[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Ldap_set_option problem

To: Philip Bellino <pbellino@mrv.com>
Subject: Re: Ldap_set_option problem
From: Howard Chu <hyc@symas.com>
Date: Thu, 08 Mar 2007 11:33:37 -0800
Cc: openldap-software@openldap.org
In-reply-to: <4D8794260B62C940BBA7150CC5EB3BD4A45CF9@bosmail.BOS.int.mrv.com>
References: <4D8794260B62C940BBA7150CC5EB3BD4A45CF9@bosmail.BOS.int.mrv.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a3pre) Gecko/20070307 SeaMonkey/1.5a

Philip Bellino wrote:

Hello, I am running OpenLDAP-2.3.32 on both a Linux server (using SLAPD) and a Linux client.
On the client, I am doing the following:
ldap_initialize(&ldap, ldapuri); - works fine. ldap_set_option(ldap, LDAP_OPT_PTOTOVOL_VERSION, &ldapver); - ldapver =3 - works fine.

Err = ldap_set_option(ldap, LDAP_OPT_X_TLS_CACERTFILE, "/usr/local/etc/openldap/cacert.pem");

Err comes back as a -1. If I replace ldap with NULL, I do not get the error.

Has anyone seen this error?

In OpenLDAP 2.3 and older, the CACERTFILE is a global setting. You cannot set it just for a particular LDAP session. Using NULL is the normal method for setting a global option, which is why that works without any error.

In OpenLDAP 2.4 you can set these items on a per-session basis.
--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  Chief Architect, OpenLDAP     http://www.openldap.org/project/

References:
- Ldap_set_option problem
  - From: "Philip Bellino" <pbellino@mrv.com>

Prev by Date: RE: Ldap_set_option problem
Next by Date: masking LDAP_SIZELIMIT_EXCEEDED
Index(es):
- Chronological
- Thread