[SCM] Samba Shared Repository - branch master updated -
994ef68164c12a3b0494f6491bc9f402c912600f
Karolin Seeger
kseeger at samba.org
Wed Dec 17 15:31:36 GMT 2008
The branch, master has been updated
via 994ef68164c12a3b0494f6491bc9f402c912600f (commit)
via b6e7caebe4e7b95977540ea068fb37b4c0cdf97b (commit)
via 580461629bb88ce3b61770e7abfe2c942a121877 (commit)
via 9458d4be87f50abbaf0350bf5e3a968ae5fbeba5 (commit)
via 6ac36698e975649d26e3f2975c2101129c3ffe97 (commit)
from 6878295636116e17165dc8f7e195ca97cde14633 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 994ef68164c12a3b0494f6491bc9f402c912600f
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed Dec 17 16:28:59 2008 +0100
docs: Fix typo in man idmap_hash.
Karolin
commit b6e7caebe4e7b95977540ea068fb37b4c0cdf97b
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed Dec 17 16:26:43 2008 +0100
s3/smb.h: Remove unused LDAP_SSL_ON.
LDAP_SSL_ON is not defined at all.
Ldaps can be used by specifying an ldaps URL using the "passdb backend"
parameter.
Karolin
commit 580461629bb88ce3b61770e7abfe2c942a121877
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed Dec 17 16:18:38 2008 +0100
docs: Update section "ldap ssl" in man smb.conf.
Remove non-existent value "on".
Change default value to "no".
Add hint about ldaps.
Karolin
commit 9458d4be87f50abbaf0350bf5e3a968ae5fbeba5
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed Dec 17 15:53:51 2008 +0100
s3/loadparm.c: Change default value for "ldap ssl".
LDAP_SSL_ON is not defined at all. That's why the actual default value
was "" for a long time. Set a more sensible default value without chnging the
default behaviour.
-----8<------------------snip--------------8<--------------
user at host:/data/git/samba/v3-0-test/source> git grep LDAP_SSL_ON | cat
include/smb.h:enum ldap_ssl_types {LDAP_SSL_ON, LDAP_SSL_OFF,
LDAP_SSL_START_TLS};
param/loadparm.c: Globals.ldap_ssl = LDAP_SSL_ON;
----->8------------------snap-------------->8--------------
It's the same in 3.2 and 3.3 series.
Karolin
commit 6ac36698e975649d26e3f2975c2101129c3ffe97
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed Dec 17 15:42:12 2008 +0100
docs: Fix some formatting issues in the "ldap ssl" section of man smb.conf.
Karolin
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages-3/idmap_hash.8.xml | 2 +-
docs-xml/smbdotconf/ldap/ldapssl.xml | 37 ++++++++++++++++-----------------
source3/include/smb.h | 2 +-
source3/param/loadparm.c | 2 +-
4 files changed, 21 insertions(+), 22 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages-3/idmap_hash.8.xml b/docs-xml/manpages-3/idmap_hash.8.xml
index 8e452b3..fbafd71 100644
--- a/docs-xml/manpages-3/idmap_hash.8.xml
+++ b/docs-xml/manpages-3/idmap_hash.8.xml
@@ -37,7 +37,7 @@
Specifies the absolute path to the name mapping
file used by the nss_info API. Entries in the file
are of the form "<replaceable>unix name</replaceable>
- = <replaceable>qualified domain name</replaceable>"e;.
+ = <replaceable>qualified domain name</replaceable>".
Mapping of both user and group names is supported.
</para></listitem>
</varlistentry>
diff --git a/docs-xml/smbdotconf/ldap/ldapssl.xml b/docs-xml/smbdotconf/ldap/ldapssl.xml
index 39ed08f..d785071 100644
--- a/docs-xml/smbdotconf/ldap/ldapssl.xml
+++ b/docs-xml/smbdotconf/ldap/ldapssl.xml
@@ -3,36 +3,35 @@
type="enum"
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
- <description>
+<description>
<para>This option is used to define whether or not Samba should
use SSL when connecting to the ldap server
This is <emphasis>NOT</emphasis> related to
- Samba's previous SSL support which was enabled by specifying the
- <command moreinfo="none">--with-ssl</command> option to the <filename moreinfo="none">configure</filename>
+ Samba's previous SSL support which was enabled by specifying the
+ <command moreinfo="none">--with-ssl</command> option to the
+ <filename moreinfo="none">configure</filename>
script.</para>
-
-<para>The <smbconfoption name="ldap ssl"/> can be set to one of three values:</para>
+
+ <para>LDAP connections should be secured where possible. This may be
+ done setting either this parameter to
+ <parameter moreinfo="none">Start_tls</parameter>
+ or by specifying <parameter moreinfo="none">ldaps://</parameter> in
+ the URL argument of <smbconfoption name="passdb backend"/>.</para>
+
+ <para>The <smbconfoption name="ldap ssl"/> can be set to one of
+ two values:</para>
<itemizedlist>
<listitem>
- <para><parameter moreinfo="none">Off</parameter> = Never
+ <para><parameter moreinfo="none">Off</parameter> = Never
use SSL when querying the directory.</para>
</listitem>
<listitem>
- <para><parameter moreinfo="none">Start_tls</parameter> = Use
- the LDAPv3 StartTLS extended operation (RFC2830) for
+ <para><parameter moreinfo="none">Start_tls</parameter> = Use
+ the LDAPv3 StartTLS extended operation (RFC2830) for
communicating with the directory server.</para>
</listitem>
-
- <listitem>
- <para><parameter moreinfo="none">On</parameter> = Use SSL
- on the ldaps port when contacting the <parameter
- moreinfo="none">ldap server</parameter>. Only available when the
- backwards-compatiblity <command
- moreinfo="none">--with-ldapsam</command> option is specified
- to configure. See <smbconfoption name="passdb backend"/></para>.
- </listitem>
- </itemizedlist>
+ </itemizedlist>
</description>
-<value type="default">start_tls</value>
+<value type="default">no</value>
</samba:parameter>
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 891bd4a..a8a2d98 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -1514,7 +1514,7 @@ enum printing_types {PRINT_BSD,PRINT_SYSV,PRINT_AIX,PRINT_HPUX,
enum schema_types {SCHEMA_COMPAT, SCHEMA_AD, SCHEMA_SAMBA};
/* LDAP SSL options */
-enum ldap_ssl_types {LDAP_SSL_ON, LDAP_SSL_OFF, LDAP_SSL_START_TLS};
+enum ldap_ssl_types {LDAP_SSL_OFF, LDAP_SSL_START_TLS};
/* LDAP PASSWD SYNC methods */
enum ldap_passwd_sync_types {LDAP_PASSWD_SYNC_ON, LDAP_PASSWD_SYNC_OFF, LDAP_PASSWD_SYNC_ONLY};
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 9a55067..9bd6645 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -4886,7 +4886,7 @@ static void init_globals(bool first_time_only)
string_set(&Globals.szLdapIdmapSuffix, "");
string_set(&Globals.szLdapAdminDn, "");
- Globals.ldap_ssl = LDAP_SSL_ON;
+ Globals.ldap_ssl = LDAP_SSL_OFF;
Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
Globals.ldap_delete_dn = False;
Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
--
Samba Shared Repository
More information about the samba-cvs
mailing list