[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
HEADS UP: tls restructuring
- To: OpenLDAP Devel <openldap-devel@openldap.org>
- Subject: HEADS UP: tls restructuring
- From: Howard Chu <hyc@symas.com>
- Date: Tue, 12 Aug 2008 14:22:10 -0700
- User-agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9.0.2pre) Gecko/2008080913 SeaMonkey/2.0a1pre
I've split all of the OpenSSL and GnuTLS-specific code into their own separate
source files, to clean up some of the #ifdef mess that was in tls.c before.
This approach actually allows support for both to be compiled in at the same
time. I'll probably add an LDAP_OPT_X option to select which implementation to
use at runtime. (It might make sense to make these dynamically loadable
modules, but for now I don't want to make libldap dependent on
ltdl/dlopen/whatever.)
I have not committed these changes yet. Probably will in the next day or two
unless there are objections.
There's one user-visible change: get_option(LDAP_OPT_X_TLS_SSL_CTX) now
returns a pointer to a privately defined structure. For GnuTLS this is in fact
the same behavior as before. For OpenSSL this is a change; it used to return
the actual (SSL *). If this is going to break something of yours, holler now...
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/