Currently, Mozilla gets its LDAP support (for LDAP autocomplete in mail, as well as the LDAP addressbook) from the LDAP C SDK version 4.0. This version of the C SDK doesn't have the crypto hooks for SSL over LDAP, because it was released before the US crypto export laws changed. So we need to move to version 5.0 of the C SDK in order to support LDAP-over-SSL.
Assuming drivers smiles upon us, this will happen for Mozilla 1.0, but even if not, we're going to need to make the change soon enough. It was necessary to re-do the autoconf build system on the ldapcsdk_branch_50, and I've gotten it working for Linux and Windows already. Mac changes are forthcoming. I forward-ported (almost) of all the various platform code changes (BeOS, OS2, FreeBSD, HPUX, ....) from the C SDK 4.0 branch. However, because the build system has changed a bunch, forward porting the buildsystem changes didn't make a lot of sense. So for ports owners, now would be a great time to make any necessary tweaks to the LDAP C SDK build system. If you submit patches to me for this, I'll try and land them on the ldapcsdk_branch_50 quickly, and then when the switch is thrown, your platform should continue to just work. <http://bugzilla.mozilla.org/show_bug.cgi?id=124244> has the patch which switches client.mk / client.mak to pull from the ldapcsdk_branch_50 as well as the (minor) changes to Mozilla required to deal with this. Apply that patch to an existing tree, then re-pull and re-build. http://komodo.mozilla.org/planning/branches.cgi will continue to have up-to-date info on the status of this work. Thanks in advance for any patches! Dan