[389-devel] Re: Please review: OpenLDAP support
Howard Chu
hyc at symas.com
Wed Jul 8 00:44:49 UTC 2009
Howard Chu wrote:
>
>> Message: 1
>> Date: Mon, 06 Jul 2009 13:20:22 -0600
>> From: Rich Megginson<rmeggins at redhat.com>
>
>> Note - the patch does not contain the diffs for configure nor Makefile.in
>> http://rmeggins.fedorapeople.org/0001-OpenLDAP-support.patch
As noted in your patch, the OpenLDAP API doesn't provide any options to
control SSL session caching. In the past I hacked that into my clients by
retrieving the OpenSSL context handles and using the OpenSSL API directly.
Obviously that's not a viable way forward since we now have 3 different TLS
libraries to deal with. So, we will probably be adding a couple set_option()
flags for this purpose Real Soon Now. If there's anything good or bad about
the way MozLDAP handles this, let me know what you think...
We'll also be providing a callback for obtaining the password for the private
key... Again that's something we've ignored because OpenSSL has provided its
own for so long.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the Fedora-directory-devel
mailing list