openssh bugs - Jun 2013 - [Bug 2121] New: Enable runtime loading of GSSAPI libraries

https://bugzilla.mindrot.org/show_bug.cgi?id=2121

            Bug ID: 2121
           Summary: Enable runtime loading of GSSAPI libraries
           Product: Portable OpenSSH
           Version: -current
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Kerberos support
          Assignee: unassigned-bugs at mindrot.org
          Reporter: aeneby at gmail.com

Created attachment 2301
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2301&action=edit
Patch to enable runtime loading of GSSAPI libraries

Currently, building the ssh client with kerberos enabled means
dynamically linking against the GSSAPI library. This results in a
somewhat non-portable binary, since it won't run on systems which don't
have this library available.

The attached patch implements runtime loading of the GSSAPI library,
allowing fallback to alternative authentication mechanisms if the
library can't be found.

Diff is against today's CVS.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2121

Aaron Sowry <aeneby at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |aeneby at gmail.com

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2121

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Status|NEW                         |RESOLVED
         Resolution|---                         |WONTFIX

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Thanks - this is a nice idea, but we aren't interested in supporting
run-time loading of libraries inside OpenSSH. There are a number of
potential problems that concern us, including figuring out the library
name on multiple platforms (your patch hardcodes one, but there will be
others), binary incompatibility between the headers on the build host
and the libraries on the host running sshd, etc.

I have some long-term vague plans to factor all the authentication
methods out into helper programs. This would seem to solve your
particular problem (as well as my primary goal of making the auth code
more testable), but it is still a fair way away.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2121

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.