Re: LDAPS support
Date: Wed, 22 Aug 2007 23:03:46 +0200 (CEST)
On Wed, 22 Aug 2007, Guenter Knauf wrote:
> - Probably working on Cygwin and Linux with OpenLDAP SDK (not checked yet if
> data is really encrypted, but it connects to 636 with current code)
I use Debian Linux and I have the libldap2-dev package (OpenLDAP development
libraries) installed, but it doesn't seem to have ldap_ssl.h etc so I don't
get ldaps enabled...
Have you built/tried ldaps on Linux? If so, what did you use/install for that?
> - does current code with OpenLDAP really encrypt? At least it connects now
> fine with ldaps.
Should be easily verified by running wireshark or similar while doing a fetch.
> in order to test the last point its now needed that I get somehow the values
> of these switches into the ldap.c code which curl can set:
> -k/--insecure Allow connections to SSL sites without certs (H)
data->set.ssl.verifypeer and data->set.ssl.verifyhost
> --cert-type <type> Certificate file type (DER/PEM/ENG) (SSL)
> --cacert <file> CA certificate to verify peer against (SSL)
> --capath <directory> CA directory (made using c_rehash) to verify
> peer against (SSL)
> sorry, but due to all the reading/searching reagarding proper API usage I
> have not digged enough through curl/libcurl to find out how I can access
> these values.
> Any help with that GREATLY welcome!
I've filled in the libcurl way of accessing the info.
-- Commercial curl and libcurl Technical Support: http://haxx.se/curl.htmlReceived on 2007-08-22