[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: extracting X509 certificate from LDAP connection with openldap public API

To: Guillaume Rousse <Guillaume.Rousse@inria.fr>
Subject: Re: extracting X509 certificate from LDAP connection with openldap public API
From: Philip Guenther <guenther+ldapsoft@sendmail.com>
Date: Tue, 2 Dec 2008 15:43:51 -0800
Cc: openldap-software@openldap.org
In-reply-to: <4935B162.5060801@inria.fr>
References: <4935B162.5060801@inria.fr>
User-agent: Alpine 1.10 (BSO 962 2008-03-14)

On Tue, 2 Dec 2008, Guillaume Rousse wrote:
> The code manipulates an opaque LDAP *ld connection handle. I had a quick 
> look at openldap code, in libraries/libldap/tls.c, to see how this 
> handle could be used to access the x509 certificate:
> 
> LDAPConn *conn = NULL;
> Sockbuf *sb = NULL;
> SSL *ssl = NULL;
> X509 *certificate = NULL;
> 
> conn = ld->ld_defconn;
> sb = conn->lconn_sb;
> ssl = ldap_pvt_tls_sb_ctx(sb);
> certificate = tls_get_cert(ssl);
> 
> However, all those types are defined in libraries/libldap/ldap-int.h header,
> meaning those are for internal use only. I had a quick look at IETF LDAP C
> draft found in openldap sources, but I couldn't find anything related to the
> topic. So, what's the proper way for doing this ?

ldap_get_option(ld, LDAP_OPT_X_TLS_SSL_CTX, &ssl);


Philip Guenther

Follow-Ups:
- Re: extracting X509 certificate from LDAP connection with openldap public API
  - From: Guillaume Rousse <Guillaume.Rousse@inria.fr>

References:
- extracting X509 certificate from LDAP connection with openldap public API
  - From: Guillaume Rousse <Guillaume.Rousse@inria.fr>

Prev by Date: extracting X509 certificate from LDAP connection with openldap public API
Next by Date: Re: Multi-master doesn't replicate deletes under certain circumstances.
Index(es):
- Chronological
- Thread