[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch and TLS

To: <Geert.Van.Muylem@SKYNET.BE>
Subject: Re: ldapsearch and TLS
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 29 Aug 2001 08:24:34 -0700
Cc: "LDAP Mailing List" <openldap-software@OpenLDAP.org>
In-reply-to: <CIEPLKOCLJHKLFDOAJHMEEEDCBAA.Geert.Van.Muylem@SKYNET.BE>

At 03:23 PM 2001-08-27, Geert Van Muylem wrote:
>Question about some code of ldapsearch
>
>        if ( use_tls && ldap_start_tls_s( ld, NULL, NULL ) != LDAP_SUCCESS ) {
>                ldap_perror( ld, "ldap_start_tls" );
>                if ( use_tls > 1 ) {
>                        return EXIT_FAILURE;
>                }
>        }
>
>ldap_start_tls: Success
>
>eventhough ldap_start_tls_s returns a value different from LDAP_SUCCESS
>WHY Success?

Because ldap_perror reports the last LDAP result code, not the last
API error.  That is, the EXOP was successful but either the TLS
handshake or the post handshake tests failed.

References:
- ldapsearch and TLS
  - From: "Geert Van Muylem" <Geert.Van.Muylem@SKYNET.BE>

Prev by Date: Re: SASL replication - the continuing saga
Next by Date: Re: Error logged when starting slapd with SSL server
Index(es):
- Chronological
- Thread