mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
r24072: Add "client ldap sasl wrapping" parameter.
Possible values are "plain" (default), "sign" or "seal". metze
This commit is contained in:
parent
c9f12326dd
commit
26ccbad721
@ -109,6 +109,7 @@ ADS_STRUCT *ads_init(const char *realm,
|
|||||||
const char *ldap_server)
|
const char *ldap_server)
|
||||||
{
|
{
|
||||||
ADS_STRUCT *ads;
|
ADS_STRUCT *ads;
|
||||||
|
int wrap_flags;
|
||||||
|
|
||||||
ads = SMB_XMALLOC_P(ADS_STRUCT);
|
ads = SMB_XMALLOC_P(ADS_STRUCT);
|
||||||
ZERO_STRUCTP(ads);
|
ZERO_STRUCTP(ads);
|
||||||
@ -128,6 +129,13 @@ ADS_STRUCT *ads_init(const char *realm,
|
|||||||
/* the caller will own the memory by default */
|
/* the caller will own the memory by default */
|
||||||
ads->is_mine = 1;
|
ads->is_mine = 1;
|
||||||
|
|
||||||
|
wrap_flags = lp_client_ldap_sasl_wrapping();
|
||||||
|
if (wrap_flags == -1) {
|
||||||
|
wrap_flags = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
ads->auth.flags = wrap_flags;
|
||||||
|
|
||||||
return ads;
|
return ads;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -324,6 +324,7 @@ typedef struct {
|
|||||||
int name_cache_timeout;
|
int name_cache_timeout;
|
||||||
int client_signing;
|
int client_signing;
|
||||||
int server_signing;
|
int server_signing;
|
||||||
|
int client_ldap_sasl_wrapping;
|
||||||
int iUsershareMaxShares;
|
int iUsershareMaxShares;
|
||||||
int iIdmapCacheTime;
|
int iIdmapCacheTime;
|
||||||
int iIdmapNegativeCacheTime;
|
int iIdmapNegativeCacheTime;
|
||||||
@ -688,6 +689,13 @@ static const struct enum_list enum_printing[] = {
|
|||||||
{-1, NULL}
|
{-1, NULL}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
static const struct enum_list enum_ldap_sasl_wrapping[] = {
|
||||||
|
{0, "plain"},
|
||||||
|
{ADS_AUTH_SASL_SIGN, "sign"},
|
||||||
|
{ADS_AUTH_SASL_SEAL, "seal"},
|
||||||
|
{-1, NULL}
|
||||||
|
};
|
||||||
|
|
||||||
static const struct enum_list enum_ldap_ssl[] = {
|
static const struct enum_list enum_ldap_ssl[] = {
|
||||||
{LDAP_SSL_OFF, "no"},
|
{LDAP_SSL_OFF, "no"},
|
||||||
{LDAP_SSL_OFF, "No"},
|
{LDAP_SSL_OFF, "No"},
|
||||||
@ -1014,7 +1022,7 @@ static struct parm_struct parm_table[] = {
|
|||||||
{"client signing", P_ENUM, P_GLOBAL, &Globals.client_signing, NULL, enum_smb_signing_vals, FLAG_ADVANCED},
|
{"client signing", P_ENUM, P_GLOBAL, &Globals.client_signing, NULL, enum_smb_signing_vals, FLAG_ADVANCED},
|
||||||
{"server signing", P_ENUM, P_GLOBAL, &Globals.server_signing, NULL, enum_smb_signing_vals, FLAG_ADVANCED},
|
{"server signing", P_ENUM, P_GLOBAL, &Globals.server_signing, NULL, enum_smb_signing_vals, FLAG_ADVANCED},
|
||||||
{"client use spnego", P_BOOL, P_GLOBAL, &Globals.bClientUseSpnego, NULL, NULL, FLAG_ADVANCED},
|
{"client use spnego", P_BOOL, P_GLOBAL, &Globals.bClientUseSpnego, NULL, NULL, FLAG_ADVANCED},
|
||||||
|
{"client ldap sasl wrapping", P_ENUM, P_GLOBAL, &Globals.client_ldap_sasl_wrapping, NULL, enum_ldap_sasl_wrapping, FLAG_ADVANCED},
|
||||||
{"enable asu support", P_BOOL, P_GLOBAL, &Globals.bASUSupport, NULL, NULL, FLAG_ADVANCED},
|
{"enable asu support", P_BOOL, P_GLOBAL, &Globals.bASUSupport, NULL, NULL, FLAG_ADVANCED},
|
||||||
{"svcctl list", P_LIST, P_GLOBAL, &Globals.szServicesList, NULL, NULL, FLAG_ADVANCED},
|
{"svcctl list", P_LIST, P_GLOBAL, &Globals.szServicesList, NULL, NULL, FLAG_ADVANCED},
|
||||||
|
|
||||||
@ -2182,6 +2190,7 @@ FN_GLOBAL_INTEGER(lp_algorithmic_rid_base, &Globals.AlgorithmicRidBase)
|
|||||||
FN_GLOBAL_INTEGER(lp_name_cache_timeout, &Globals.name_cache_timeout)
|
FN_GLOBAL_INTEGER(lp_name_cache_timeout, &Globals.name_cache_timeout)
|
||||||
FN_GLOBAL_INTEGER(lp_client_signing, &Globals.client_signing)
|
FN_GLOBAL_INTEGER(lp_client_signing, &Globals.client_signing)
|
||||||
FN_GLOBAL_INTEGER(lp_server_signing, &Globals.server_signing)
|
FN_GLOBAL_INTEGER(lp_server_signing, &Globals.server_signing)
|
||||||
|
FN_GLOBAL_INTEGER(lp_client_ldap_sasl_wrapping, &Globals.client_ldap_sasl_wrapping)
|
||||||
|
|
||||||
/* local prototypes */
|
/* local prototypes */
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user