From 31dc9126c1f401ac8668b3c46e28c5a47d34a090 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 30 Jul 2007 08:22:45 +0000 Subject: r24072: Add "client ldap sasl wrapping" parameter. Possible values are "plain" (default), "sign" or "seal". metze (This used to be commit 26ccbad7212e9acd480b98789f04b71c1e940ea8) --- source3/libads/ads_struct.c | 8 ++++++++ source3/param/loadparm.c | 11 ++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) (limited to 'source3') diff --git a/source3/libads/ads_struct.c b/source3/libads/ads_struct.c index c769d8ff48..aac57d41fe 100644 --- a/source3/libads/ads_struct.c +++ b/source3/libads/ads_struct.c @@ -109,6 +109,7 @@ ADS_STRUCT *ads_init(const char *realm, const char *ldap_server) { ADS_STRUCT *ads; + int wrap_flags; ads = SMB_XMALLOC_P(ADS_STRUCT); ZERO_STRUCTP(ads); @@ -128,6 +129,13 @@ ADS_STRUCT *ads_init(const char *realm, /* the caller will own the memory by default */ ads->is_mine = 1; + wrap_flags = lp_client_ldap_sasl_wrapping(); + if (wrap_flags == -1) { + wrap_flags = 0; + } + + ads->auth.flags = wrap_flags; + return ads; } diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 372cfd529d..873fd885c5 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -324,6 +324,7 @@ typedef struct { int name_cache_timeout; int client_signing; int server_signing; + int client_ldap_sasl_wrapping; int iUsershareMaxShares; int iIdmapCacheTime; int iIdmapNegativeCacheTime; @@ -688,6 +689,13 @@ static const struct enum_list enum_printing[] = { {-1, NULL} }; +static const struct enum_list enum_ldap_sasl_wrapping[] = { + {0, "plain"}, + {ADS_AUTH_SASL_SIGN, "sign"}, + {ADS_AUTH_SASL_SEAL, "seal"}, + {-1, NULL} +}; + static const struct enum_list enum_ldap_ssl[] = { {LDAP_SSL_OFF, "no"}, {LDAP_SSL_OFF, "No"}, @@ -1014,7 +1022,7 @@ static struct parm_struct parm_table[] = { {"client signing", P_ENUM, P_GLOBAL, &Globals.client_signing, NULL, enum_smb_signing_vals, FLAG_ADVANCED}, {"server signing", P_ENUM, P_GLOBAL, &Globals.server_signing, NULL, enum_smb_signing_vals, FLAG_ADVANCED}, {"client use spnego", P_BOOL, P_GLOBAL, &Globals.bClientUseSpnego, NULL, NULL, FLAG_ADVANCED}, - + {"client ldap sasl wrapping", P_ENUM, P_GLOBAL, &Globals.client_ldap_sasl_wrapping, NULL, enum_ldap_sasl_wrapping, FLAG_ADVANCED}, {"enable asu support", P_BOOL, P_GLOBAL, &Globals.bASUSupport, NULL, NULL, FLAG_ADVANCED}, {"svcctl list", P_LIST, P_GLOBAL, &Globals.szServicesList, NULL, NULL, FLAG_ADVANCED}, @@ -2182,6 +2190,7 @@ FN_GLOBAL_INTEGER(lp_algorithmic_rid_base, &Globals.AlgorithmicRidBase) FN_GLOBAL_INTEGER(lp_name_cache_timeout, &Globals.name_cache_timeout) FN_GLOBAL_INTEGER(lp_client_signing, &Globals.client_signing) FN_GLOBAL_INTEGER(lp_server_signing, &Globals.server_signing) +FN_GLOBAL_INTEGER(lp_client_ldap_sasl_wrapping, &Globals.client_ldap_sasl_wrapping) /* local prototypes */ -- cgit