I've split all of the OpenSSL and GnuTLS-specific code into their own separate
source files, to clean up some of the #ifdef mess that was in tls.c before.
This approach actually allows support for both to be compiled in at the same
time. I'll probably add an LDAP_OPT_X option to select which implementation to
use at runtime. (It might make sense to make these dynamically loadable
modules, but for now I don't want to make libldap dependent on
ltdl/dlopen/whatever.)
I have not committed these changes yet. Probably will in the next day or two
unless there are objections.
There's one user-visible change: get_option(LDAP_OPT_X_TLS_SSL_CTX) now
returns a pointer to a privately defined structure. For GnuTLS this is in fact
the same behavior as before. For OpenSSL this is a change; it used to return
the actual (SSL *). If this is going to break something of yours, holler now...
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
