[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: CA cert and ldaprc handling issues in OpenLDAP

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: CA cert and ldaprc handling issues in OpenLDAP
From: "Kervin L. Pierre" <kervin@blueprint-tech.com>
Date: Mon, 13 May 2002 21:07:51 -0400
Cc: openldap-software@OpenLDAP.org
References: <5.1.0.14.0.20020513162121.024bb1a8@127.0.0.1>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0+) Gecko/20020428

Kurt,

thanks.

Is the use of environment variables in this case thread safe? ie., can I set one thread LDAPNOINIT, but use the default ldap.conf in another without a possible race condition?

--Kervin

Kurt D. Zeilenga wrote:

At 03:58 PM 2002-05-13, kervin@blueprint-tech.com wrote:

(i) How does a programmer control wether the OpenLDAP library searches for
the ldaprc ( ldap.conf ) file?
I believe that in some conditions, that doing so might be a security risk.

By setting LDAPNOINIT in the environment.

(ii) Is there a way to specify which ldaprc file to use at runtime?

yes, though environment variables.

(iii)  How can a program at runtime specify a CA cert file to trust? ie.,
specify the TLS_CACERT option at runtime?

You can set TLS options using ldap_set_option().

Kurt

Follow-Ups:
- Re: CA cert and ldaprc handling issues in OpenLDAP
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: CA cert and ldaprc handling issues in OpenLDAP
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: CA cert and ldaprc handling issues in OpenLDAP
Next by Date: Re: CA cert and ldaprc handling issues in OpenLDAP
Index(es):
- Chronological
- Thread