[Date Prev][Date Next]
Re: StartTLS URL extension
Volker Lendecke wrote:
> On Sun, Oct 05, 2008 at 07:35:16PM -0700, Howard Chu wrote:
>> We really ought to have a way to allow clients to make libldap use StartTLS
>> without having to code their own calls into libldap for that purpose. I
>> think it would be useful to allow specifying StartTLS in the extension
>> field of the LDAP URL. Then at least it can be configured into ldap.conf
>> forgotten about.
>> The code for ldap_initialize() should look for the URL extension field, and
>> act on it if StartTLS / 220.127.116.11.4.1.1466.20037 is present.
>> Any comments?
> Not that I have any word in LDAP development, but this
> sounds *very* useful :-)
Yes I also find it useful. Not sure whether it should be within
ldap_initialize() or just in the client apps though.
The first could be problematic if client applications just read the LDAP
URI from some configuration file and pass it as is to ldap_initialize()
and after that call ldap_start_tls() a second time based on different