start tls

Steffen Ries steffen.ries at sympatico.ca
Sun Jul 15 19:46:58 CEST 2001


Hi,

attached is a small (experimental) patch, which enables
'start_tls_s()' in python-ldap. The patch requires OpenLDAP 2.0.x (I
tested it only against 2.0.11 on Redhat 6.2).

I included Konstanin's patches and the memory leak fixes and have run
the diff against the current CVS version. David's CIDict patches
are not included, so I disabled CIDict to get it running with
python2.1.

To use it, you will need OpenLDAP 2.0.x with TLS support built in (see
http://www.openldap.org/faq/data/cache/185.html).

A simple demonstration looks like this:
>>> server = ldap.open('localhost')
>>> server.version = ldap.VERSION3
>>> server.start_tls_s()
>>> server.simple_bind_s(...)

If the ldap server supports startTLS and the Certificate maps to the
host, the call to start_tls_s() succeeds, otherwise an exception is
thrown.

/steffen
-- 
steffen.ries at sympatico.ca	<> Gravity is a myth -- the Earth sucks!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: diffs
Type: application/octet-stream
Size: 16556 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20010715/f45cf78e/attachment.obj>


More information about the python-ldap mailing list