From ac331c48db29afeb712bb1a1edf739354082ad7f Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Tue, 22 Nov 2005 17:15:28 +0000
Subject: r11863: BUG 3196: patch from Alex Deiter <tiamat@komi.mts.ru> to
 compile against the Sun LDAP client libs.  But not for AD support; just ldap
 support (This used to be commit a33e78acedb37df47905d326411e017794721250)

---
 source3/configure.in       | 36 +++++++++++++++++++++++++++++++-----
 source3/include/includes.h |  9 +++++++++
 source3/libads/ldap.c      |  8 +++++++-
 source3/passdb/pdb_nds.c   |  5 +++++
 4 files changed, 52 insertions(+), 6 deletions(-)

(limited to 'source3')

diff --git a/source3/configure.in b/source3/configure.in
index f31f26f07b..296673e4b5 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -2796,8 +2796,6 @@ if test x"$with_ldap_support" != x"no"; then
   # now see if we can find the ldap libs in standard paths
   AC_CHECK_LIB_EXT(ldap, LDAP_LIBS, ldap_init)
 
-  AC_CHECK_FUNC_EXT(ldap_domain2hostlist,$LDAP_LIBS)
-  
   ########################################################
   # If we have LDAP, does it's rebind procedure take 2 or 3 arguments?
   # Check found in pam_ldap 145.
@@ -2816,9 +2814,7 @@ if test x"$with_ldap_support" != x"no"; then
   
   AC_DEFINE_UNQUOTED(LDAP_SET_REBIND_PROC_ARGS, $smb_ldap_cv_ldap_set_rebind_proc, [Number of arguments to ldap_set_rebind_proc])
 
-  AC_CHECK_FUNC_EXT(ldap_initialize,$LDAP_LIBS)	
-  
-  if test x"$ac_cv_lib_ext_ldap_ldap_init" = x"yes" -a x"$ac_cv_func_ext_ldap_domain2hostlist" = x"yes"; then
+  if test x"$ac_cv_lib_ext_ldap_ldap_init" = x"yes"; then
     AC_DEFINE(HAVE_LDAP,1,[Whether ldap is available])
     CPPFLAGS="$CPPFLAGS -DLDAP_DEPRECATED"
     default_static_modules="$default_static_modules pdb_ldap idmap_ldap";
@@ -2870,6 +2866,36 @@ if test x"$with_ldap_support" != x"yes"; then
     with_ads_support=no
 fi
 
+AC_CHECK_FUNC_EXT(ldap_initialize,$LDAP_LIBS)
+
+if test x"$ac_cv_func_ext_ldap_initialize" != x"yes"; then
+    if test x"$with_ads_support" = x"yes"; then
+        AC_MSG_ERROR(Active Directory Support requires ldap_initialize)
+    fi
+    AC_MSG_WARN(Active Directory Support requires ldap_initialize)
+    with_ads_support=no
+fi
+
+AC_CHECK_FUNC_EXT(ldap_domain2hostlist,$LDAP_LIBS)
+
+if test x"$ac_cv_func_ext_ldap_domain2hostlist" != x"yes"; then
+    if test x"$with_ads_support" = x"yes"; then
+        AC_MSG_ERROR(Active Directory Support requires ldap_domain2hostlist)
+    fi
+    AC_MSG_WARN(Active Directory Support requires ldap_domain2hostlist)
+    with_ads_support=no
+fi
+
+AC_CHECK_FUNC_EXT(ldap_add_result_entry,$LDAP_LIBS)
+
+if test x"$ac_cv_func_ext_ldap_add_result_entry" != x"yes"; then
+    if test x"$with_ads_support" = x"yes"; then
+        AC_MSG_ERROR(Active Directory Support requires ldap_add_result_entry)
+    fi
+    AC_MSG_WARN(Active Directory Support requires ldap_add_result_entry)
+    with_ads_support=no
+fi
+
 if test x"$with_ads_support" != x"no"; then
 
   # Do no harm to the values of CFLAGS and LIBS while testing for
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 626124523e..cde199eed8 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -458,10 +458,19 @@
 
 #if HAVE_LBER_H
 #include <lber.h>
+#ifndef LBER_USE_DER
+#define LBER_USE_DER 0x01
+#endif
 #endif
 
 #if HAVE_LDAP_H
 #include <ldap.h>
+#ifndef LDAP_CONST
+#define LDAP_CONST const
+#endif
+#ifndef LDAP_OPT_SUCCESS
+#define LDAP_OPT_SUCCESS 0
+#endif
 #else
 #undef HAVE_LDAP
 #endif
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index bf402b3499..6d1ca24537 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -577,8 +577,10 @@ ADS_STATUS ads_do_search_all(ADS_STRUCT *ads, const char *bind_path,
 	status = ads_do_paged_search(ads, bind_path, scope, expr, attrs, res,
 				     &count, &cookie);
 
-	if (!ADS_ERR_OK(status)) return status;
+	if (!ADS_ERR_OK(status)) 
+		return status;
 
+#ifdef HAVE_LDAP_ADD_RESULT_ENTRY
 	while (cookie) {
 		void *res2 = NULL;
 		ADS_STATUS status2;
@@ -598,6 +600,10 @@ ADS_STATUS ads_do_search_all(ADS_STRUCT *ads, const char *bind_path,
 		/* note that we do not free res2, as the memory is now
                    part of the main returned list */
 	}
+#else
+	DEBUG(0, ("no ldap_add_result_entry() support in LDAP libs!\n"));
+	status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
+#endif
 
 	return status;
 }
diff --git a/source3/passdb/pdb_nds.c b/source3/passdb/pdb_nds.c
index 5de80a827f..1385583086 100644
--- a/source3/passdb/pdb_nds.c
+++ b/source3/passdb/pdb_nds.c
@@ -846,12 +846,17 @@ static NTSTATUS pdb_nds_update_login_attempts(struct pdb_methods *methods,
 
 			/* Turn on ssl if required */
 			if(strequal(protocol, "ldaps")) {
+#ifdef LDAP_OPT_X_TLS
 				int tls = LDAP_OPT_X_TLS_HARD;
 				if (ldap_set_option (ld, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS) {
 					DEBUG(1, ("pdb_nds_update_login_attempts: Failed to setup a TLS session\n"));
 				} else {
 					DEBUG(4, ("pdb_nds_update_login_attempts: Activated TLS on session\n"));
 				}
+#else
+				DEBUG(0,("pdb_nds_update_login_attempts: Secure connection not supported by LDAP client libraries!\n"));
+				return NT_STATUS_INVALID_PARAMETER;
+#endif
 			}
 		}
 
-- 
cgit