2012/3/1 Michael Ströder <[email protected]> > Could someone of the OpenLDAP core developers please confirm this? > Especially whether LDAP_OPT_X_TLS_NEWCTX is set to LDAP_OPT_OFF for > "clients"? >
At least this is what is mentioned in the man page: http://linux.die.net/man/3/ldap_set_option *LDAP_OPT_X_TLS_NEWCTX* Instructs the library to create a new TLS library context. *invalue* must be *const int **. A non-zero value pointed to by * invalue* tells the library to create a context for a server. Just have a quick look at the code: // include/ldap.h #define LDAP_OPT_OFF ((void *) 0) #define LDAP_OPT_ON ((void *) &ber_pvt_opt_on) ... // libraries/liblber/options.c char ber_pvt_opt_on; /* used to get a non-NULL address for *_OPT_ON */ LDAP_OPT_OFF seems to be a NULL pointer. It seems not intended to be used to set the value for LDAP_OPT_X_TLS_NEWCTX, which requires a 'const int *' type (the address of a predefined integer value). But yes, it had better be clarified by some developer or someone very familiar to OpenLDAP code. Thanks, Qiang
