[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap_start_tls_s "Not Supported"



Hello all, 

I've tried to make a very simple C-client with libldap2. I use
debian and have (as far as i understand) built my own libldap2
and libldap2-dev with support for tls. At least 
'ldd /usr/lib/libldap*' tells me that libldap is built against
libssl. My source code follows:

// begin tlstest.c
#include <stdio.h>
#include <ldap.h>

int main()
{
    LDAP *ldapStruct;
    int result;

    ldapStruct = ldap_init("server.fqdn.from.ssl-cert", LDAP_PORT);

    result = ldap_start_tls_s(ldapStruct, NULL, NULL);
    printf("Start TLS: ");
    printf(ldap_err2string(result));
    printf("\n");
    return 0;
}
// end of tlstest.c

I compile it with "gcc -lldap tlstest.c -o tlstest

When it is executed I get an error:
Start TLS: Not Supported

Does that mean that TLS is not supported on the client or
server. Have I done any other obvious error? (probably! =)

I have looked in the source code of ldapsearch and didn't get
much wiser from that. I also tried to use ldapsearch -ZZ  on the
same server from the same client and ldapsearch connects
without complaints. As I understand it '-ZZ' will kill ldapsearch
whith an error message if start_tls fails. Is that correct?

TIA & regards / fredrik 
-- 
Fredrik Jonson
pt97fjo@student.bth.se