[gnutls-dev] Re: SASL/EXTERNAL
Simon Josefsson
jas at extundo.com
Fri Oct 7 15:32:24 CEST 2005
Albert Chin <gnutls-dev at mlists.thewrittenword.com> writes:
> According to:
> http://www.stacken.kth.se/lists/heimdal-discuss/2000-07/msg00068.html
>
> OpenLDAP 2.x SASL/EXTERNAL(TLS) support is under development is
> based upon OpenSSL.
>
> We are investigating the addition of GnuTLS support for OpenLDAP. If
> SASL EXTERNAL is tied to OpenSSL in OpenLDAP, is this something GnuTLS
> currently provides or could provide?
If the SASL EXTERNAL hooks in OpenLDAP only check whether OpenSSL is
enabled, then it won't work. I imagine that you would have to change
OpenLDAP's EXTERNAL code to also check if GnuTLS layers are present.
That should be simple to add.
Btw, I recall that Cyrus SASL, or at least some of the Cyrus SASL
modules, depend on OpenSSL. GNU SASL might be another SASL
alternative, and I have experience integrating it together with GnuTLS
(although not in OpenLDAP).
Regards,
Simon
More information about the Gnutls-dev
mailing list