[Date Prev][Date Next] [Chronological] [Thread] [Top]

Order of calling ldap_bind_s() and ldap_start_tls_s()

To: openldap-software <openldap-software@OpenLDAP.org>
Subject: Order of calling ldap_bind_s() and ldap_start_tls_s()
From: Michael Ströder <michael@stroeder.com>
Date: Fri, 19 Oct 2001 14:45:38 +0200
Organization: stroeder.com

HI!

I wonder how a generic LDAP client should behave when connecting to
an unknown LDAP server with unknown version/features/extensions and
Start TLS should be used if available.

At the moment I'm trying to do a LDAPv3 bind and switch back to
LDAPv2 if the server returns LDAP_UNSUPPORTED_VERSION. However the
error is only returned after doing a ldap_bind_s().

Now I would like to know if it's appropriate to try a LDAPv3 bind,
read the root DSE and use ldap_starttls_s() afterwards if the server
announces Start TLS (1.3.6.1.4.1.1466.20037) in attribute
supportedExtension of its root DSE.

Ciao, Michael.

Follow-Ups:
- Re: Order of calling ldap_bind_s() and ldap_start_tls_s()
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Problems with openLDAP on SuSE 7.0 on IBM S/390 Hardware
Next by Date: RE: Order of calling ldap_bind_s() and ldap_start_tls_s()
Index(es):
- Chronological
- Thread