Philip Guenther wrote:
On Mon, 6 Oct 2008, Howard Chu wrote:
Michael Ströder wrote:
Philip Guenther wrote:
I agree that ldap_initialize() should behave as it currently does,
setting up the handle but not opening any connections.
So this would need ldap_initialize() to defer calling ldap_start_tls().
I don't think that's what Pierangelo has in mind.
But that might actually be the simplest approach. ldap_initialize() can
parse the URL and set a flag in the LDAP* handle noting that StartTLS
was requested.
In the LDAP handle? You mean in the LDAPURLDesc for that URI? I would
expect
ldap_initialize(&ld,
"ldap://server.example.com/????!1.3.6.1.4.1.1466.20037,";
"ldap://127.0.0.1/,ldapi://";);
to automatically negotiate TLS when connecting to server.example.com, but
not when connecting to 127.0.0.1 or the UNIX domain socket.
Right. The actual place to insert this code is in ldap_new_connection().
Working on it now...
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
