Bug#976991: libldap-2.4-2:amd64: Please consider building with openssl instead of gnutls
Quanah Gibson-Mount
quanah at symas.com
Wed Dec 9 21:35:43 GMT 2020
I read over the source of the rlm_ldap module and the freeradius
src/lib/ldap code, and it does specifically require functionality that's
only implemented for OpenSSL inside of libldap (such as the TLS Min
protocol) that are ignored for GnuTLS.
So for freeradius to work with a GnuTLS compiled libldap would require
modifying the freeradius source code accordingly, which may be a bit of
work. It also seems unlikely the freeradius project would be interested in
taking any such work back as they are only implementing on OpenSSL.
The best solution long term may simply be to switch to OpenSSL for OpenLDAP
starting with the 2.5 release series in Debian.
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
More information about the Pkg-openldap-devel
mailing list