[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: StartTLS URL extension

Pierangelo Masarati wrote:
> Michael Ströder wrote:
>> Yes I also find it useful. Not sure whether it should be within
>> ldap_initialize() or just in the client apps though.
>> The first could be problematic if client applications just read the LDAP
>> URI from some configuration file and pass it as is to ldap_initialize()
>> and after that call ldap_start_tls() a second time based on different
>> configuration parameters.
> I don't see a big issue here: first of all, if the app is correctly
> documented, one would only use this extension if needed.

In simple cases there might not be any problem.

>  Moreover,
> ldap_initialize can record that StartTLS was already requested because
> of the extension, and avoid requesting it twice.

What does "avoid requesting it twice" mean? Return an error code or
simply ignore it? Note that a client might wanna take note of whether
ldap_start_tls() was successfully called by itself or not.

Ciao, Michael.