On Wed, Mar 09, 2005 at 11:29:58PM -0000, DrPizza wrote: > If this means resolving whatever "legal" issues (by e.g. using gnutls > instead of openssl) surely that's the price that has to be paid and the > work that has to be done.
Okay, so you are doing it? I already spend like 100 hours on this and it is still not ready. To implement this you need to - learn OpenSSL to understand what the TLS stuff in libldap is doing - learn about the logic of those LBER sockbuf communications layer used in libldap at least so much that you understand what's going on in tls.c - learn GnuTLS to make libldap support it - be very sure you are not doing a mistake in porting as there is only one thing worse than no security: the false feeling of security Waiting for your patches... Torsten PS: The server side was updated to fix the bunch of release critical bugs against the server side which is much more problematic than the client side so far.
signature.asc
Description: Digital signature