[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#5696) Patch - support Mozilla NSS for crypto operations
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#5696) Patch - support Mozilla NSS for crypto operations
- From: hyc@symas.com
- Date: Thu, 2 Jul 2009 21:36:29 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
rmeggins@redhat.com wrote:
> Full_Name: Rich Megginson
> Version: current CVS HEAD (as of July 2, 2009)
> OS: Fedora
> URL: ftp://ftp.openldap.org/incoming/openldap-2.4.16-moznss-20090702.patch
>
> This is a new patch - diffs from older patch
> 1) Implements tls_m.c MozNSS crypto - including parsing of openssl-style
> cipher suite configuration - things still missing
> 1a) support for multiple MozNSS initialize - work is being done upstream
> to support this
> 1b) support for reading PEM files - there is now a PEM PKCS11 module in
> Fedora which is being incorporated into NSS upstream
Thanks, I've committed most of this patch. I've omitted the SHA1/MD5 patches
since I think it's better to use our bundled version uniformly for password
hashing.
For doc purposes, it's simple for us to point people at openssl.org or
gnutls.org; what's a canonical URL to direct people to for MozNSS?
> 2) removes pkg-config stuff from configure.in - user must specify
> include path and lib path in environment
Ok. The configure patches are in too, so moznss may be selected. But I think
we'll wait on making this generally available until we know what the story
will be for PEM and multi-init.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/