cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: LDAP

From: Patrick Monnerat <Patrick.Monnerat_at_datasphere.ch>
Date: Thu, 16 Aug 2007 17:31:25 +0200

I tried your patch on FC6: does not compile, because ldap_ssl.h not
found. I have looked for a package in the distribution that would have
installed it, without success. Abandoned

I also tried on cygwin: it compiles but always says "server is down". I
think its because you do not consider "hybrids" in you conditional
tests.

Anyway, when I read you want to do this, I thought you were speaking
about writing the LDAP module without LDAP library, not only LDAPS...
Reciprocal misunderstanding !

How do you specify the certificates ? Would it be possible to use the
regular SSL settings and generalize the CURLOPT_FTP_SSL to LDAP protocol
?

Good luck for the continuation
Patrick

-----Original Message-----
From: Guenter Knauf [mailto:eflash_at_gmx.net]
Sent: Wednesday, August 15, 2007 18:49
To: Patrick Monnerat; curl-library_at_cool.haxx.se
Subject: RE: LDAP

Hi,
> If someone else is ready to design a patch, do not hesitate :-)
here's a first hack for ldaps:
http://www.gknw.net/test/curl/ldapssl.diff

I've tested this on NetWare against two NetWare eDir servers, and
against openldap.org;
f.e.:
curl -v ldaps://ldap.openldap.org/dc=openldap,dc=org?one
returns:
* About to connect() to ldap.openldap.org port 636 (#0)
* Trying 204.152.186.57... connected
* Connected to ldap.openldap.org (204.152.186.57) port 636 (#0)
* LDAP local: ldaps://ldap.openldap.org/dc=openldap,dc=org?one
* LDAP local: trying to establish encrypted connection
DN: dc=OpenLDAP,dc=Org
* Closing connection #0

so basic functionality seems to work; however:
- cert verification not yet implemented
- Win32 not yet working with ldaps (always tells me 'server is down')

for now I've ifdef'd the stuff with HAVE_LDAP_SSL - so unless you define
this the ldaps support doesnt get compiled; not sure if we need that,
nor if the name HAVE_LDAP_SSL is ok....

comments please! Should I comment as base for further improvements?

Guen.
Received on 2007-08-16