On Mon, 6 Oct 2008, Howard Chu wrote:
Michael Ströder wrote:
Philip Guenther wrote:
I agree that ldap_initialize() should behave as it currently does, setting up the handle but not opening any connections.
So this would need ldap_initialize() to defer calling ldap_start_tls(). I don't think that's what Pierangelo has in mind.
But that might actually be the simplest approach. ldap_initialize() can parse the URL and set a flag in the LDAP* handle noting that StartTLS was requested.
In the LDAP handle? You mean in the LDAPURLDesc for that URI? I would expect ldap_initialize(&ld, "ldap://server.example.com/????!1.3.6.1.4.1.1466.20037," "ldap://127.0.0.1/,ldapi://");
to automatically negotiate TLS when connecting to server.example.com, but not when connecting to 127.0.0.1 or the UNIX domain socket.
(Hopefully I haven't mangled the syntax from the RFC too badly...)
Philip