Description of problem:
While using GSSAPI mechanism, the server_start() method ALWAYS fails when cyrus-sasl uses GSSAPI with krb5-workstation v1.6.1 36.el5_5.6.
Installing krb5-workstation v1.8.2 3.7 (RHEL 6 version) solves the problem.

The problem is in the linkage between libgssapi of cyrus-sasl and libgssapi of krb5.

This problem doesn't exist on RHEL 4 nor RHEL 6, RHEL 5 is the only version impacted.


Version-Release number of selected component (if applicable):
cyrus-sasl 2.1.22 5.el5_4.3 (both i386 and x86_64)
krb5-workstation 1.6.1 36.el5_5.6

How reproducible:
Just use the sasl2-sample-client and sasl2-sample-server to discover the bug: no GSSAPI authentication is possible on a sasl2-sample-server running under RHEL 5.

Steps to Reproduce:
1. Install a Kerberos keytab for principal host/test.redhat.com for instance, and create a client principal test.
2. On server, launch "sasl2-sample-server -p 12345 -s host"
3. On client, identify youself to Kerberos server with kinit test
4. On client, launch "sasl2-sample-client -p 12345 -s host -m GSSAPI test.redhat.com"
5. Enter "test" when client requests an authorization id.
  
Actual results:
Authentication failed. No GSSAPI authentication is possible with this version of krb5-workstation.

Expected results:
Successful Authentication.

Additional info:
This bug will also be submitted under krb5-workstation software.

Cheers

R.