[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: StartTLS URL extension

On Mon, 6 Oct 2008, Howard Chu wrote:
> Michael Ströder wrote:
> > Philip Guenther wrote:
> > > I agree that ldap_initialize() should behave as it currently does, 
> > > setting up the handle but not opening any connections.
> > So this would need ldap_initialize() to defer calling ldap_start_tls().
> > I don't think that's what Pierangelo has in mind.
> But that might actually be the simplest approach. ldap_initialize() can 
> parse the URL and set a flag in the LDAP* handle noting that StartTLS 
> was requested.

In the LDAP handle?  You mean in the LDAPURLDesc for that URI?  I would 

to automatically negotiate TLS when connecting to server.example.com, but 
not when connecting to or the UNIX domain socket.

(Hopefully I haven't mangled the syntax from the RFC too badly...)