We really ought to have a way to allow clients to make libldap use StartTLS
without having to code their own calls into libldap for that purpose. I think
it would be useful to allow specifying StartTLS in the extension field of the
LDAP URL. Then at least it can be configured into ldap.conf forgotten about.
The code for ldap_initialize() should look for the URL extension field, and
act on it if StartTLS / 1.3.6.1.4.1.1466.20037 is present.
Any comments?
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
