On Wed, 27 Sep 2006, David Severance wrote:
I went ahead, applied the patch and followed your guidance regarding
EXTRAAUTHENTICATORS=gss and built a binary using "make lrh
^^^^^^^^^^^^^^^^^^^
EXTRAAUTHENICATORS=gss". The problem is that I see no evidence of a kerberos
^^^^^^^^^^^^^^^^^^
auth capability when I query the imap daemon.
Did you spell it correctly in the build?
Take a look at imap-2006a/c-client/linkage.c. Do you see a line which
reads:
auth_link (&auth_gss); /* link in the gss authenticator */
If you don't, then you didn't build it correctly.
Even if you build it correctly, GSSAPI will be disabled (and AUTH=GSSAPI
will not show up in the CAPABILITY list) if you don't have Kerberos
service configured on the server system:
Do you have /etc/krb5.conf and /etc/krb5.keytab files properly set up on
imap.uci.edu?
Have you defined keytab entries on the KDC for the "imap/imap.uci.edu"
principal? IMAP uses the "imap" principal, not the "host" principal.
-- Mark --
http://panda.com/mrc
Democracy is two wolves and a sheep deciding what to eat for lunch.
Liberty is a well-armed sheep contesting the vote.
_______________________________________________
Imap-uw mailing list
Imap-uw@u.washington.edu
https://mailman1.u.washington.edu/mailman/listinfo/imap-uw
