On 06/10/2011 02:11 PM, Massimiliano Pala wrote:
Hi Rich,
that's not really what I wanted.. I am developing my own ldap client and I wanted to know what is the code path to set the option.
I tried to use the following:
ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, "never")
but it always fails ( != 0).
man ldap_set_option
LDAP_OPT_X_TLS_REQUIRE_CERT Sets/gets the peer certificate checking strategy, one of LDAP_OPT_X_TLS_NEVER, LDAP_OPT_X_TLS_HARD, LDAP_OPT_X_TLS_DEMAND, LDAP_OPT_X_TLS_ALLOW, LDAP_OPT_X_TLS_TRY.
int reqcert = LDAP_OPT_X_TLS_NEVER; ... rc = ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);
Also, I would like to know if there's a possibility to set a callback for the verify of the certificates.
No that I know of. The problem here is - what would be passed to this callback? A certificate? In which format?
Cheers, Max
On 06/10/2011 03:05 PM, Rich Megginson wrote: [...]
TLS_REQCERT <level> never, allow, try