Closed
Bug 212875
Opened 22 years ago
Closed 4 years ago
Use OpenLDAP instead of the Netscape's LDAP SDK
Categories
(Directory :: LDAP C SDK, enhancement)
Tracking
(Not tracked)
RESOLVED
WONTFIX
Future
People
(Reporter: mi+mozilla, Assigned: mcs)
References
(Blocks 1 open bug, )
Details
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.1; FreeBSD 5.1-CURRENT; X11; i386)
Build Identifier:
The OpenLDAP seems to be a more "vibrant" project and Mozilla should offer it as a build-time
alternative if not switch to it outright.
The particularly important feature is the Cyrus-SASL integration OpenLDAP offers, which lets
one talk to MS-Exchange's Active Directory servers after Kerberos authentication.
There probably are others.
Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1•22 years ago
|
||
-> Directory
Assignee: general → mcs
Component: Browser-General → LDAP C SDK
Product: Browser → Directory
Version: Trunk → other
Assignee | ||
Comment 2•22 years ago
|
||
The Mozilla LDAP code is also actively maintained, although you are correct that
OpenLDAP's SDK has some features we do not (and we have some features they do
not have). Offering OpenLDAP as an alternative would actually be quite a bit of
work due to the requirement to integrate with NSPR (something OpenLDAP likely
does not support).
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment 4•21 years ago
|
||
An additional issue, is that the Netscape SDK is apparently being used in LDAPv2
mode.
With OpenLDAP and other LDAP server dropping support for LDAPv2 there will be an
increasing number of Directory servers that Mozilla projects will not be able to
use.
Assignee | ||
Comment 5•21 years ago
|
||
Regarding comment 4, use of LDAPv3 by Mozilla applications is the subject of bug
198168 (recently fixed).
Comment 6•19 years ago
|
||
One huge problem with this is that Mozilla requires the use of NSS for crypto, but OpenLDAP uses openssl. I don't know if it is possible to mix the two crypto providers, but it is not desirable. Upcoming releases of NSS will have FIPS 140-2 and smart card support which openssl does not have. We will be working on adding cyrus sasl support to the ldapsdk in the very near future.
You might want to file an ITS against openldap for them to add NSS support.
Updated•7 years ago
|
Blocks: tb-enterprise
Comment 8•4 years ago
|
||
Not going to do this.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•