[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] Re: SASL/EXTERNAL
From: |
Simon Josefsson |
Subject: |
[gnutls-dev] Re: SASL/EXTERNAL |
Date: |
Fri, 07 Oct 2005 15:32:24 +0200 |
User-agent: |
Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) |
Albert Chin <address@hidden> writes:
> According to:
> http://www.stacken.kth.se/lists/heimdal-discuss/2000-07/msg00068.html
>
> OpenLDAP 2.x SASL/EXTERNAL(TLS) support is under development is
> based upon OpenSSL.
>
> We are investigating the addition of GnuTLS support for OpenLDAP. If
> SASL EXTERNAL is tied to OpenSSL in OpenLDAP, is this something GnuTLS
> currently provides or could provide?
If the SASL EXTERNAL hooks in OpenLDAP only check whether OpenSSL is
enabled, then it won't work. I imagine that you would have to change
OpenLDAP's EXTERNAL code to also check if GnuTLS layers are present.
That should be simple to add.
Btw, I recall that Cyrus SASL, or at least some of the Cyrus SASL
modules, depend on OpenSSL. GNU SASL might be another SASL
alternative, and I have experience integrating it together with GnuTLS
(although not in OpenLDAP).
Regards,
Simon