runtime loading of GSSAPI libraries Currently, building the ssh client with kerberos enabled means dynamically linking against the GSSAPI library. This results in a somewhat non-portable binary, since it won't run on systems which don't have this library available. The attached patch implements runtime loading of the GSSAPI library, allowing fallback to alternative authentication mechanisms if the library can't be found. Diff is against today's CVS. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2013-Jun-11 17:58 UTC
[Bug 2121] Enable runtime loading of GSSAPI libraries
https://bugzilla.mindrot.org/show_bug.cgi?id=2121 Aaron Sowry <aeneby at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aeneby at gmail.com -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2013-Oct-10 00:48 UTC
[Bug 2121] Enable runtime loading of GSSAPI libraries
https://bugzilla.mindrot.org/show_bug.cgi?id=2121 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Status|NEW |RESOLVED Resolution|--- |WONTFIX --- Comment #1 from Damien Miller <djm at mindrot.org> --- Thanks - this is a nice idea, but we aren't interested in supporting run-time loading of libraries inside OpenSSH. There are a number of potential problems that concern us, including figuring out the library name on multiple platforms (your patch hardcodes one, but there will be others), binary incompatibility between the headers on the build host and the libraries on the host running sshd, etc. I have some long-term vague plans to factor all the authentication methods out into helper programs. This would seem to solve your particular problem (as well as my primary goal of making the auth code more testable), but it is still a fair way away. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:41 UTC
[Bug 2121] Enable runtime loading of GSSAPI libraries
https://bugzilla.mindrot.org/show_bug.cgi?id=2121 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #2 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after 7.3p1 release -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- [Bug 2104] New: Windows/win32/mingw support
- [Bug 1220] Fix error messages for multiple mechanism GSSAPI libraries
- [Bug 1416] New: Enable GSSAPI by default on Mac OS X
- [Bug 1970] New: GSSAPI mechanisms will be disabled because the following shared libraries could not be loaded: /usr/local/lib/libgssapi_krb5.so
- [Bug 2456] New: gssapi-keyex blocked by PermitRootLogin=without-password