Tim Tassonis wrote:
ldapuri = ldap_url_desc2str( &url ); rc = ldap_initialize( &conn, ldapuri ); if( rc != LDAP_SUCCESS ) { conn = NULL; /* Output error */ return 0; } rc = ldap_simple_bind_s(conn,bind_dn,password); if (rc != LDAP_SUCCESS) { /* Output error */ conn = NULL; return 0; } return 1; }As on the command line, you need to go by ldaps://url stuff in order to do SSL. Then, it works without problems.
Correct. If you use ldap_initialize( xx, "ldaps://xxxx" ) then the library will set up SSL for you. You only need to call ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, xx) if you didn't already set that in your .ldaprc or ldap.conf file.
It is possible to cause SSL to be set up using ldap_init, but that API is deprecated so we will not discuss it.
What am I missing? The ldaps connection does not even seem to connect at all - there's no traffic visible on a tcpdump whatsoever. All help much appreciated, Thanks, Dave.
-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc OpenLDAP Core Team http://www.openldap.org/project/
