Kurt D. Zeilenga wrote:
Of course this doesn't work for some SASL/TLS options which are not settable through C API, e.g. SASL realm.At 08:05 PM 7/19/2005, Alexey Melnikov wrote:
Hallvard B Furuseth wrote:
I think it would be a very good idea to make all options settable in ldap.conf also settable through C API .ldap_set_option() and ldap_get_option() have many strange behaviors. Which of these should I document, which should be changed, and which options and nuances below should just be omitted from the man page?
(I'm reading some libldap source and doc/drafts/draft-ietf-ldapext-ldap-c-api-xx.txt.)
* ldap.conf vs. C API:
ldap.conf options BINDDN, BASE, PORT have no equivalent C API calls.
ldap.conf options SASL_AUTHCID, SASL_AUTHZID, SASL_MECH, SASL_REALM
cannot be set with the C API.
Otherwise OpenLDAP forces all applications that use libldap to also use ldap.conf, which might be unacceptable when an application has own configuration system.
Such a program can simply make API calls that don't rely on defaults. For instance by not providing NULL as a binddn argument to ldap_bind(3).
What I don't like is that libldap tries to find and read ldap.conf automatically. Is there any way to control that?That is, programs are not forced to use ldap.conf(5).
They can disable the
defaulting and still obtain full functionality.
Alexey