sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-29 13:49:30 +03:00
Code Activity

s3:libads: retry with signing after getting LDAP_STRONG_AUTH_REQUIRED

Browse Source 
If server requires LDAP signing we're getting LDAP_STRONG_AUTH_REQUIRED,
if "client ldap sasl wrapping = plain", instead of failing we now
autoupgrade to "client ldap sasl wrapping = sign" for the given connection.

metze
This commit is contained in:
Stefan Metzmacher
2010-03-30 09:50:09 +02:00
parent 21499a148e
commit cc2ef27e36
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
source3/libads/sasl.c
View File

@ -1117,7 +1117,17 @@ ADS_STATUS ads_sasl_bind(ADS_STRUCT *ads)
for (j=0;values && values[j];j++) {
if (strcmp(values[j], sasl_mechanisms[i].name) == 0) {
DEBUG(4,("Found SASL mechanism %s\n", values[j]));
retry:
status = sasl_mechanisms[i].fn(ads);
if (status.error_type == ENUM_ADS_ERROR_LDAP &&
status.err.rc == LDAP_STRONG_AUTH_REQUIRED &&
ads->ldap.wrap_type == ADS_SASLWRAP_TYPE_PLAIN)
{
DEBUG(3,("SASL bin got LDAP_STRONG_AUTH_REQUIRED "
"retrying with signing enabled\n"));
ads->ldap.wrap_type = ADS_SASLWRAP_TYPE_SIGN;
goto retry;
}
ldap_value_free(values);
ldap_msgfree(res);
return status;