2012/3/1 Michael Ströder michael@stroeder.com
Could someone of the OpenLDAP core developers please confirm this? Especially whether LDAP_OPT_X_TLS_NEWCTX is set to LDAP_OPT_OFF for "clients"?
At least this is what is mentioned in the man page:
http://linux.die.net/man/3/ldap_set_option *LDAP_OPT_X_TLS_NEWCTX* Instructs the library to create a new TLS library context. *invalue* must be *const int **. A non-zero value pointed to by * invalue* tells the library to create a context for a server. Just have a quick look at the code: // include/ldap.h #define LDAP_OPT_OFF ((void *) 0) #define LDAP_OPT_ON ((void *) &ber_pvt_opt_on) ... // libraries/liblber/options.c char ber_pvt_opt_on; /* used to get a non-NULL address for *_OPT_ON */
LDAP_OPT_OFF seems to be a NULL pointer. It seems not intended to be used to set the value for LDAP_OPT_X_TLS_NEWCTX, which requires a 'const int *' type (the address of a predefined integer value).
But yes, it had better be clarified by some developer or someone very familiar to OpenLDAP code.
Thanks, Qiang