python-ldap hanging for 15 minutes under certain conditions

Michael Wood esiotrot at
Sat Feb 5 21:42:59 CET 2011


On 4 February 2011 17:35, Rich Megginson <rich.megginson at> wrote:
> On 02/03/2011 11:59 PM, Michael Wood wrote:
>> On 4 February 2011 08:32, James Andrewartha<jamesa at>  wrote:
>>> Debian uses GnuTLS because OpenSSL has the non-GPL compatible
>>> advertising clause, and libldap is linked into many GPL applications. So
>> Ah, good point.
>>> the solutions are fix the OpenSSL licensing or make GnuTLS not suck; I
>> Or switch to something else.
> OpenLDAP 2.4.23 supports Mozilla NSS (triple licensed GPLv2+/LGPLv2+/MPL)
> for crypto
> Fedora 14 and later use this instead of OpenSSL

Interesting.  But co-incidentally, there's a thread currently on the
libcurl mailing list about comparisons between different SSL/TLS libs
that are supported by libcurl.  Howard Chu posted about GnuTLS and
later about NSS.  In the NSS message he said:

"I understand that RedHat is now building their OpenLDAP packages with our
MozNSS support. I don't believe this combination is ready for primetime by any
measure. They still don't even have release quality code for handling PEM
files, and their current experimental code crashes/misbehaves in common (for
OpenSSL) deployment scenarios."

Here's the link to the message in libcurl's mailing list archive:

Michael Wood <esiotrot at>

More information about the python-ldap mailing list