Description of problem: libcurl upstream dropped support for delegating Kerberos tickets and this has been applied to the Fedora packages via a patch. The IPA project needs to be able to delegate tickets via XML-RPC (we use the xmlrpc-c package which in turn uses libcurl). This also affects certmonger which uses similar xmlrpc-c/libcurl calls to communicate with IPA. Version-Release number of selected component (if applicable): curl-7.21.3-8.fc15 Steps to Reproduce: 1. Install an IPA server 2. On a separate machine run: ipa-client-install using details from step 1 Actual results: Joining realm failed because of failing XML-RPC request. This error may be caused by incompatible server/client major versions. On the Apache server if you set LogLevel debug in nss.conf you'll see that the ticket was not delegated.
I have proposed a solution upstream: http://thread.gmane.org/gmane.comp.web.curl.general/12226/focus=32265 Whoever is going to commit the fix, please just make sure we use the same option name/constant as upstream. Otherwise we would have incompatible API/ABI. Thanks in advance!
upstream commit: https://github.com/bagder/curl/compare/7688a99bef...a7864c41db
fixed in curl-7.21.7-2.fc17
curl-7.21.7-2.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/curl-7.21.7-2.fc16
curl-7.21.3-9.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/curl-7.21.3-9.fc15
Package curl-7.21.7-2.fc16: * should fix your issue, * was pushed to the Fedora 16 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing curl-7.21.7-2.fc16' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/curl-7.21.7-2.fc16 then log in and leave karma (feedback).
curl-7.21.3-9.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
curl-7.21.0-9.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/curl-7.21.0-9.fc14
curl-7.21.7-2.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
Problem tested on curl-7.21.3-9.fc15 and still appears to exist. Would appreciate if you could reopen and investigate further.
Can you provide more information on how/what you tested?
Description of problem: Following the installation of a new ipa server on a new FC15 host I attempted to perform the ipa-client-install process which failed with the XML-RPC error described above. I then ran a yum -y update on both my FC15 client and FC15 ipa server to no avail and saw the same symptoms as describe in the bug description. This process was executed on a freshly patched pair host hosts, both of which have been confirmed as running curl-7.21.3-9.fc15. Additionally the issue was checked by enabling debug logging as described in the description which gave the same results. If you would like additional information, clarification or logs please do not hesitate to get in touch.
You also need xmlrpc-c-1.25.4-1500.svn2077 and freeipa-2.1.0-1.
curl-7.21.0-10.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.