Re: gss_wrap/gss_unwrap sasl buffers?

[Gavin Henry <ghenry@suretecsystems.com>]

Howard Chu said the following on 28/01/07 23:38:
> Michael B Allen wrote:
>> Yup. That's exactly what I'm doing now. I just didn't see it before
>> but cyrus.c seems to be the model for what I want to do. And I see
>> ber_sockbuf_add_io et al is public so I'm hoping I can do it without
>> touching libldap or liblber at all.
> 
> Sounds like you're on the right track.
> 
>> For reasons not worth dicussing I'm not very interested in using libsasl
>> (at least not cyrus).
> 
> Trust me, we probably already know the reasons...
> 
> However, the only standards-compliant way to enable this functionality
> is through a SASL Bind. Are you actually reimplementing that as well?
> We've talked about jettisoning Cyrus SASL in favor of "something else"
> but there haven't been any other implementations worth considering. Feel
> free to continue this conversation on the openldap-devel mailing list if
> you want to pursue it further.

Timo from dovecot, uses his own version, and has talked before about
breaking it out. Might be worth a browse of the latest Dovecot RC.

Gavin.


-- 
Kind Regards,

Gavin Henry.
Managing Director.

T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghenry@suretecsystems.com

Open Source. Open Solutions.(tm)

http://www.suretecsystems.com/