Re: Status of Cyrus Sasl support in Dev version

["Booker C. Bense" <bbense@networking.stanford.edu>]

On Mon, 8 May 2000, Kurt D. Zeilenga wrote:

> At 09:38 PM 5/4/00 -0700, Booker C. Bense wrote:
> >- I just did a cvs update from the current_dev tree and noticed
> >that you are now checking for the cyrus sasl libraries. This is
> >great! However, I poked around in the source and the support 
> >seems pretty incomplete ( at least in back-bdb2 ),
> 
> Most of the code is in the frontend... and I haven't botherred
> to update back-bdb2 as it's not being actively developed.  We
> likely won't get moving on a replacement backend until post
> 2.0-beta.

- Are you re-engineering the back end interface? It seems to 
me that sasl is pretty hard to do unless you move it up a 
layer. What backend should I be looking at for the cyrus 
stuff? I looked at the code in slapd/bind.c and slapd/sasl.c and it 
looks like the backend bind doesn't really have to do anything
other than map the sasl identity to the corresponding DN. 

- Are you going to support encryption for those sasl methods
that have it? 

> 
> >is there anything I can do to help with the work? 
> 
> I need to post a brief summary of what I think needs
> getting done... later this week...
> 
> Of course, you're more than welcomed to jump on in.
> 

- I've run into a work project that would be ideally implemented
as an ldap backend, but it does require sasl authentication and
encryption of the data stream( either sasl or TLS ) for the server and
of course appropriate support in the client libraries. 
How close is this to being possible? What would be a good
testing environment? 

- Booker C. Bense