1 |
On 12/6/13, 7:24 AM, Lars Wendler wrote: |
2 |
> The bug reporter suggests to use bundled heimdal from samba-4 which I |
3 |
> would like to avoid if possible. |
4 |
> If anyone knows some better solution please speak up. It is highly |
5 |
> appreciated. |
6 |
|
7 |
It sounds ugly, but I generally lean towards pragmatic solutions: +1 to |
8 |
have this controlled by a USE flag. I actually suggest system-heimdal |
9 |
enabled by default (at least it matches a Gentoo convention from several |
10 |
other packages) than a weird "bi_heimdal" flag (what does "bi" stand for?). |
11 |
|
12 |
Now for a better solution: make samba also work with MIT Kerberos, and |
13 |
make OpenSSL work with Heimdal. This can be done at ./configure time of |
14 |
affected packages, and will likely require patches (I mean upstream here). |
15 |
|
16 |
One Good first step would be to make sure there are bugs on file |
17 |
(upstream) for both Samba and OpenSSL. |
18 |
|
19 |
Paweł |