Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 11034 invoked from network); 8 Mar 2007 05:07:19 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 8 Mar 2007 05:07:19 -0000 Received: (qmail 12153 invoked by uid 500); 8 Mar 2007 05:07:27 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 12117 invoked by uid 500); 8 Mar 2007 05:07:27 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 12106 invoked by uid 99); 8 Mar 2007 05:07:27 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 07 Mar 2007 21:07:27 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: domain of enriquer9@gmail.com designates 66.249.92.174 as permitted sender) Received: from [66.249.92.174] (HELO ug-out-1314.google.com) (66.249.92.174) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 07 Mar 2007 21:07:17 -0800 Received: by ug-out-1314.google.com with SMTP id 71so773225ugh for ; Wed, 07 Mar 2007 21:06:56 -0800 (PST) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=KBzjZxNV5WLQY6GO+BipNIyBZGhBlzrsBzuaT6kf7lBtrnMRCjB4WXCrz6O5nC6Pv8pp0jn2ZyCDCbyBr4uRpoMoqy1vbrFpMk7w8TnBOXCXsLY4zYXTyk3FnQGb2n8AyD8J8PeZUewtd6uJWF++NkUDBuBbAl6ncq5pRZXTWLo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=GUwx+XOnT97yfmce53otNkUBuzj7B8qojqgtnxJJWlaN//d2Ndvg78UsEDBJHA0Y0jU9RNhQZ6/fCisLXi6/0XFPMm9HULPxkHT5XxzM5xJl/Xk07Ep28VShWeiF1QMbBr0LXxD8NxeKy44w9OmErr0TefvpuHYB9X3tPv9EmRA= Received: by 10.114.202.15 with SMTP id z15mr8662waf.1173330415419; Wed, 07 Mar 2007 21:06:55 -0800 (PST) Received: by 10.115.111.11 with HTTP; Wed, 7 Mar 2007 21:06:55 -0800 (PST) Message-ID: <568753d90703072106n3cc1921ejc1eafbe7c91a6a9a@mail.gmail.com> Date: Wed, 7 Mar 2007 21:06:55 -0800 From: "Enrique Rodriguez" Reply-To: erodriguez@apache.org To: "Apache Directory Developers List" Subject: StartTLS MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Virus-Checked: Checked by ClamAV on apache.org What is (was) the status of StartTLS? It never worked, did it? I ask because I saw some code in the LDAP PP while I was in there that seemed to indicate at least an attempt was made at one point. I didn't see how it could have worked, so I added my own code, and I have it working. It even seems to stack OK with SASL. $ ldapsearch -b "dc=example,dc=com" "(uid=erodriguez)" -ZZ -Y DIGEST-MD5 -U erodriguez -R example.com -w secret If no one's on this I'll add a JIRA so we can track it. The OID registers as an extension. Is there anything else the server needs to do to announce it supports Start TLS? Enrique