[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha6-200-g27408de
Michael Adam
obnox at samba.org
Thu Jan 29 12:21:14 GMT 2009
The branch, master has been updated
via 27408de5337afe2e17378a09e9865c62c7b4862b (commit)
from 88278cf23f1886e949c9500276be5dae9dfd76da (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 27408de5337afe2e17378a09e9865c62c7b4862b
Author: Michael Adam <obnox at samba.org>
Date: Thu Jan 29 13:04:01 2009 +0100
s3: fix bug #6073: prevent ads_connect() from using SSL unless explicitly requested
This fixes "net ads join".
It copes with the changed default "ldap ssl = start tls".
A new boolean option "ldap ssl : ads" is added to allow for
explicitly requesting ssl with ads.
Michael
-----------------------------------------------------------------------
Summary of changes:
source3/libads/ldap.c | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index f6da54f..bb2b58e 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -672,9 +672,11 @@ got_connection:
ldap_set_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version);
- status = ADS_ERROR(smb_ldap_start_tls(ads->ldap.ld, version));
- if (!ADS_ERR_OK(status)) {
- goto out;
+ if (lp_parm_bool(-1, "ldap ssl", "ads", false)) {
+ status = ADS_ERROR(smb_ldap_start_tls(ads->ldap.ld, version));
+ if (!ADS_ERR_OK(status)) {
+ goto out;
+ }
}
/* fill in the current time and offsets */
--
Samba Shared Repository
More information about the samba-cvs
mailing list