--On April 30, 2007 9:58:07 AM -0400 Daniel Henninger daniel@ncsu.edu wrote:
Hi folk,
First off, let me say that per our last conversation about this, I have not yet rebuild cyrus-sasl/openldap against a different Kerberos dist. (I was going to build against 1.5.. right now I'm at 1.2.8.. we tend to steer clear of Heimdal) Anyway, on April 28th, at 12:05AM, all three of our slave servers' slapds died. All for apparently different reasons:
Why do you "steer clear" of Heimdal for linking the server libraries against? In any case, MIT Krb5 1.2 is known to not be thread safe.
Now, the second one is most likely the "recompile it against a different Kerberos" issue. However, the last seems to be directly SSL related and the first ... I have no idea about the first. We have openldap built against openssl 0.9.7i.
Never had an issue with OpenSSL like you are seeing.
Any suggestions? =( I know many of you are running this under Solaris. Anyone had any particular problems doing so?
Never saw any.
--Quanah
-- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration