TLS context

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,

I was looking at the code to see how should make the support for TLS
context.
IMHO using the areguments for ldap_start_tls_s would be quite
complicated, and would probably require some low-level SSL coding.
But it seems it can be done using OpenLDAP options such as:
LDAP_OPT_X_TLS_CTX
LDAP_OPT_X_TLS_CACERTFILE
LDAP_OPT_X_TLS_CACERTDIR
LDAP_OPT_X_TLS_CERTFILE
LDAP_OPT_X_TLS_KEYFILE
LDAP_OPT_X_TLS_REQUIRE_CERT
LDAP_OPT_X_TLS_CIPHER_SUITE
LDAP_OPT_X_TLS_RANDOM_FILE
LDAP_OPT_X_TLS_NEVER
LDAP_OPT_X_TLS_HARD
LDAP_OPT_X_TLS_DEMAND
LDAP_OPT_X_TLS_ALLOW
LDAP_OPT_X_TLS_TRY

This can be done by extending getattr/setattr functions.
Of course many not TLS-related options can (and IMHO should) be added.

One more thing, which IMHO should be added is ldap_initialize()
function, which can be used to connect to LDAP server using its URI.
It would also handle ldaps:// URIs.

Should I do all/part of these?

Greets,
        Jacek