Author: abartlet Date: 2006-01-03 00:10:15 +0000 (Tue, 03 Jan 2006) New Revision: 12686
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12686 Log: Push the real SASL list into the rootdse. Get this out of the server credentials, and push it down to ldb via an opaque pointer. Andrew Bartlett Modified: branches/SAMBA_4_0/source/ldap_server/ldap_bind.c branches/SAMBA_4_0/source/ldap_server/ldap_server.c branches/SAMBA_4_0/source/ldap_server/ldap_server.h branches/SAMBA_4_0/source/ldap_server/ldap_simple_ldb.c branches/SAMBA_4_0/source/setup/provision_init.ldif Changeset: Modified: branches/SAMBA_4_0/source/ldap_server/ldap_bind.c =================================================================== --- branches/SAMBA_4_0/source/ldap_server/ldap_bind.c 2006-01-02 23:16:52 UTC (rev 12685) +++ branches/SAMBA_4_0/source/ldap_server/ldap_bind.c 2006-01-03 00:10:15 UTC (rev 12686) @@ -115,22 +115,7 @@ gensec_set_target_service(call->conn->gensec, "ldap"); - server_credentials - = cli_credentials_init(call); - if (!server_credentials) { - DEBUG(1, ("Failed to init server credentials\n")); - return NT_STATUS_NO_MEMORY; - } - - cli_credentials_set_conf(server_credentials); - status = cli_credentials_set_machine_account(server_credentials); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(status))); - talloc_free(server_credentials); - server_credentials = NULL; - } - - gensec_set_credentials(call->conn->gensec, server_credentials); + gensec_set_credentials(call->conn->gensec, call->conn->server_credentials); gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SIGN); gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SEAL); Modified: branches/SAMBA_4_0/source/ldap_server/ldap_server.c =================================================================== --- branches/SAMBA_4_0/source/ldap_server/ldap_server.c 2006-01-02 23:16:52 UTC (rev 12685) +++ branches/SAMBA_4_0/source/ldap_server/ldap_server.c 2006-01-03 00:10:15 UTC (rev 12686) @@ -267,6 +267,8 @@ struct ldapsrv_service *ldapsrv_service = talloc_get_type(c->private, struct ldapsrv_service); struct ldapsrv_connection *conn; + struct cli_credentials *server_credentials; + NTSTATUS status; int port; conn = talloc_zero(c, struct ldapsrv_connection); @@ -279,6 +281,24 @@ conn->packet = NULL; conn->connection = c; conn->service = ldapsrv_service; + + server_credentials + = cli_credentials_init(conn); + if (!server_credentials) { + stream_terminate_connection(c, "Failed to init server credentials\n"); + talloc_free(conn); + return; + } + + cli_credentials_set_conf(server_credentials); + status = cli_credentials_set_machine_account(server_credentials); + if (!NT_STATUS_IS_OK(status)) { + stream_terminate_connection(c, talloc_asprintf(conn, "Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(status))); + talloc_free(conn); + return; + } + conn->server_credentials = server_credentials; + c->private = conn; port = socket_get_my_port(c->socket); Modified: branches/SAMBA_4_0/source/ldap_server/ldap_server.h =================================================================== --- branches/SAMBA_4_0/source/ldap_server/ldap_server.h 2006-01-02 23:16:52 UTC (rev 12685) +++ branches/SAMBA_4_0/source/ldap_server/ldap_server.h 2006-01-03 00:10:15 UTC (rev 12686) @@ -29,6 +29,7 @@ struct tls_context *tls; struct ldapsrv_partition *default_partition; struct ldapsrv_partition *partitions; + struct cli_credentials *server_credentials; /* are we using gensec wrapping? */ BOOL enable_wrap; Modified: branches/SAMBA_4_0/source/ldap_server/ldap_simple_ldb.c =================================================================== --- branches/SAMBA_4_0/source/ldap_server/ldap_simple_ldb.c 2006-01-02 23:16:52 UTC (rev 12685) +++ branches/SAMBA_4_0/source/ldap_server/ldap_simple_ldb.c 2006-01-03 00:10:15 UTC (rev 12686) @@ -64,6 +64,9 @@ talloc_steal(partition, ldb); partition->private = ldb; talloc_free(mem_ctx); + + ldb_set_opaque(ldb, "server_credentials", conn->server_credentials); + return NT_STATUS_OK; } Modified: branches/SAMBA_4_0/source/setup/provision_init.ldif =================================================================== --- branches/SAMBA_4_0/source/setup/provision_init.ldif 2006-01-02 23:16:52 UTC (rev 12685) +++ branches/SAMBA_4_0/source/setup/provision_init.ldif 2006-01-03 00:10:15 UTC (rev 12686) @@ -58,7 +58,6 @@ configurationNamingContext: CN=Configuration,${BASEDN} schemaNamingContext: CN=Schema,CN=Configuration,${BASEDN} supportedLDAPVersion: 3 -supportedSASLMechanisms: GSS-SPNEGO dnsHostName: ${DNSNAME} ldapServiceName: ${DNSDOMAIN}:[EMAIL PROTECTED] serverName: CN=${NETBIOSNAME},CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,${BASEDN}