diff options
author | Stefan Metzmacher <metze@samba.org> | 2007-07-30 08:22:45 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:29:02 -0500 |
commit | 31dc9126c1f401ac8668b3c46e28c5a47d34a090 (patch) | |
tree | b3ecdb6d1454ac77d7bc4f6e078c3f251b20393b | |
parent | dd98820185b4cdaef7c4e247039b6c1da6600105 (diff) | |
download | samba-31dc9126c1f401ac8668b3c46e28c5a47d34a090.tar.gz samba-31dc9126c1f401ac8668b3c46e28c5a47d34a090.tar.bz2 samba-31dc9126c1f401ac8668b3c46e28c5a47d34a090.zip |
r24072: Add "client ldap sasl wrapping" parameter.
Possible values are "plain" (default), "sign" or "seal".
metze
(This used to be commit 26ccbad7212e9acd480b98789f04b71c1e940ea8)
-rw-r--r-- | source3/libads/ads_struct.c | 8 | ||||
-rw-r--r-- | source3/param/loadparm.c | 11 |
2 files changed, 18 insertions, 1 deletions
diff --git a/source3/libads/ads_struct.c b/source3/libads/ads_struct.c index c769d8ff48..aac57d41fe 100644 --- a/source3/libads/ads_struct.c +++ b/source3/libads/ads_struct.c @@ -109,6 +109,7 @@ ADS_STRUCT *ads_init(const char *realm, const char *ldap_server) { ADS_STRUCT *ads; + int wrap_flags; ads = SMB_XMALLOC_P(ADS_STRUCT); ZERO_STRUCTP(ads); @@ -128,6 +129,13 @@ ADS_STRUCT *ads_init(const char *realm, /* the caller will own the memory by default */ ads->is_mine = 1; + wrap_flags = lp_client_ldap_sasl_wrapping(); + if (wrap_flags == -1) { + wrap_flags = 0; + } + + ads->auth.flags = wrap_flags; + return ads; } diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 372cfd529d..873fd885c5 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -324,6 +324,7 @@ typedef struct { int name_cache_timeout; int client_signing; int server_signing; + int client_ldap_sasl_wrapping; int iUsershareMaxShares; int iIdmapCacheTime; int iIdmapNegativeCacheTime; @@ -688,6 +689,13 @@ static const struct enum_list enum_printing[] = { {-1, NULL} }; +static const struct enum_list enum_ldap_sasl_wrapping[] = { + {0, "plain"}, + {ADS_AUTH_SASL_SIGN, "sign"}, + {ADS_AUTH_SASL_SEAL, "seal"}, + {-1, NULL} +}; + static const struct enum_list enum_ldap_ssl[] = { {LDAP_SSL_OFF, "no"}, {LDAP_SSL_OFF, "No"}, @@ -1014,7 +1022,7 @@ static struct parm_struct parm_table[] = { {"client signing", P_ENUM, P_GLOBAL, &Globals.client_signing, NULL, enum_smb_signing_vals, FLAG_ADVANCED}, {"server signing", P_ENUM, P_GLOBAL, &Globals.server_signing, NULL, enum_smb_signing_vals, FLAG_ADVANCED}, {"client use spnego", P_BOOL, P_GLOBAL, &Globals.bClientUseSpnego, NULL, NULL, FLAG_ADVANCED}, - + {"client ldap sasl wrapping", P_ENUM, P_GLOBAL, &Globals.client_ldap_sasl_wrapping, NULL, enum_ldap_sasl_wrapping, FLAG_ADVANCED}, {"enable asu support", P_BOOL, P_GLOBAL, &Globals.bASUSupport, NULL, NULL, FLAG_ADVANCED}, {"svcctl list", P_LIST, P_GLOBAL, &Globals.szServicesList, NULL, NULL, FLAG_ADVANCED}, @@ -2182,6 +2190,7 @@ FN_GLOBAL_INTEGER(lp_algorithmic_rid_base, &Globals.AlgorithmicRidBase) FN_GLOBAL_INTEGER(lp_name_cache_timeout, &Globals.name_cache_timeout) FN_GLOBAL_INTEGER(lp_client_signing, &Globals.client_signing) FN_GLOBAL_INTEGER(lp_server_signing, &Globals.server_signing) +FN_GLOBAL_INTEGER(lp_client_ldap_sasl_wrapping, &Globals.client_ldap_sasl_wrapping) /* local prototypes */ |