diff options
| author | Günther Deschner <gd@samba.org> | 2005-11-23 11:17:04 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:05:33 -0500 |
| commit | 092e3e514b092f228bfb7970a34b528a3df6d3d7 (patch) | |
| tree | 27aaec8ba9d60cf5cac45678785655225e57092e /source3/passdb/pdb_nds.c | |
| parent | baba6d0395689600b81b7d6346b1519ac76c9c56 (diff) | |
| download | samba-092e3e514b092f228bfb7970a34b528a3df6d3d7.tar.gz samba-092e3e514b092f228bfb7970a34b528a3df6d3d7.tar.bz2 samba-092e3e514b092f228bfb7970a34b528a3df6d3d7.zip | |
r11874: Merge LDAP connection setup in lib/smbldap.c and pdb_nds.c.
Also allow to use START_TLS in the pdb_nds_update_login_attempts
function when doing simple binds to eDir.
Guenther
(This used to be commit 04a3ac5e50e93f74dfddfead5cb3f335ce991e9a)
Diffstat (limited to 'source3/passdb/pdb_nds.c')
| -rw-r--r-- | source3/passdb/pdb_nds.c | 59 |
1 files changed, 5 insertions, 54 deletions
diff --git a/source3/passdb/pdb_nds.c b/source3/passdb/pdb_nds.c index 1385583086..c6d644827c 100644 --- a/source3/passdb/pdb_nds.c +++ b/source3/passdb/pdb_nds.c @@ -762,11 +762,7 @@ static NTSTATUS pdb_nds_update_login_attempts(struct pdb_methods *methods, const char **attr_list; size_t pwd_len; char clear_text_pw[512]; - const char *p = NULL; LDAP *ld = NULL; - int ldap_port = 0; - char protocol[12]; - char ldap_server[256]; const char *username = pdb_get_username(sam_acct); BOOL got_clear_text_pw = False; @@ -809,58 +805,13 @@ static NTSTATUS pdb_nds_update_login_attempts(struct pdb_methods *methods, DEBUG(5,("pdb_nds_update_login_attempts: using random password %s\n", clear_text_pw)); } - /* Parse the location string */ - p = ldap_state->location; - - /* skip leading "URL:" (if any) */ - if ( strnequal( p, "URL:", 4 ) ) { - p += 4; - } - - sscanf(p, "%10[^:]://%254[^:/]:%d", protocol, ldap_server, &ldap_port); - - if (ldap_port == 0) { - if (strequal(protocol, "ldap")) { - ldap_port = LDAP_PORT; - } else if (strequal(protocol, "ldaps")) { - ldap_port = LDAPS_PORT; - } else { - DEBUG(0, ("unrecognised protocol (%s)!\n", protocol)); - } - } - - ld = ldap_init(ldap_server, ldap_port); - - if(ld != NULL) { - int version; - - /* LDAP version 3 required for ldap_sasl */ - if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS) { - if (version != LDAP_VERSION3) { - version = LDAP_VERSION3; - if (ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS) { - DEBUG(4, ("pdb_nds_update_login_attempts: Set protocol version to LDAP_VERSION3\n")); - } - } - } - - /* Turn on ssl if required */ - if(strequal(protocol, "ldaps")) { -#ifdef LDAP_OPT_X_TLS - int tls = LDAP_OPT_X_TLS_HARD; - if (ldap_set_option (ld, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS) { - DEBUG(1, ("pdb_nds_update_login_attempts: Failed to setup a TLS session\n")); - } else { - DEBUG(4, ("pdb_nds_update_login_attempts: Activated TLS on session\n")); - } -#else - DEBUG(0,("pdb_nds_update_login_attempts: Secure connection not supported by LDAP client libraries!\n")); - return NT_STATUS_INVALID_PARAMETER; -#endif + if((success != True) || (got_clear_text_pw == True)) { + + rc = smb_ldap_setup_full_conn(ld, ldap_state->location); + if (rc) { + return NT_STATUS_INVALID_CONNECTION; } - } - if((success != True) || (got_clear_text_pw == True)) { /* Attempt simple bind with real or bogus password */ rc = ldap_simple_bind_s(ld, dn, clear_text_pw); if (rc == LDAP_SUCCESS) { |