svn commit: samba r23944 - in branches/SAMBA_3_2_0/source: include
libads
metze at samba.org
metze at samba.org
Wed Jul 18 07:35:52 GMT 2007
Author: metze
Date: 2007-07-18 07:35:50 +0000 (Wed, 18 Jul 2007)
New Revision: 23944
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23944
Log:
merge from SAMBA_3_2:
- always provide ads_setup_sasl_wrapping() function
- read/write returning 0 means EOF and we need to return direct
metze
Modified:
branches/SAMBA_3_2_0/source/include/ads.h
branches/SAMBA_3_2_0/source/libads/ldap.c
branches/SAMBA_3_2_0/source/libads/sasl.c
branches/SAMBA_3_2_0/source/libads/sasl_wrapping.c
Changeset:
Modified: branches/SAMBA_3_2_0/source/include/ads.h
===================================================================
--- branches/SAMBA_3_2_0/source/include/ads.h 2007-07-18 07:30:41 UTC (rev 23943)
+++ branches/SAMBA_3_2_0/source/include/ads.h 2007-07-18 07:35:50 UTC (rev 23944)
@@ -39,6 +39,12 @@
ADS_STATUS (*disconnect)(struct ads_struct *);
};
+enum ads_saslwrap_type {
+ ADS_SASLWRAP_TYPE_PLAIN = 1,
+ ADS_SASLWRAP_TYPE_SIGN = 2,
+ ADS_SASLWRAP_TYPE_SEAL = 4
+} wrap_type;
+
typedef struct ads_struct {
int is_mine; /* do I own this structure's memory? */
@@ -85,8 +91,11 @@
time_t last_attempt; /* last attempt to reconnect */
int port;
+ enum ads_saslwrap_type wrap_type;
+
#ifdef HAVE_LDAP_SASL_WRAPPING
Sockbuf_IO_Desc *sbiod; /* lowlevel state for LDAP wrapping */
+#endif /* HAVE_LDAP_SASL_WRAPPING */
TALLOC_CTX *mem_ctx;
const struct ads_saslwrap_ops *wrap_ops;
void *wrap_private_data;
@@ -108,7 +117,6 @@
uint32 size;
uint8 *buf;
} out;
-#endif /* HAVE_LDAP_SASL_WRAPPING */
} ldap;
#endif /* HAVE_LDAP */
} ADS_STRUCT;
@@ -321,6 +329,9 @@
#define ADS_AUTH_ANON_BIND 0x04
#define ADS_AUTH_SIMPLE_BIND 0x08
#define ADS_AUTH_ALLOW_NTLMSSP 0x10
+#define ADS_AUTH_SASL_SIGN 0x20
+#define ADS_AUTH_SASL_SEAL 0x40
+#define ADS_AUTH_SASL_FORCE 0x80
/* Kerberos environment variable names */
#define KRB5_ENV_CCNAME "KRB5CCNAME"
Modified: branches/SAMBA_3_2_0/source/libads/ldap.c
===================================================================
--- branches/SAMBA_3_2_0/source/libads/ldap.c 2007-07-18 07:30:41 UTC (rev 23943)
+++ branches/SAMBA_3_2_0/source/libads/ldap.c 2007-07-18 07:35:50 UTC (rev 23944)
@@ -372,8 +372,9 @@
ADS_STATUS status;
NTSTATUS ntstatus;
- ads->ldap.last_attempt = time(NULL);
- ads->ldap.ld = NULL;
+ ZERO_STRUCT(ads->ldap);
+ ads->ldap.last_attempt = time(NULL);
+ ads->ldap.wrap_type = ADS_SASLWRAP_TYPE_PLAIN;
/* try with a user specified server */
@@ -423,6 +424,11 @@
if (ads->auth.flags & ADS_AUTH_NO_BIND) {
return ADS_SUCCESS;
}
+
+ ads->ldap.mem_ctx = talloc_new("ads LDAP connection memory");
+ if (!ads->ldap.mem_ctx) {
+ return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
+ }
/* Otherwise setup the TCP LDAP session */
@@ -475,6 +481,13 @@
ldap_unbind(ads->ldap.ld);
ads->ldap.ld = NULL;
}
+ if (ads->ldap.wrap_ops && ads->ldap.wrap_ops->disconnect) {
+ ads->ldap.wrap_ops->disconnect(ads);
+ }
+ if (ads->ldap.mem_ctx) {
+ talloc_free(ads->ldap.mem_ctx);
+ }
+ ZERO_STRUCT(ads->ldap);
}
/*
Modified: branches/SAMBA_3_2_0/source/libads/sasl.c
===================================================================
--- branches/SAMBA_3_2_0/source/libads/sasl.c 2007-07-18 07:30:41 UTC (rev 23943)
+++ branches/SAMBA_3_2_0/source/libads/sasl.c 2007-07-18 07:35:50 UTC (rev 23944)
@@ -517,6 +517,14 @@
values = ldap_get_values(ads->ldap.ld, res, "supportedSASLMechanisms");
+ if (ads->auth.flags & ADS_AUTH_SASL_SEAL) {
+ ads->ldap.wrap_type = ADS_SASLWRAP_TYPE_SEAL;
+ } else if (ads->auth.flags & ADS_AUTH_SASL_SIGN) {
+ ads->ldap.wrap_type = ADS_SASLWRAP_TYPE_SIGN;
+ } else {
+ ads->ldap.wrap_type = ADS_SASLWRAP_TYPE_PLAIN;
+ }
+
/* try our supported mechanisms in order */
for (i=0;sasl_mechanisms[i].name;i++) {
/* see if the server supports it */
Modified: branches/SAMBA_3_2_0/source/libads/sasl_wrapping.c
===================================================================
--- branches/SAMBA_3_2_0/source/libads/sasl_wrapping.c 2007-07-18 07:30:41 UTC (rev 23943)
+++ branches/SAMBA_3_2_0/source/libads/sasl_wrapping.c 2007-07-18 07:35:50 UTC (rev 23944)
@@ -93,7 +93,7 @@
ret = LBER_SBIOD_READ_NEXT(sbiod,
ads->ldap.in.buf + ads->ldap.in.ofs,
4 - ads->ldap.in.ofs);
- if (ret < 0) return ret;
+ if (ret <= 0) return ret;
ads->ldap.in.ofs += ret;
if (ads->ldap.in.ofs < 4) goto eagain;
@@ -120,7 +120,7 @@
ret = LBER_SBIOD_READ_NEXT(sbiod,
ads->ldap.in.buf + ads->ldap.in.ofs,
ads->ldap.in.needed);
- if (ret < 0) return ret;
+ if (ret <= 0) return ret;
ads->ldap.in.ofs += ret;
ads->ldap.in.needed -= ret;
@@ -227,7 +227,7 @@
ret = LBER_SBIOD_WRITE_NEXT(sbiod,
ads->ldap.out.buf + ads->ldap.out.ofs,
ads->ldap.out.left);
- if (ret < 0) return ret;
+ if (ret <= 0) return ret;
ads->ldap.out.ofs += ret;
ads->ldap.out.left -= ret;
@@ -302,5 +302,11 @@
return ADS_SUCCESS;
}
-
+#else
+ADS_STATUS ads_setup_sasl_wrapping(ADS_STRUCT *ads,
+ const struct ads_saslwrap_ops *ops,
+ void *private_data)
+{
+ return ADS_ERROR_NT(NT_STATUS_NOT_SUPPORTED);
+}
#endif /* HAVE_LDAP_SASL_WRAPPING */
More information about the samba-cvs
mailing list