Hello all, I have written a sample code to connect to LDAP server via SSL
running on port 10389(ldap) & 10636(ldaps). But the sample application
fails to set the options for the SSL connection.
I do not want to verify the certificate correctness at this moment. Can
someone help fix this sample code??
#include <stdio.h>
#define LDAP_DEPRECATED 1
#include <ldap.h>
#define BIND_DN "dc=example,dc=com"
#define BIND_PW "secret"
int main() {
LDAP *ld;
int rc;
int reqcert = LDAP_OPT_X_TLS_NEVER;
int version = LDAP_VERSION3;
int ret(0);
if (ldap_initialize (&ld, "ldap://192.168.1.51:10389";)) {
perror("ldap_init"); /* no error here */
return(1);
}
rc = ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version);
if(rc != LDAP_OPT_SUCCESS){
printf("Setting LDAP_OPT_PROTOCOL_VERSION failed:
%s\n",ldap_err2string(rc));
}
rc = ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);
if(rc != LDAP_OPT_SUCCESS){
printf("Setting LDAP_OPT_X_TLS_REQUIRE_CERT failed:
%s\n",ldap_err2string(rc));
}
rc = ldap_start_tls_s(ld, NULL, NULL);
if (rc != LDAP_SUCCESS) {
printf("ldap_start_tls failed: %s\n",ldap_err2string(rc));
}
rc = ldap_bind_s(ld, BIND_DN, BIND_PW, LDAP_AUTH_SIMPLE);
if( rc != LDAP_SUCCESS )
{
fprintf(stderr, "ldap_simple_bind_s: %s\n", ldap_err2string(rc) );
return( 1 );
}
ldap_unbind(ld);
}
The program always fails with:
*Setting LDAP_OPT_X_TLS_REQUIRE_CERT failed: Can't contact LDAP server*
*ldap_start_tls failed: Not Supported*
The server does support ldaps and ldap+tls. Can some one please help??