[Date Prev][Date Next]
Re: SSL connection using libLDAP
OpenLDAP's -lldap supports initiating TLS (SSL) using either
the standard "Start TLS" mechanism [RFC2830] or the non-standard
"ldaps:" (Secure LDAP) mechanism. In the former case, the
program should call ldap_initialize(3) with the appropriate
ldap: URL, set version to 3, and then call ldap_start_tls_s(3).
In the latter case, ldap_initialize(3) is called with the
ldaps: URL. In both cases, appropriate certificate information
should be provided via ldap.conf(5) facilities or via
ldap_set_option(3)). See the client/tools for example code.
At 03:56 PM 3/17/2006, Alexander Hartner wrote:
>I am trying to connect to my LDAP directory using libLDAP. With SSL
>disable the following code works, but since I switched SSL on it breaks.
> ldap = ldap_init([hostname cString], [port intValue]);
> ldap_perror(ldap, "LDAP INITIALISED");
> const int version = 3;
> int e = ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &version);
> ldap_perror(ldap, "LDAP VERSION 3 SET");
> e = ldap_simple_bind_s(ldap, [username cString], [password cString]);
> char * errorMessage = ldap_err2string(e);
> ldap_perror(ldap, "LDAP BOUND");
>The error reported is :
>LDAP BOUND: Can't contact LDAP server (-1)
>I figure this is a problem with ldap_simpel_bind_s, but i can't find
>what I need to modify for SSL to work.
>Does a good farmer neglect a crop he has planted?
>Does a good teacher overlook even the most humble student?
>Does a good father allow a single child to starve?
>Does a good programmer refuse to maintain his code?
> - The Tao of Programming