Massimiliano Pala wrote:
Hi all, I have a little problem. I am implementing an application that uses the OpenLDAP libraries. Until not too much time ago, linking with OpenSSL was sufficiently safe (on almost every Linux distros) and providing my own verification function through the SSL_CTX (by using the ldap_set_option(m_ldap, LDAP_OPT_SERVER_CERTIFICATE, _my_verify)) was easy. Now, Linux distros started to use GnuTLS, NSS, and OpenSSL as the crypto API. My question is: how do I develop an application that when deployed on different systems might need to use functions and data structures from different crypto-api (e.g., when I distribute the binaries of my app) ? How can I retrieve that info *at runtime* (I'd like my binaries to be compatible) ?
At least, is there a function that allows me to know which crypto APIs are expected by libldap_r (so that I don't pass in the wrong data structure since it is a (void *)) ? Or at least, is there a way to set/get options so that I would know which API is in use ?
Good question. The implementation name is present in the library but there is no option to retrieve it. Unfortunately it was deleted from the earlier version of the new TLS code (which allowed the TLS implementation to be dynamically selected at runtime). I've added the option back to the git master, but it's a bit late to help your immediate problem.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/