New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
STARTTLS support for LDAP in s_client #1955
Comments
I don't think it is a good idea to create a mutual dependency between OpenSSL and OpenLDAP. If speaking LDAP starttls "by hand" is too difficult, then such debugging tools should be created on the OpenLDAP side and not in s_client. |
I also wouldn't speak FTP or XMPP "by hand", but |
Now that I did #2293, I was made aware by @rtandy that @quanah pointed out an existing patch at https://rt.openssl.org/Ticket/Display.html?id=2665 already years ago – which meanwhile lead to #1733 and #1735 (it seems to do indeed more than my PR does, but I'm unfortunately not knowledged enough to follow up #1735 though). |
so many ldap PR's :) we'll have to sort this out. |
Only two PRs, really... and they really do the same, one just happens to be a bit more verbose than the other (and easier to change, should it come to that) |
Can this issue be closed as a duplicate of #1733 and possibly the PR moved forward? |
Yes, dup of #1733. |
It would be great to be able to run
openssl s_client -connect localhost:389 -starttls ldap
for TLS related debugging purposes at LDAP where the classical SSL variant with TCP port 636 isn't available. As per http://stackoverflow.com/questions/11549731/is-it-possible-to-send-ldap-requests-via-telnet it does not make much sense to try to speak LDAP "by hand", but having STARTTLS support for LDAP in s_client would be still appreciated for TLS related testing and debugging.The text was updated successfully, but these errors were encountered: