On 27 Nov 2002 michael@??? wrote:
> If so, then another one wouldn't make the difference. :) The LDAP code
> hasn't been updated to make use of LDAPv3 yet. Here is a patch that I
> use to do that.
Hmm. I thought I had put in LDAPv3 a long time ago. Did you look at the
code of the snapshot? It contains this:
#ifdef LDAP_VERSION3
int version = LDAP_VERSION3;
#else
int version = 2;
#endif
...
/* I could not get TLS to work until I set the version to 3. That version
seems to be the default nowadays. The RFC is dated 1997, so I would hope
that all the LDAP libraries support it. Let's go for it. */
#ifdef LDAP_OPT_PROTOCOL_VERSION
ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, (void *)&version);
#endif
The ChangeLog may not be entirely clear. The item says this:
9. With OpenLDAP 2.0.25, ldaps:// doesn't seem to work unless the LDAP
protocol level is set to 3. This is now standard in the Exim code, as v3
has been around for 5 years now. Testing ldaps:// is now included in the
Exim test suite. Although earlier versions claimed to support it, I rather
suspect that it never worked.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.