[Date Prev][Date Next]
HEADS UP: tls restructuring
- To: OpenLDAP Devel <email@example.com>
- Subject: HEADS UP: tls restructuring
- From: Howard Chu <firstname.lastname@example.org>
- Date: Tue, 12 Aug 2008 14:22:10 -0700
- User-agent: Mozilla/5.0 (X11; U; Linux i686; rv:220.127.116.11pre) Gecko/2008080913 SeaMonkey/2.0a1pre
I've split all of the OpenSSL and GnuTLS-specific code into their own separate
source files, to clean up some of the #ifdef mess that was in tls.c before.
This approach actually allows support for both to be compiled in at the same
time. I'll probably add an LDAP_OPT_X option to select which implementation to
use at runtime. (It might make sense to make these dynamically loadable
modules, but for now I don't want to make libldap dependent on
I have not committed these changes yet. Probably will in the next day or two
unless there are objections.
There's one user-visible change: get_option(LDAP_OPT_X_TLS_SSL_CTX) now
returns a pointer to a privately defined structure. For GnuTLS this is in fact
the same behavior as before. For OpenSSL this is a change; it used to return
the actual (SSL *). If this is going to break something of yours, holler now...
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/