You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Jeff Horwitz <je...@laserlink.net> on 2000/08/02 00:34:05 UTC
Re: (Fwd) Problem with Authen::Krb4 under mod_perl
are you using mod_ssl or SSL of any kind? there are name clashes between
the kerberos DES libraries and the SSL DES libraries that can cause
kerberos to fail.
---------------------------------------------------------------------------
Jeff Horwitz E-mail: jeff@laserlink.net
Manager of Systems Operations Phone: (610) 627-4575
LaserLink.Net, Covad Communications Web: http://www.laserlink.net
On Thu, 27 Jul 2000, Dave Edsall - The Tauminator wrote:
>
>
> I figured that it couldn't hurt for me to contact you about this as you are
> the author of the package. I've already posted the following to the mod_perl
> mailing list:
>
> ------- Forwarded Message
>
> To: modperl@apache.org
> Subject: Help with extensions
> Date: Thu, 27 Jul 2000 11:48:10 CDT
> From: "Dave Edsall - The Tauminator" <ed...@iastate.edu>
>
>
>
> Hello all,
>
>
> I am trying to convert a Web-based e-mail package ( MailMan with local
> modifications ) to run under mod_perl. The original author did a
> fantastic job of making the script mod_perl clean so we have only had to
> do a modicum of changes.
>
> Here is my problem. We run a site which uses Kerberos for
> authentication to our POP servers. We obtain a ticket granting ticket for
> the user and then we use the Authen::Krb4 package for obtaining a POP
> service ticket and authenticating the user to the POP server. This worked
> great using just plain old mod_cgi. When we ran this under mod_perl, it
> stopped working for some reason. Authen::Krb4 I believe is available
> through CPAN so I won't post it here. It is simply an XSUB extension to
> the Kerberos 4 C libraries. Some of the routines in Authen::Krb4 do work
> under mop_perl. It is the sendauth routine which does not (maybe this has
> to do with the socket?).
>
> I have read the first four chapters of the Eagle book, searched and
> read the guide, searched the mailing list archives and have even gone to
> Google (which usually ends up pointing me back to perl.apache.org). Can
> someone give me a clue as to why this may not be working?
>
>
> Info:
> - -----
>
> OS: Linux 2.2.14
> mod_perl: 1.24
> Apache: 1.3.9 configured with openssl 0.9.3
>
>
> Configuration file:
> - -------------------
>
> ScriptAlias /cgi-bin /local/www/apache_1.3.9/cgi-bin
> Alias /cgi-perl /local/www/apache_1.3.9/cgi-bin
> <Location /cgi-perl>
> SetHandler perl-script
> PerlHandler Apache::PerlRun
> PerlModule Authen::Krb4 CGI FileHandle Socket
> Options +ExecCGI
> allow from all
> PerlSendHeader On
> </Location>
>
>
> Relevant code:
>
> use FileHandle;
> my($rServerSocket) = new FileHandle(); <---- This is done OUTSIDE of
> the subroutine which calls
> sendauth below
>
>
> .....
>
>
> use Authen::Krb4;
>
>
> ....
>
>
> # Attempt to open a socket to the POP3 server.
> my($protocol) = 0;
> $protocol = getprotobyname('tcp');
> socket($rServerSocket,PF_INET,SOCK_STREAM,$protocol);
> my($remote_ip) = 0;
> $remote_ip = gethostbyname($mailman::strIncomingServer);
>
>
> ....
>
>
> $remote_sock = sockaddr_in(1109, $remote_ip);
>
>
> ....
>
>
> my($laddr)=0;
> my($faddr)=0;
> my($realm)=Authen::Krb4::realmofhost($mailman::strIncomingServer);
> my($phost)=Authen::Krb4::get_phost($mailman::strIncomingServer);
> my($service)='pop';
> my($ticket,$credentials,$schedule)=Authen::Krb4::sendauth(0,$rServerSocket,
> $
> service,$phost,$realm,5,$laddr,$faddr,"AUTHV0.1");
>
>
>
> Many thanks in advance,
>
>
> Dave
>
>
> - ----------------------------------
> Dave Edsall
> Systems Software
> Academic Information Technologies
> Iowa State University
>
>
> ------- End of Forwarded Message
>
>
>