[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Use LDAP with or without SSL
I had 2 ldap servers (one with SSL (port636) and the other without (port389)
) and only
one client.
I wonder how to connect to my servers with the same code (ie if i dont know
if the server is secured).
Now i have do distinguished if i want to connect to the secured one or to
the other.
I was wondering if there is a solution to let LDAP API decide if it speaks
to a secure or
to an unsecured LDAP server when it does the bind or the open.
Does anyone got the solution or an idea ?
Thanks
Oliver, you already have the code here.
Use
> ld = ldap_open(ptPool->pszHostName,ptPool->iPortNo);
> if (ld == NULL){
> rc = CTXLDAP_RC_LDAP;
> goto fin;
> }
> before ldap_simple_bind_s without SSL
And
> ld = ldap_init(ptPool->pszHostName,ptPool->iPortNo);
> if (ld == NULL){
> rc = CTXLDAP_RC_LDAP;
> goto fin;
> }
>
> {
> int arg = LDAP_OPT_X_TLS_HARD;
> rc = ldap_set_option(ld, LDAP_OPT_X_TLS, &arg);
> if (rc != LDAP_SUCCESS){
> rc = CTXLDAP_RC_LDAP;
> goto fin;
> }
> }
with SSL
> -----Message d'origine-----
> De: Oliver Egginger [SMTP:Oliver.Egginger@mni.fh-giessen.de]
> Date: mercredi 20 juin 2001 15:00
> À: openldap-software@OpenLDAP.org
> Objet: Re: Use LDAP with or without SSL
>
> interesting for me,
> post your code if you have success and if you like.
>
> My understanding of SSL/TSL and so on,
> is that it depends starkly on the port.
> I can't imagine that is it possible to have a LDAP-Server which can
> accept SSL and non-SSL connection...
>
> SSL is a layer on the TCP-Stack,
> how to bypass it ??
>
> Message Wed 20 June 2001 07:28:
> > Hello,
> >
> > I am trying to make a c application which can work with or without
> > SSL(openSSL).
> >
> > Before i make a simple_bind_s i do
> > without SSL
> > ld = ldap_open(ptPool->pszHostName,ptPool->iPortNo);
> > if (ld == NULL){
> > rc = CTXLDAP_RC_LDAP;
> > goto fin;
> > }
> >
> > with SSL
> > ld = ldap_init(ptPool->pszHostName,ptPool->iPortNo);
> > if (ld == NULL){
> > rc = CTXLDAP_RC_LDAP;
> > goto fin;
> > }
> >
> > {
> > int arg = LDAP_OPT_X_TLS_HARD;
> > rc = ldap_set_option(ld, LDAP_OPT_X_TLS, &arg);
> > if (rc != LDAP_SUCCESS){
> > rc = CTXLDAP_RC_LDAP;
> > goto fin;
> > }
> > }
> >
> > I wonder if there is a "trick" to do the same thing in both case and
> > let LDAP decide whether i use or not SSL.
> >
> > Thanks,
> >
> > Jerome
>
> --
> Oliver Egginger
> FH Giessen-Friedberg
> DV-Zentrum
> Wiesenstrasse 14
> 35390 Giessen
> Tel. +49 641 309-1283
> Fax +49 641 309-2908
> Mail: Oliver.Egginger@mni.fh-giessen.de