On 06/03/08, Nicolas Williams wrote: > > That is due to the fact that, rather than rely on native C library, > > ejabberd implements SASL by its own. I googled on this topic but > > found very few discussion on it. I don't think there are active > > development to improve this either. > > Is the TLS layer also implemented natively by ejabberd?
No, it uses OpenSSL library. Erlang has a SSL library(it uses OpenSSL's crypto library but implement the protocol with Erlang). For unclear reason, ejabberd doesn't use it. > > BTW, XMPP(and ejabberd) also supports TLS to encrypt all the XML > > messages(including messages for authentication). That is an > > optional feature and can be configured. (I think SASL is also > > an optional feature, but it cannot be configured for ejabberd). > > Does ejabberd use OpenSSL? Yes, see above. -- Regards, Raymond
