I have an example program here that tries to connect to an LDAP server on a secure port (ldaps: //) However, the sample program cannot be bound to the server.
#define LDAP_DEPRECATED 1 #include <stdio.h> #include <ldap.h> #define BIND_DN "dc=example,dc=com" #define BIND_PW "secret" int main() { LDAP *ld; int rc; int reqcert = LDAP_OPT_X_TLS_NEVER; int version = LDAP_VERSION3; int ret(0); if (ldap_initialize (&ld, "ldaps://192.168.1.51:10636")) { perror("ldap_init"); /* no error here */ return(1); } ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version); ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert); rc = ldap_bind_s(ld, BIND_DN, BIND_PW, LDAP_AUTH_SIMPLE); if( rc != LDAP_SUCCESS ) { fprintf(stderr, "ldap_simple_bind_s: %s\n", ldap_err2string(rc) ); return( 1 ); } printf("Initial Authentication successful\n"); ldap_unbind(ld); }
However, with START_TLS, the sample program successfully binds to the LDAP server running on port 10389. The ldapsearch client can connect to the server and search the user database tree. But the sample program does not do the above.
To make it work with START_TLS: Here is what I added:
ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert); rc = ldap_start_tls_s(ld, NULL, NULL); if (rc != LDAP_SUCCESS) { printf("ldap_start_tls() %s",ldap_err2string(ret)); }
Can someone point out what I am missing here for binding to an LDAP server via ldaps: // ??
source share