[Fwd: Small addon to saslauthd ldap support to add native Solaris LDAP SSL (LDAPS) support]
Howard Chu
hyc at highlandsun.com
Thu Jan 24 13:56:44 EST 2008
Ken Murchison wrote:
> Can one of the LDAP gurus take a look at this patch and let me know if
> it looks sane, or if it can be rewritten to be smaller and/or leverage
> more OpenLDAP code?
>
Well, the point is that it's trying to support the Solaris LDAP SDK, which is
based on the ancient LDAPv2 API spec. If they're trying to use that, then they
obviously can't leverage any OpenLDAP code.
I glazed over a bit reading his ldap_initialize() wrapper. The rest looked ok,
but I'm suspicious of his #ifdef'ing standard options like LDAP_OPT_TIMELIMIT.
Those should be supported on all LDAP APIs. The only things that ought to need
ifdef'ing are options with "_X_" in their name as those are extensions that
were never mentioned in any API spec (draft or otherwise).
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the Cyrus-sasl
mailing list