Re: A LDAPS related issue

[Michael Ströder <michael@stroeder.com>]

Ralf,

thanks for your followup on this.

Ralf Haferkamp wrote:
> On Wednesday 22 September 2010 19:05:58 Michael Ströder wrote:
>> Ralf Haferkamp wrote:
>>> If you really want the TLS context recreated with each iteration I
>>> think you can just call:
>>> ldap_set_option( NULL, LDAP_OPT_X_TLS_NEWCTX, LDAP_OPT_ON);
>>> after the above calls.
>>
>> Ralf, does that really work? I did not manage to get
>> this working from python-ldap...
> Last time I checked it did. That was some month ago. But looking at the 
> libldap code it might be that LDAP_OPT_ON is probably the wrong value to 
> pass to it. It seems you need to pass a pointer to an integer. That 
> integer value is passed as the is_server argument to the functions that 
> actually initialize the context. So I guess in client code you'd pass a 
> int pointer to 0.

The relevant code excerpts from python-ldap/Modules/options.c are:

[..]
	    /* integer value options */
	    if (!PyArg_Parse(value, "i:set_option", &intval))
		return 0;
	    ptr = &intval;
	    break;
[..]
    if (res != LDAP_OPT_SUCCESS) {
        option_error(res, "ldap_set_option");
        return 0;
    }
[..]

That looks like your description. But I'd have to use 0 as the option value?

See complete source here:

http://python-ldap.cvs.sourceforge.net/viewvc/python-ldap/python-ldap/Modules/options.c?view=log

Ciao, Michael.