Brad Nicholes wrote:
Over the last couple of weeks one of our Novell LDAP SDK engineers
took a look at mod_auth_ldap to try to standardize it across various
SDKs especially with regards to SSL.
Cool!
- Added a support framework (using #defines) for multiple vendor LDAP
SDKs. The framework currently supports the SDKs from Novell, NetScape,
OpenLDAP, and Microsoft. (Spent significant time testing compiling and
running with the various SDKs on Win32. However, ran into problems with
Microsoft's SDK. It GPFs when doing an ldap_set_option.)
The purpose of LDAP support being in apr-util is so that machine
specific and SDK specific issues can be addressed there. The #defines
you mention should not be in mod_ldap, they should rather be in apr-util.
- Removed the AuthLDAPStartTLS directive from mod_auth_ldap. The
AuthLDAPUrl directive is used to specify clear (ldap://) or SSL
(ldaps://) connections.
I'm not clear on this one - is there not a difference between SSL (make
secure connection and speak LDAP) and TLS (make an insecure connection
and then say starttls to upgrade the connection to a secure one)?
I would like to commit these changes to the 2.1 tree as soon as
possible and also back port them to the 2.0 if acceptable.
+1 on committing to v2.1 as soon as possible :)
Regards,
Graham
--
-----------------------------------------
[EMAIL PROTECTED] "There's a moon
over Bourbon Street
tonight..."
