[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Antwort: Re: How to secure LDAP ? SSL support ?
Use ldap_initialize to use the uri format to connect.
Use the tls_option_hard to use ssl.
That's all for a working ssl connection.
P.S.: libldap2 has to be configured with --with-tls.
On slapd the certificate's common name must be the same like the
fqdn of the slpad host.
Code Snip:
char *server = "ldaps://test.test.com/";
int arg = LDAP_OPT_X_TLS_HARD;
if (argc < 2 || argc > 3)
usage(argv[0]);
parse_args(argc, argv);
my_filter = (char *)malloc(MAXQUERYSIZE);
memset(my_filter,'\0',sizeof(char)*MAXQUERYSIZE);
rc = ldap_initialize(&ld, server);
if (rc != LDAP_SUCCESS) {
exit (2);
}
if ((rc = ldap_set_option(ld, LDAP_OPT_X_TLS, &arg) != LDAP_SUCCESS
)) {
ldap_perror( ld, "ldap_set_option" );
exit(1);
}
Cu.
Franz
____________________________________________________
Franz Skale
mainwork information technology AG
IT-Services
Tech Gate Vienna
Donaucitystrasse 1
A-1220 Wien
Tel: +43 1 333 48 58-0
Fax: +43 1 333 48 58-24
e-mail: f.skale@mainwork.com
Internet: http://www.mainwork.com
Turbo Fredriksson
<turbo@bayour.com> An: <openldap-software@OpenLDAP.org>
Gesendet von: Kopie:
owner-openldap-software@Op Thema: Re: How to secure LDAP ? SSL support ?
enLDAP.org
16.05.2002 13:59
>>>>> "Yves" == Yves Robin <yves@reefedge.com> writes:
Yves> Do i have to explicitally call the SSL library from my LDAP
Yves> client to open a SSL session ? Do i have to call it before
Yves> the ldap_init() ?
It was about six months since I did this for QmailLDAP/Controls, but
I 'copied' (almost straight of :) the code from 'ldapsearch'.
'Trust the source Yves' :)