[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_sasl_interactive_bind support

To: Howard Chu <hyc@symas.com>
Subject: Re: ldap_sasl_interactive_bind support
From: Alexey Melnikov <alexey.melnikov@isode.com>
Date: Thu, 09 Oct 2008 09:59:44 +0100
Cc: OpenLDAP Devel <openldap-devel@openldap.org>
In-reply-to: <48ED5DB7.6080406@symas.com>
References: <48ED5DB7.6080406@symas.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915

Howard Chu wrote:

I think we need to move the lutil_sasl_interact stuff into libldap.


Good idea.

Clients ought to be able to use libldap's SASL support without having to #include Cyrus's <sasl.h> themselves. Right now they're forced to write their own interact handlers and the handlers must know about the SASL_CB constants etc. This is ugly; callers shouldn't need to know anything about what the underlying SASL implementation is doing.


I agree.

Actually the lutil_sasl_ code should be cleaned up a bit, not used in libldap as-is. In particular, we should define a callback whose only purpose is to display a provided prompt string and retrieve user input. This callback's interface must have zero dependencies on <sasl.h>. We can provide a generic callback that writes to stderr and uses getpassphrase, but callers should be able to replace this with GUI dialog callbacks etc.


Yes, this is sensible.

References:
- ldap_sasl_interactive_bind support
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: RE24 final testing
Next by Date: Re: commit: ldap/libraries/libldap gssapi.c
Index(es):
- Chronological
- Thread