[Date Prev][Date Next] [Chronological] [Thread] [Top]

Unable to bind LDAP server via SSL



Hello all, I have written a sample code to connect to LDAP server via SSL running on port 10389(ldap) & 10636(ldaps). But the sample application fails to set the options for the SSL connection. 
I do not want to verify the certificate correctness at this moment. Can someone help fix this sample code?? 

#include <stdio.h>
#define LDAP_DEPRECATED 1
#include <ldap.h>
 
#define BIND_DN "dc=example,dc=com"
#define BIND_PW "secret"
 
int main() {
LDAP *ld;
int rc;
int reqcert = LDAP_OPT_X_TLS_NEVER;
int version = LDAP_VERSION3;
int ret(0);
 
if (ldap_initialize (&ld, "ldap://192.168.1.51:10389")) {
        perror("ldap_init"); /* no error here */
        return(1);
    }
    rc  = ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version);
if(rc != LDAP_OPT_SUCCESS){
printf("Setting LDAP_OPT_PROTOCOL_VERSION failed: %s\n",ldap_err2string(rc));
}
 
    rc = ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);
if(rc != LDAP_OPT_SUCCESS){
printf("Setting LDAP_OPT_X_TLS_REQUIRE_CERT failed: %s\n",ldap_err2string(rc));
}
   
    rc = ldap_start_tls_s(ld, NULL, NULL);
    if (rc != LDAP_SUCCESS) {
        printf("ldap_start_tls failed: %s\n",ldap_err2string(rc));
    }
   
    rc = ldap_bind_s(ld, BIND_DN, BIND_PW, LDAP_AUTH_SIMPLE);
   
    if( rc != LDAP_SUCCESS )
    {
        fprintf(stderr, "ldap_simple_bind_s: %s\n", ldap_err2string(rc) );
        return( 1 );
    }
    ldap_unbind(ld);
}

The program always fails with:
Setting LDAP_OPT_X_TLS_REQUIRE_CERT failed: Can't contact LDAP server
ldap_start_tls failed: Not Supported

The server does support ldaps and ldap+tls. Can some one please help?? 
--
Ashwin kumar
(http://ashwinkumar.me)