[gnutls-dev] Re: SASL/EXTERNAL
jas at extundo.com
Fri Oct 7 15:32:24 CEST 2005
Albert Chin <gnutls-dev at mlists.thewrittenword.com> writes:
> According to:
> OpenLDAP 2.x SASL/EXTERNAL(TLS) support is under development is
> based upon OpenSSL.
> We are investigating the addition of GnuTLS support for OpenLDAP. If
> SASL EXTERNAL is tied to OpenSSL in OpenLDAP, is this something GnuTLS
> currently provides or could provide?
If the SASL EXTERNAL hooks in OpenLDAP only check whether OpenSSL is
enabled, then it won't work. I imagine that you would have to change
OpenLDAP's EXTERNAL code to also check if GnuTLS layers are present.
That should be simple to add.
Btw, I recall that Cyrus SASL, or at least some of the Cyrus SASL
modules, depend on OpenSSL. GNU SASL might be another SASL
alternative, and I have experience integrating it together with GnuTLS
(although not in OpenLDAP).
More information about the Gnutls-devel