[Date Prev][Date Next]
- To: OpenLDAP Devel <firstname.lastname@example.org>
- Subject: ldap_sasl_interactive_bind support
- From: Howard Chu <email@example.com>
- Date: Wed, 08 Oct 2008 18:26:15 -0700
- User-agent: Mozilla/5.0 (X11; U; Linux x86_64; rv:1.9.1b1pre) Gecko/20081004 SeaMonkey/2.0a1pre
I think we need to move the lutil_sasl_interact stuff into libldap. Clients
ought to be able to use libldap's SASL support without having to #include
Cyrus's <sasl.h> themselves. Right now they're forced to write their own
interact handlers and the handlers must know about the SASL_CB constants etc.
This is ugly; callers shouldn't need to know anything about what the
underlying SASL implementation is doing.
Actually the lutil_sasl_ code should be cleaned up a bit, not used in libldap
as-is. In particular, we should define a callback whose only purpose is to
display a provided prompt string and retrieve user input. This callback's
interface must have zero dependencies on <sasl.h>. We can provide a generic
callback that writes to stderr and uses getpassphrase, but callers should be
able to replace this with GUI dialog callbacks etc.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/