Hi everyone,

I'm trying to use OpenLDAP as the basis for a C LDAP client on a POSIX-y (but non-Linux) embedded RTOS, and so would like to replace its OpenSSL TLS backend with an mbedtls backend. (Note that mbedtls, as I understand it, was originally developed as a lightweight embedded replacement for OpenSSL.)

The hacky answer would be to use a translation layer from OpenSSL to mbedtls (the ESP32's esp-idf code has one of these), but this run the risk of hitting a corner case and getting completely stuck. :-(

So... has anyone tried writing a direct mbedtls TLS backend for OpenLDAP? I understand that OpenLDAP had specific licence-related issues with TLS code, and so anything like this might possibly have had to have been developed in a fork under a different licence.

Thanks very much, Nick