I am trying to connect to the openldap server (ldap.openldap.org) over
ssl. When using the softerra LDAP browser this works fine ( I had to
get the cert7.db and key3.db certificates first). When I tried to
connect using my program (on windows), the program exited when trying
to do a ldap_simple_bind_s.
if ( ldapssl_client_init( "c:\\certs", NULL ) < 0) {
printf( "Failed to initialize SSL client...\n" );
return( 1 );
}
if ( (ld = ldapssl_init(HOSTNAME, LDAPS_PORT, 1 )) == NULL ) {
printf( "ldap_init\n" );
return( 1 );
}
version = LDAP_VERSION3;
rc = ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
if ( rc != LDAP_SUCCESS ) {
printf("Cannot set option: %s\n", ldap_err2string(rc));
return( 1 );
}
/* Bind to the LDAP server. */
rc = ldap_bind_s( ld, NULL, NULL, LDAP_AUTH_SIMPLE);
---------------------> The program exits here.
if ( rc != LDAP_SUCCESS ) {
printf(stderr, "ldap_simple_bind_s: %s\n", ldap_err2string(rc));
return( 1 );
}
I am using the netscape ldap SDK (which is the same set of dlls that
Softerra browser seems to use), so I am wondering if I am not doing any
of the steps correctly. I tried looking at the packets in ethereal and
it seems that there is a "Encrypted Alert" generated after which the
program fails.
I am totally stumped on this ! Any help will be greatly appreciated.
Thanks very much,
Kapil
30 7.426430 10.10.20.115 204.152.186.57 TCP
2527 > ldaps [SYN] Seq=1954261503 Ack=0 Win=65535 Len=0 MSS=1460
31 7.441961 204.152.186.57 10.10.20.115 TCP
ldaps > 2527 [SYN, ACK] Seq=2263670135 Ack=1954261504 Win=57344 Len=0
MSS=1408
32 7.442002 10.10.20.115 204.152.186.57 TCP
2527 > ldaps [ACK] Seq=1954261504 Ack=2263670136 Win=65535 Len=0
33 7.445766 10.10.20.115 204.152.186.57 SSLv2
Client Hello
34 7.466050 204.152.186.57 10.10.20.115 TLS
Server Hello, Certificate, Server Hello Done
35 7.469329 10.10.20.115 204.152.186.57 TLS
Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
36 7.505536 204.152.186.57 10.10.20.115 TLS
Change Cipher Spec, Encrypted Handshake Message
37 7.505874 10.10.20.115 204.152.186.57 TLS
Application Data
38 7.521055 204.152.186.57 10.10.20.115 TLS
Application Data
39 7.525068 10.10.20.115 204.152.186.57 TLS
Application Data
40 7.542005 204.152.186.57 10.10.20.115 TLS
Application Data
41 7.543128 204.152.186.57 10.10.20.115 TLS
Application Data
42 7.543168 10.10.20.115 204.152.186.57 TCP
2527 > ldaps [ACK] Seq=1954261864 Ack=2263672068 Win=65535 Len=0
43 7.543468 204.152.186.57 10.10.20.115 TLS
Application Data
44 7.544055 204.152.186.57 10.10.20.115 TLS
Application Data
45 7.544071 10.10.20.115 204.152.186.57 TCP
2527 > ldaps [ACK] Seq=1954261864 Ack=2263672563 Win=65040 Len=0
46 7.544657 204.152.186.57 10.10.20.115 TLS
Application Data
47 7.545272 204.152.186.57 10.10.20.115 TLS
Application Data
48 7.545294 10.10.20.115 204.152.186.57 TCP
2527 > ldaps [ACK] Seq=1954261864 Ack=2263673227 Win=64376 Len=0
49 7.546017 204.152.186.57 10.10.20.115 TLS
Application Data
50 7.546099 204.152.186.57 10.10.20.115 TLS
Application Data
51 7.546117 10.10.20.115 204.152.186.57 TCP
2527 > ldaps [ACK] Seq=1954261864 Ack=2263673567 Win=65535 Len=0
52 7.604079 10.10.20.115 204.152.186.57 TLS
Application Data
53 7.604196 10.10.20.115 204.152.186.57 TLS
Encrypted Alert
54 7.620859 204.152.186.57 10.10.20.115 TLS
Encrypted Alert
55 7.620936 10.10.20.115 204.152.186.57 TCP
2527 > ldaps [RST, ACK] Seq=1954261916 Ack=2263673590 Win=0 Len=0
56 7.620980 204.152.186.57 10.10.20.115 TCP
ldaps > 2527 [FIN, ACK] Seq=2263673590 Ack=1954261892 Win=57728 Len=0
57 7.620994 10.10.20.115 204.152.186.57 TCP
2527 > ldaps [RST] Seq=1954261892 Ack=1954261892 Win=0 Len=0
58 7.621512 204.152.186.57 10.10.20.115 TCP
ldaps > 2527 [RST] Seq=2263673567 Ack=0 Win=0 Len=0
_______________________________________________
mozilla-directory mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-directory
