sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-11-09 20:23:51 +03:00
Code Activity

r7751: only enable tls on the ldaps port in ldap server, and reject non-tls

Browse Source 
connections on that port
This commit is contained in:
Andrew Tridgell
2005-06-19 11:10:15 +00:00
committed by Gerald (Jerry) Carter
parent 135c3367ff
commit 30da6a1cc4
4 changed files with 12 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
source/ldap_server/ldap_server.c
View File

@@ -330,6 +330,7 @@ static void ldapsrv_accept(struct stream_connection *c)
struct ldapsrv_service *ldapsrv_service =
talloc_get_type(c->private, struct ldapsrv_service);
struct ldapsrv_connection *conn;
int port;
conn = talloc_zero(c, struct ldapsrv_connection);
if (conn == NULL) goto failed;
@@ -341,10 +342,12 @@ static void ldapsrv_accept(struct stream_connection *c)
conn->service = talloc_get_type(c->private, struct ldapsrv_service);
c->private = conn;
port = socket_get_my_port(c->socket);
/* note that '0' is a ASN1_SEQUENCE(0), which is the first byte on
any ldap connection */
conn->tls = tls_init_server(ldapsrv_service->tls_params, c->socket,
c->event.fde, "0");
c->event.fde, NULL, port != 389);
if (conn->tls == NULL) goto failed;
return;