svn commit: samba r7854 - in branches/SAMBA_4_0/source/ldap_server: .

tridge at samba.org tridge at samba.org
Fri Jun 24 00:03:18 GMT 2005


Author: tridge
Date: 2005-06-24 00:03:17 +0000 (Fri, 24 Jun 2005)
New Revision: 7854

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=7854

Log:
only enable wrapping in the ldap server if it was negotiated by gensec

Modified:
   branches/SAMBA_4_0/source/ldap_server/ldap_bind.c


Changeset:
Modified: branches/SAMBA_4_0/source/ldap_server/ldap_bind.c
===================================================================
--- branches/SAMBA_4_0/source/ldap_server/ldap_bind.c	2005-06-23 23:23:18 UTC (rev 7853)
+++ branches/SAMBA_4_0/source/ldap_server/ldap_bind.c	2005-06-24 00:03:17 UTC (rev 7854)
@@ -74,7 +74,6 @@
 
 		gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SIGN);
 		gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SEAL);
-		
 
 		status = gensec_start_mech_by_sasl_name(call->conn->gensec, req->creds.SASL.mechanism);
 		if (!NT_STATUS_IS_OK(status)) {
@@ -104,7 +103,10 @@
 	} else if (NT_STATUS_IS_OK(status)) {
 		result = LDAP_SUCCESS;
 		errstr = NULL;
-		call->conn->enable_wrap = True;
+		if (gensec_have_feature(call->conn->gensec, GENSEC_FEATURE_SEAL) ||
+		    gensec_have_feature(call->conn->gensec, GENSEC_FEATURE_SIGN)) {
+			call->conn->enable_wrap = True;
+		}
 	} else {
 		result = 49;
 		errstr = talloc_asprintf(reply, "SASL:[%s]: %s", req->creds.SASL.mechanism, nt_errstr(status));



More information about the samba-cvs mailing list