r23893: add dummy callbacks for LDAP SASL wrapping,

they're not used yet...

metze
(This used to be commit a3b97cdce719d9d5e82f26096c0e8c3a86ff3965)

source3/Makefile.in

@@ -317,7 +317,8 @@ LIBGPO_OBJ0 = libgpo/gpo_ldap.o libgpo/gpo_parse.o libgpo/gpo_util.o \
 	      libgpo/gpo_fetch.o libgpo/gpo_filesync.o libgpo/gpo_sec.o
 LIBGPO_OBJ = $(LIBGPO_OBJ0)
 
-LIBADS_OBJ = libads/ldap.o libads/ldap_printer.o libads/sasl.o \
+LIBADS_OBJ = libads/ldap.o libads/ldap_printer.o \
+	     libads/sasl.o libads/sasl_wrapping.o \
 	     libads/krb5_setpw.o libads/ldap_user.o \
 	     libads/ads_struct.o libads/kerberos_keytab.o \
              libads/disp_sec.o libads/ads_utils.o libads/ldap_utils.o \

source3/configure.in

@@ -3477,6 +3477,14 @@ if test x"$with_ldap_support" != x"no"; then
   # this test must be before the libldap test
   AC_CHECK_LIB_EXT(lber, LDAP_LIBS, ber_scanf)
 
+  ########################################################
+  # If ber_sockbuf_add_io() is available we can add
+  # SASL wrapping hooks
+  AC_CHECK_FUNC_EXT(ber_sockbuf_add_io,$LDAP_LIBS)
+  if test x"$ac_cv_func_ext_ber_sockbuf_add_io" = x"yes"; then
+  	AC_DEFINE(HAVE_ADS_SASL_WRAPPING, 1, [Support for SASL wrapping])
+  fi
+
   ########################################################
   # now see if we can find the ldap libs in standard paths
   AC_CHECK_LIB_EXT(ldap, LDAP_LIBS, ldap_init)

source3/include/ads.h

@@ -54,16 +54,18 @@ typedef struct {
 	} config;
 
 	/* info about the current LDAP connection */
+#ifdef HAVE_ADS
 	struct {
-#ifdef HAVE_LDAP
 		LDAP *ld;
-#else
-		void *ld; /* the active ldap structure */
-#endif
 		struct in_addr ip; /* the ip of the active connection, if any */
 		time_t last_attempt; /* last attempt to reconnect */
 		int port;
+
+#ifdef HAVE_ADS_SASL_WRAPPING
+		Sockbuf_IO_Desc *sbiod; /* lowlevel state for LDAP wrapping */
+#endif /* HAVE_ADS_SASL_WRAPPING */
 	} ldap;
+#endif /* HAVE_ADS */
 } ADS_STRUCT;
 
 /* used to remember the names of the posix attributes in AD */

source3/libads/sasl_wrapping.c

@@ -0,0 +1,109 @@
+/* 
+   Unix SMB/CIFS implementation.
+   ads sasl wrapping code
+   Copyright (C) Stefan Metzmacher 2007
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+
+#ifdef HAVE_ADS_SASL_WRAPPING
+
+static int ads_saslwrap_setup(Sockbuf_IO_Desc *sbiod, void *arg)
+{
+	ADS_STRUCT *ads = (ADS_STRUCT *)arg;
+
+	ads->ldap.sbiod	= sbiod;
+
+	sbiod->sbiod_pvt = ads;
+
+	return 0;
+}
+
+static int ads_saslwrap_remove(Sockbuf_IO_Desc *sbiod)
+{
+	return 0;
+}
+
+static ber_slen_t ads_saslwrap_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
+{
+	return LBER_SBIOD_READ_NEXT(sbiod, buf, len);
+}
+
+static ber_slen_t ads_saslwrap_write(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
+{
+	return LBER_SBIOD_WRITE_NEXT(sbiod, buf, len);
+}
+
+
+static int ads_saslwrap_ctrl(Sockbuf_IO_Desc *sbiod, int opt, void *arg)
+{
+	return LBER_SBIOD_CTRL_NEXT(sbiod, opt, arg);
+}
+
+static int ads_saslwrap_close(Sockbuf_IO_Desc *sbiod)
+{
+	return 0;
+}
+
+static const Sockbuf_IO ads_saslwrap_sockbuf_io = {
+	ads_saslwrap_setup,	/* sbi_setup */
+	ads_saslwrap_remove,	/* sbi_remove */
+	ads_saslwrap_ctrl,	/* sbi_ctrl */
+	ads_saslwrap_read,	/* sbi_read */
+	ads_saslwrap_write,	/* sbi_write */
+	ads_saslwrap_close	/* sbi_close */
+};
+
+ADS_STATUS ads_setup_sasl_wrapping(ADS_STRUCT *ads)
+{
+	ADS_STATUS status;
+	Sockbuf *sb;
+	Sockbuf_IO *io = discard_const_p(Sockbuf_IO, &ads_saslwrap_sockbuf_io);
+	int rc;
+
+	rc = ldap_get_option(ads->ldap.ld, LDAP_OPT_SOCKBUF, &sb);
+	status = ADS_ERROR_LDAP(rc);
+	if (!ADS_ERR_OK(status)) {
+		return status;
+	}
+
+	/* debugging for the layer above SASL */
+	rc = ber_sockbuf_add_io(sb, io, LBER_SBIOD_LEVEL_TRANSPORT,
+				(void *)"ads_sasl_wrapping_above" );
+	status = ADS_ERROR_LDAP(rc);
+	if (!ADS_ERR_OK(status)) {
+		return status;
+	}
+
+	/* setup the real wrapping callbacks */
+	rc = ber_sockbuf_add_io(sb, io, LBER_SBIOD_LEVEL_TRANSPORT, ads);
+	status = ADS_ERROR_LDAP(rc);
+	if (!ADS_ERR_OK(status)) {
+		return status;
+	}
+
+	/* debugging for the layer below SASL */
+	rc = ber_sockbuf_add_io(sb, io, LBER_SBIOD_LEVEL_TRANSPORT,
+				(void *)"ads_sasl_wrapping_below" );
+	status = ADS_ERROR_LDAP(rc);
+	if (!ADS_ERR_OK(status)) {
+		return status;
+	}
+
+	return ADS_SUCCESS;
+}
+
+#endif /* HAVE_ADS_SASL_WRAPPING */

source3/libsmb/namequery_dc.c

@@ -123,7 +123,11 @@ static BOOL ads_dc_name(const char *domain,
 
 	fstrcpy(srv_name, ads->config.ldap_server_name);
 	strupper_m(srv_name);
+#ifdef HAVE_ADS
 	*dc_ip = ads->ldap.ip;
+#else
+	ZERO_STRUCT(*dc_ip);
+#endif
 	ads_destroy(&ads);
 	
 	DEBUG(4,("ads_dc_name: using server='%s' IP=%s\n",