The branch, master has been updated
via cc2ef27... s3:libads: retry with signing after getting
LDAP_STRONG_AUTH_REQUIRED
from 21499a1... selftest: reason may be None
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit cc2ef27e369f0950ec931bf15cba4665c053ac53
Author: Stefan Metzmacher <[email protected]>
Date: Tue Mar 30 09:50:09 2010 +0200
s3:libads: retry with signing after getting LDAP_STRONG_AUTH_REQUIRED
If server requires LDAP signing we're getting LDAP_STRONG_AUTH_REQUIRED,
if "client ldap sasl wrapping = plain", instead of failing we now
autoupgrade to "client ldap sasl wrapping = sign" for the given connection.
metze
-----------------------------------------------------------------------
Summary of changes:
source3/libads/sasl.c | 10 ++++++++++
1 files changed, 10 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 3856f5b..d6e4f68 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -1117,7 +1117,17 @@ ADS_STATUS ads_sasl_bind(ADS_STRUCT *ads)
for (j=0;values && values[j];j++) {
if (strcmp(values[j], sasl_mechanisms[i].name) == 0) {
DEBUG(4,("Found SASL mechanism %s\n",
values[j]));
+retry:
status = sasl_mechanisms[i].fn(ads);
+ if (status.error_type == ENUM_ADS_ERROR_LDAP &&
+ status.err.rc == LDAP_STRONG_AUTH_REQUIRED
&&
+ ads->ldap.wrap_type ==
ADS_SASLWRAP_TYPE_PLAIN)
+ {
+ DEBUG(3,("SASL bin got
LDAP_STRONG_AUTH_REQUIRED "
+ "retrying with signing
enabled\n"));
+ ads->ldap.wrap_type =
ADS_SASLWRAP_TYPE_SIGN;
+ goto retry;
+ }
ldap_value_free(values);
ldap_msgfree(res);
return status;
--
Samba Shared Repository
