[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: StartTLS URL extension

Michael Ströder wrote:
Pierangelo Masarati wrote:
Michael Ströder wrote:
Pierangelo Masarati wrote:
ldap_initialize can record that StartTLS was already requested because
of the extension, and avoid requesting it twice.
What does "avoid requesting it twice" mean? Return an error code or
simply ignore it? Note that a client might wanna take note of whether
ldap_start_tls() was successfully called by itself or not.
Correct.  Here the choice is:

1) just ignore the second call, as it would violate RFC 4513

More specific: IMO the error code of the first call should be returned.

Well, that would probably need to be returned by ldap_initialize(), so if the client continues after ldap_initialize() failed it deserves screwing up :) I think your request makes sense, and should be taken into account.


Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it