apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: configuring apr-util --with-ldap against idsldap (aka tivoli)
Date Tue, 18 Feb 2014 20:52:28 GMT
For when we revisit, or maybe for Michael -- In APU, the immediate
problem with SSL is that apr_ldap_ssl_init happens before the
certificate options are set.  The underlying Tivoli toolkit wants info
about the global_certs passed into that call.

autoconf for basic stuff, not really used because we bake it into
httpd below: http://people.apache.org/~covener/patches/apuldap-itds1.diff
replacement we use instead of apr_ldap_ssl_init for tivoli:
http://people.apache.org/~covener/patches/tivoli_ssl_init.txt

On Tue, Feb 18, 2014 at 3:42 PM, Graham Leggett <minfrin@sharp.fm> wrote:
> On 18 Feb 2014, at 10:35 PM, Eric Covener <covener@gmail.com> wrote:
>
>> I (IBM) have some patches in this area that didn't make it to APR or HTTPD :(
>>
>> Unortunately Tivoli SSL initialization doesn't fit into how APU
>> initializes SSL and we are currently using hacks in both APU and
>> HTTPD.
>
> I am about half way through the APR v2.0 replacement of the API. Not only is the init
really tricky, with every toolkit out there having a unique variation, but the bind has a
bunch of variation too. Then there is the passing of binary objects which has toolkit specific
definitions of lengths. It has made coming up with an API quite a challenge.
>
> My current biggest challenge is a pile of work I have that needs doing, so can't look
at it now alas.
>
> Regards,
> Graham
> --
>



-- 
Eric Covener
covener@gmail.com

Mime
View raw message