summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-03-24 19:26:02 +1100
committerAndrew Bartlett <abartlet@samba.org>2010-03-24 19:28:38 +1100
commitbb7854afea47699be32f5331fe5f8f05e469cb96 (patch)
tree6f193602eb63fde13663ae1b941d6f1681828c83
parenta2286bad67a772d290fead9832b7ca52877c40b2 (diff)
downloadsamba-bb7854afea47699be32f5331fe5f8f05e469cb96.tar.gz
samba-bb7854afea47699be32f5331fe5f8f05e469cb96.tar.bz2
samba-bb7854afea47699be32f5331fe5f8f05e469cb96.zip
s4:cmdline Add --sign and --encrypt options to our common command line
This allows ldbsearch to accept --sign and --encrypt. I'll soon work to integrate with the --signing= option in smbclient. Andrew Bartlett
-rw-r--r--source4/lib/cmdline/popt_credentials.c29
1 files changed, 28 insertions, 1 deletions
diff --git a/source4/lib/cmdline/popt_credentials.c b/source4/lib/cmdline/popt_credentials.c
index 42ecac1eaa..80f71eb417 100644
--- a/source4/lib/cmdline/popt_credentials.c
+++ b/source4/lib/cmdline/popt_credentials.c
@@ -39,7 +39,7 @@
static bool dont_ask;
-enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS };
+enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS, OPT_SIGN, OPT_ENCRYPT };
/*
disable asking for a password
@@ -66,6 +66,7 @@ static void popt_common_credentials_callback(poptContext con,
cli_credentials_set_cmdline_callbacks(cmdline_credentials);
}
return;
+
}
switch(opt->val) {
@@ -119,9 +120,33 @@ static void popt_common_credentials_callback(poptContext con,
}
case OPT_SIMPLE_BIND_DN:
+ {
cli_credentials_set_bind_dn(cmdline_credentials, arg);
break;
}
+ case OPT_SIGN:
+ {
+ uint32_t gensec_features;
+
+ gensec_features = cli_credentials_get_gensec_features(cmdline_credentials);
+
+ gensec_features |= GENSEC_FEATURE_SIGN;
+ cli_credentials_set_gensec_features(cmdline_credentials,
+ gensec_features);
+ break;
+ }
+ case OPT_ENCRYPT:
+ {
+ uint32_t gensec_features;
+
+ gensec_features = cli_credentials_get_gensec_features(cmdline_credentials);
+
+ gensec_features |= GENSEC_FEATURE_SEAL;
+ cli_credentials_set_gensec_features(cmdline_credentials,
+ gensec_features);
+ break;
+ }
+ }
}
@@ -135,5 +160,7 @@ struct poptOption popt_common_credentials[] = {
{ "machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password (implies -k)" },
{ "simple-bind-dn", 0, POPT_ARG_STRING, NULL, OPT_SIMPLE_BIND_DN, "DN to use for a simple bind" },
{ "kerberos", 'k', POPT_ARG_STRING, NULL, OPT_KERBEROS, "Use Kerberos" },
+ { "sign", 'S', POPT_ARG_NONE, NULL, OPT_SIGN, "Sign connection to prevent modification in transit" },
+ { "encrypt", 'e', POPT_ARG_NONE, NULL, OPT_ENCRYPT, "Encrypt connection for privacy" },
{ NULL }
};