apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Felt <mamf...@gmail.com>
Subject Re: configuring apr-util --with-ldap against idsldap (aka tivoli)
Date Thu, 20 Feb 2014 14:25:00 GMT
Thank you all very much! I try and actually what you are saying later :)


On Tue, Feb 18, 2014 at 9:52 PM, Eric Covener <covener@gmail.com> wrote:

> For when we revisit, or maybe for Michael -- In APU, the immediate
> problem with SSL is that apr_ldap_ssl_init happens before the
> certificate options are set.  The underlying Tivoli toolkit wants info
> about the global_certs passed into that call.
>
> autoconf for basic stuff, not really used because we bake it into
> httpd below: http://people.apache.org/~covener/patches/apuldap-itds1.diff
> replacement we use instead of apr_ldap_ssl_init for tivoli:
> http://people.apache.org/~covener/patches/tivoli_ssl_init.txt
>
> On Tue, Feb 18, 2014 at 3:42 PM, Graham Leggett <minfrin@sharp.fm> wrote:
> > On 18 Feb 2014, at 10:35 PM, Eric Covener <covener@gmail.com> wrote:
> >
> >> I (IBM) have some patches in this area that didn't make it to APR or
> HTTPD :(
> >>
> >> Unortunately Tivoli SSL initialization doesn't fit into how APU
> >> initializes SSL and we are currently using hacks in both APU and
> >> HTTPD.
> >
> > I am about half way through the APR v2.0 replacement of the API. Not
> only is the init really tricky, with every toolkit out there having a
> unique variation, but the bind has a bunch of variation too. Then there is
> the passing of binary objects which has toolkit specific definitions of
> lengths. It has made coming up with an API quite a challenge.
> >
> > My current biggest challenge is a pile of work I have that needs doing,
> so can't look at it now alas.
> >
> > Regards,
> > Graham
> > --
> >
>
>
>
> --
> Eric Covener
> covener@gmail.com
>

Mime
View raw message