[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap_start_tls_s or ldap_set_option(LDAP_OPT_X_TLS)?

To: openldap-software@OpenLDAP.org
Subject: ldap_start_tls_s or ldap_set_option(LDAP_OPT_X_TLS)?
From: Seth Daniel <ldap@sethdaniel.org>
Date: Fri, 24 Sep 2004 15:17:12 -0700
Content-disposition: inline
User-agent: Mutt/1.5.6+20040818i

So I'm writing a small client that uses the OpenLDAP libraries.  In
looking at the tools in clients/tools/* I see that when attempting to
establish a TLS connection they always seem to use ldap_start_tls_s().
I have tried this and it works well in conjunction with
ldap_set_option() and LDAP_OPT_X_TLS_CACERTFILE, LDAP_OPT_X_TLS_CERTFILE, 
and LDAP_OPT_X_TLS_KEYFILE.  

However, I also notice that some (it would appear) clients (not in the
LDAP source tree) rely strictly on ldap_set_option(LDAP_OPT_X_TLS) and
(I presume) expect the first action on that connection to use TLS?  Is
this correct?  I can't get it to work so I assume not.  So, what is
LDAP_OPT_X_TLS for?  Is it simply for setting whether you want TLS to be
HARD,TRY,NEVER etc... when you actually call ldap_start_tls_s()?  Is any
of this documented (I can't find anything, but maybe I'm looking in the
wrong places).  

Thank you.

-- 
seth / @sethdaniel.org
Time is an illusion perpetrated by the manufacturers of space.

Follow-Ups:
- Re: ldap_start_tls_s or ldap_set_option(LDAP_OPT_X_TLS)?
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: [REPOST] Getting OpenLDAP on RedHat AS3 working properly
Next by Date: Compiling in debug mode
Index(es):
- Chronological
- Thread