[Date Prev][Date Next]
ldap_start_tls_s or ldap_set_option(LDAP_OPT_X_TLS)?
So I'm writing a small client that uses the OpenLDAP libraries. In
looking at the tools in clients/tools/* I see that when attempting to
establish a TLS connection they always seem to use ldap_start_tls_s().
I have tried this and it works well in conjunction with
ldap_set_option() and LDAP_OPT_X_TLS_CACERTFILE, LDAP_OPT_X_TLS_CERTFILE,
However, I also notice that some (it would appear) clients (not in the
LDAP source tree) rely strictly on ldap_set_option(LDAP_OPT_X_TLS) and
(I presume) expect the first action on that connection to use TLS? Is
this correct? I can't get it to work so I assume not. So, what is
LDAP_OPT_X_TLS for? Is it simply for setting whether you want TLS to be
HARD,TRY,NEVER etc... when you actually call ldap_start_tls_s()? Is any
of this documented (I can't find anything, but maybe I'm looking in the
seth / @sethdaniel.org
Time is an illusion perpetrated by the manufacturers of space.