[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: CA cert and ldaprc handling issues in OpenLDAP



Is the use of environment variables in this case thread safe? ie., can I set one thread LDAPNOINIT, but use the default ldap.conf in another without a possible race condition?


Kurt D. Zeilenga wrote:
At 03:58 PM 2002-05-13, kervin@blueprint-tech.com wrote:

(i) How does a programmer control wether the OpenLDAP library searches for
the ldaprc ( ldap.conf ) file?
I believe that in some conditions, that doing so might be a security risk.

By setting LDAPNOINIT in the environment.

(ii) Is there a way to specify which ldaprc file to use at runtime?

yes, though environment variables.

(iii)  How can a program at runtime specify a CA cert file to trust? ie.,
specify the TLS_CACERT option at runtime?

You can set TLS options using ldap_set_option().