On 6.11.2012, at 17.26, Ed W wrote: > On 05/11/2012 23:22, Timo Sirainen wrote: >> On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: >>> Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes >>> without wasting a ton of memory. In v2.2 I already moved imapc/pop3c >>> backend code to plugins to avoid this. Looks like similar ugliness is >>> needed for other features/backends also that may end up using SSL code. >>> (We were wondering with Stephan what to do about his new HTTP library >>> code that added support for SSL. It would be nice to keep it in the core >>> libdovecot.so, but not if it links with SSL. So looks like we'll need >>> some kind of a http-ssl plugin that is loaded only when needed.) >> Implemented it a bit easier way that also gets rid of imapc/pop3c >> plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL >> dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 >> >> This also provides a nice abstraction to OpenSSL, making it again >> possible to implement other backends like GnuTLS or NSS. (Except login >> process code doesn't use lib-ssl-iostream yet.) > > Does libtomcrypt implement enough?
It doesn't do SSL, which is all Dovecot cares about.
