Menu
▾
▴
Re: start_tls using required
|
From: Graham B. <gb...@po...> - 2002-11-11 16:21:57
|
On Mon, Nov 11, 2002 at 03:08:45PM +0100, Michael Maier wrote:
> Hi!
>
> I have a question concerning start_tls.
> When I use verify=>'required' and my LDAP Server does not know the start_tls
> extension, it sends me a "unsupported extended operation"-error as
> LDAPResult with errornumber 2 (at least Sun DirServ and OpenLDAP does). As
> far as I understood, in this case the following search request should not be
> started but it looks like the resultCode 2 is looked at as success.
No its not.
> By the way, shouldn't a not supported extension result in a resultCode of
> 12?
No. That is the code that is returned when a request is sent with a control
that is marked critical and the server does not support it.
> Here is my code:
> use Net::LDAP;
> $ldap = Net::LDAP->new('localhost', version => 3, port => 389) or die "$@";
> $ldap->debug(12);
> $ldap->start_tls(verify => 'required', cafile => 'somefile') or die "$@";
start_tls, like other methods, does not return true/false. It returns
a message object that you must call methods on yourself.
$mesg = $ldap->start_tls(verify => 'required', cafile => 'somefile');
die $mesg->error if $mesg->code;
Graham.
> ...
>
>
>
> And here the response to my start_tls from debug:
>
> 42: SEQUENCE {
> 1: INTEGER=1
> 37: [APPLICATION 24] {
> 1: ENUM = 2
> 0: STRING = ''
> 30: STRING = 'unsupported extended operation'
> : }
> : }
>
>
> Thanks!
> Florian
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
|
