Re: StartTLS URL extension

[Pierangelo Masarati <ando@sys-net.it>]

Michael Ströder wrote:
> Pierangelo Masarati wrote:
> > Michael Ströder wrote:
> > > Pierangelo Masarati wrote:
> > > >  Moreover,
> > > > ldap_initialize can record that StartTLS was already requested because
> > > > of the extension, and avoid requesting it twice.
> > > What does "avoid requesting it twice" mean? Return an error code or
> > > simply ignore it? Note that a client might wanna take note of whether
> > > ldap_start_tls() was successfully called by itself or not.
> > Correct.  Here the choice is:
> >
> > 1) just ignore the second call, as it would violate RFC 4513
>
> More specific: IMO the error code of the first call should be returned.

Well, that would probably need to be returned by ldap_initialize(), so 
if the client continues after ldap_initialize() failed it deserves 
screwing up :)  I think your request makes sense, and should be taken 
into account.

p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------