On 06/10/2011 02:11 PM, Massimiliano Pala wrote:
Hi Rich,
that's not really what I wanted.. I am developing my own ldap client
and I wanted to know what is the code path to set the option.
I tried to use the following:
ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, "never")
but it always fails ( != 0).
man ldap_set_option
LDAP_OPT_X_TLS_REQUIRE_CERT
Sets/gets the peer certificate checking strategy,
one of
LDAP_OPT_X_TLS_NEVER,
LDAP_OPT_X_TLS_HARD,
LDAP_OPT_X_TLS_DEMAND, LDAP_OPT_X_TLS_ALLOW,
LDAP_OPT_X_TLS_TRY.
int reqcert = LDAP_OPT_X_TLS_NEVER;
...
rc = ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);
Also, I would like to know if there's a possibility to set a callback
for the verify of the certificates.
No that I know of. The problem here is - what
would be passed to this
callback? A certificate? In which format?
Cheers,
Max
On 06/10/2011 03:05 PM, Rich Megginson wrote:
[...]
> TLS_REQCERT <level>
> never, allow, try