[Date Prev][Date Next] [Chronological] [Thread] [Top]

SSL/TLS authentication




Hello,

 I am trying to authenticate against an ldap server using
SSL using certificates, but call to ldap_bind is failing.
can anyone please tell me what is wrong? below is the code.

---

    char* ldapuri=NULL;
    LDAPURLDesc url;
    memset( &url, 0, sizeof(url));

    url.lud_scheme = "ldaps";
    url.lud_host = "192.168.51.214";
    url.lud_port = 636;
    url.lud_scope = LDAP_SCOPE_DEFAULT;
    ldapuri = ldap_url_desc2str( &url );

    int rc=0;

    rc = ldap_initialize(&ld, ldapuri ) ;

    if (rc != LDAP_SUCCESS)
    {
        return FALSE;
    }

    int  i = LDAP_VERSION3;

    if ( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &i ) !=  LDAP_OPT_SUCCESS )
    {
        return FALSE;
    }

    if ( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &i ) !=  LDAP_OPT_SUCCESS )
    {
        return FALSE;
    }

    if ( ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, cacert) != LDAP_OPT_SUCCESS )
    {
        return FALSE;
    }

    if ( ldap_set_option(NULL, LDAP_OPT_X_TLS_CERTFILE, usercert) != LDAP_OPT_SUCCESS )
    {
        return FALSE;
    }

   if ( ldap_set_option(NULL, LDAP_OPT_X_TLS_KEYFILE, userkey) != LDAP_OPT_SUCCESS )
    {
        return FALSE;
    }

    int rt = ldap_bind_s(ld,baseDn,secret,LDAP_AUTH_SIMPLE) ;
    char* str_error = ldap_err2string(rt);

    if ( rt != LDAP_SUCCESS)
    {
        // FAILING.
        return FALSE;
    }

----

Thanks
Basit