[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Using TLS connecting to a AD server. openldap2.4.42
- To: Michael Ströder <michael@stroeder.com>, openldap-technical@openldap.org
- Subject: Re: Using TLS connecting to a AD server. openldap2.4.42
- From: Quanah Gibson-Mount <quanah@symas.com>
- Date: Sun, 10 Sep 2017 13:50:00 -0700
- Content-disposition: inline
- In-reply-to: <WM!bfd2106f26c5f24f6faec1f31543c1482995801eabd9fc661b7526787d93fffd2c82117a0b2bd24be6da71a426c171aa!@mailstronghold-2.zmailcloud.com>
- References: <562266727.5579513.1504892914660.ref@mail.yahoo.com> <562266727.5579513.1504892914660@mail.yahoo.com> <WM!397d278a8743224aa5f4a5c0b3fe682259437befb38ee1bb0566ec0c36f8d9cb83b041ec332aa5344ef1102a84e08108!@mailstronghold-1.zmailcloud.com> <044DF1D6600527D8571B6CB5@[192.168.1.30]> <75799906-5ac3-8736-824b-a47ddd34f8d4@stroeder.com> <WM!bfd2106f26c5f24f6faec1f31543c1482995801eabd9fc661b7526787d93fffd2c82117a0b2bd24be6da71a426c171aa!@mailstronghold-2.zmailcloud.com>
--On Sunday, September 10, 2017 2:25 PM +0200 Michael Ströder
<michael@stroeder.com> wrote:
I thought you have to set LDAP_OPT_X_TLS_NEWCTX to 0 *after* setting all
TLS-related options to let libldap reinitialize the client's SSL context.
Doesn't that work as expected?
Well, my point was, he's doing:
ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);
when instead you have to do:
ldap_set_option (NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);
and then set up a new TLS context.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>