bugzilla-daemon at mindrot.org
2013-Jun-11 17:56 UTC
[Bug 2121] New: Enable runtime loading of GSSAPI libraries
https://bugzilla.mindrot.org/show_bug.cgi?id=2121
Bug ID: 2121
Summary: Enable runtime loading of GSSAPI libraries
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Kerberos support
Assignee: unassigned-bugs at mindrot.org
Reporter: aeneby at gmail.com
Created attachment 2301
--> https://bugzilla.mindrot.org/attachment.cgi?id=2301&action=edit
Patch to enable runtime loading of GSSAPI libraries
Currently, building the ssh client with kerberos enabled means
dynamically linking against the GSSAPI library. This results in a
somewhat non-portable binary, since it won't run on systems which don't
have this library available.
The attached patch implements runtime loading of the GSSAPI library,
allowing fallback to alternative authentication mechanisms if the
library can't be found.
Diff is against today's CVS.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2013-Jun-11 17:58 UTC
[Bug 2121] Enable runtime loading of GSSAPI libraries
https://bugzilla.mindrot.org/show_bug.cgi?id=2121
Aaron Sowry <aeneby at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |aeneby at gmail.com
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2013-Oct-10 00:48 UTC
[Bug 2121] Enable runtime loading of GSSAPI libraries
https://bugzilla.mindrot.org/show_bug.cgi?id=2121
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Status|NEW |RESOLVED
Resolution|--- |WONTFIX
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Thanks - this is a nice idea, but we aren't interested in supporting
run-time loading of libraries inside OpenSSH. There are a number of
potential problems that concern us, including figuring out the library
name on multiple platforms (your patch hardcodes one, but there will be
others), binary incompatibility between the headers on the build host
and the libraries on the host running sshd, etc.
I have some long-term vague plans to factor all the authentication
methods out into helper programs. This would seem to solve your
particular problem (as well as my primary goal of making the auth code
more testable), but it is still a fair way away.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:41 UTC
[Bug 2121] Enable runtime loading of GSSAPI libraries
https://bugzilla.mindrot.org/show_bug.cgi?id=2121
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Possibly Parallel Threads
- [Bug 2104] New: Windows/win32/mingw support
- [Bug 1220] Fix error messages for multiple mechanism GSSAPI libraries
- [Bug 1416] New: Enable GSSAPI by default on Mac OS X
- [Bug 1970] New: GSSAPI mechanisms will be disabled because the following shared libraries could not be loaded: /usr/local/lib/libgssapi_krb5.so
- [Bug 2456] New: gssapi-keyex blocked by PermitRootLogin=without-password