summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2007-07-30 08:22:45 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:29:02 -0500
commit31dc9126c1f401ac8668b3c46e28c5a47d34a090 (patch)
treeb3ecdb6d1454ac77d7bc4f6e078c3f251b20393b
parentdd98820185b4cdaef7c4e247039b6c1da6600105 (diff)
downloadsamba-31dc9126c1f401ac8668b3c46e28c5a47d34a090.tar.gz
samba-31dc9126c1f401ac8668b3c46e28c5a47d34a090.tar.bz2
samba-31dc9126c1f401ac8668b3c46e28c5a47d34a090.zip
r24072: Add "client ldap sasl wrapping" parameter.
Possible values are "plain" (default), "sign" or "seal". metze (This used to be commit 26ccbad7212e9acd480b98789f04b71c1e940ea8)
-rw-r--r--source3/libads/ads_struct.c8
-rw-r--r--source3/param/loadparm.c11
2 files changed, 18 insertions, 1 deletions
diff --git a/source3/libads/ads_struct.c b/source3/libads/ads_struct.c
index c769d8ff48..aac57d41fe 100644
--- a/source3/libads/ads_struct.c
+++ b/source3/libads/ads_struct.c
@@ -109,6 +109,7 @@ ADS_STRUCT *ads_init(const char *realm,
const char *ldap_server)
{
ADS_STRUCT *ads;
+ int wrap_flags;
ads = SMB_XMALLOC_P(ADS_STRUCT);
ZERO_STRUCTP(ads);
@@ -128,6 +129,13 @@ ADS_STRUCT *ads_init(const char *realm,
/* the caller will own the memory by default */
ads->is_mine = 1;
+ wrap_flags = lp_client_ldap_sasl_wrapping();
+ if (wrap_flags == -1) {
+ wrap_flags = 0;
+ }
+
+ ads->auth.flags = wrap_flags;
+
return ads;
}
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 372cfd529d..873fd885c5 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -324,6 +324,7 @@ typedef struct {
int name_cache_timeout;
int client_signing;
int server_signing;
+ int client_ldap_sasl_wrapping;
int iUsershareMaxShares;
int iIdmapCacheTime;
int iIdmapNegativeCacheTime;
@@ -688,6 +689,13 @@ static const struct enum_list enum_printing[] = {
{-1, NULL}
};
+static const struct enum_list enum_ldap_sasl_wrapping[] = {
+ {0, "plain"},
+ {ADS_AUTH_SASL_SIGN, "sign"},
+ {ADS_AUTH_SASL_SEAL, "seal"},
+ {-1, NULL}
+};
+
static const struct enum_list enum_ldap_ssl[] = {
{LDAP_SSL_OFF, "no"},
{LDAP_SSL_OFF, "No"},
@@ -1014,7 +1022,7 @@ static struct parm_struct parm_table[] = {
{"client signing", P_ENUM, P_GLOBAL, &Globals.client_signing, NULL, enum_smb_signing_vals, FLAG_ADVANCED},
{"server signing", P_ENUM, P_GLOBAL, &Globals.server_signing, NULL, enum_smb_signing_vals, FLAG_ADVANCED},
{"client use spnego", P_BOOL, P_GLOBAL, &Globals.bClientUseSpnego, NULL, NULL, FLAG_ADVANCED},
-
+ {"client ldap sasl wrapping", P_ENUM, P_GLOBAL, &Globals.client_ldap_sasl_wrapping, NULL, enum_ldap_sasl_wrapping, FLAG_ADVANCED},
{"enable asu support", P_BOOL, P_GLOBAL, &Globals.bASUSupport, NULL, NULL, FLAG_ADVANCED},
{"svcctl list", P_LIST, P_GLOBAL, &Globals.szServicesList, NULL, NULL, FLAG_ADVANCED},
@@ -2182,6 +2190,7 @@ FN_GLOBAL_INTEGER(lp_algorithmic_rid_base, &Globals.AlgorithmicRidBase)
FN_GLOBAL_INTEGER(lp_name_cache_timeout, &Globals.name_cache_timeout)
FN_GLOBAL_INTEGER(lp_client_signing, &Globals.client_signing)
FN_GLOBAL_INTEGER(lp_server_signing, &Globals.server_signing)
+FN_GLOBAL_INTEGER(lp_client_ldap_sasl_wrapping, &Globals.client_ldap_sasl_wrapping)
/* local prototypes */