[Fwd: Small addon to saslauthd ldap support to add native Solaris LDAP SSL (LDAPS) support]

Howard Chu hyc at highlandsun.com
Thu Jan 24 13:56:44 EST 2008


Ken Murchison wrote:
> Can one of the LDAP gurus take a look at this patch and let me know if
> it looks sane, or if it can be rewritten to be smaller and/or leverage
> more OpenLDAP code?
>
Well, the point is that it's trying to support the Solaris LDAP SDK, which is 
based on the ancient LDAPv2 API spec. If they're trying to use that, then they 
obviously can't leverage any OpenLDAP code.

I glazed over a bit reading his ldap_initialize() wrapper. The rest looked ok, 
but I'm suspicious of his #ifdef'ing standard options like LDAP_OPT_TIMELIMIT. 
Those should be supported on all LDAP APIs. The only things that ought to need 
ifdef'ing are options with "_X_" in their name as those are extensions that 
were never mentioned in any API spec (draft or otherwise).
-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP     http://www.openldap.org/project/


More information about the Cyrus-sasl mailing list