[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: library questions: LDAPMessage, msgid, ...



> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Paul Jarc

> Hallvard B Furuseth <h.b.furuseth@usit.uio.no> wrote:
> > BTW, one call you should add which is not in the draft is
> > ldap_start_tls_s() (if TLS is compiled into the LDAP installation).
> > Unfortunately it's undocumented in OpenLDAP too.
>
> Ok.  Is that needed for ldaps:// connections?  I added
> ldap_initialize, and it works for ldap://ldap.cwru.edu, but not
> ldaps://ldap.cwru.edu.

No, ldap_initialize should work for both ldap:// and ldaps://.
ldap_start_tls() is only used for the StartTLS extended operation, which is
not compatible with ldaps:// sessions.

> (Calling ldap_sasl_bind after ldap_initialize
> fails.)  However, I can connect to ldaps://ldap.cwru.edu using
> ldapsearch, from the same build of OpenLDAP, so I must be doing
> something wrong with the library.

Try setting the protocol version to LDAP_VERSION3 before connecting.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support