start tls

Steffen Ries steffen.ries at
Sun Jul 15 19:46:58 CEST 2001


attached is a small (experimental) patch, which enables
'start_tls_s()' in python-ldap. The patch requires OpenLDAP 2.0.x (I
tested it only against 2.0.11 on Redhat 6.2).

I included Konstanin's patches and the memory leak fixes and have run
the diff against the current CVS version. David's CIDict patches
are not included, so I disabled CIDict to get it running with

To use it, you will need OpenLDAP 2.0.x with TLS support built in (see

A simple demonstration looks like this:
>>> server ='localhost')
>>> server.version = ldap.VERSION3
>>> server.start_tls_s()
>>> server.simple_bind_s(...)

If the ldap server supports startTLS and the Certificate maps to the
host, the call to start_tls_s() succeeds, otherwise an exception is

steffen.ries at	<> Gravity is a myth -- the Earth sucks!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: diffs
Type: application/octet-stream
Size: 16556 bytes
Desc: not available
URL: <>

More information about the python-ldap mailing list