[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
       via  cc2ef27... s3:libads: retry with signing after getting LDAP_STRONG_AUTH_REQUIRED
      from  21499a1... selftest: reason may be None

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit cc2ef27e369f0950ec931bf15cba4665c053ac53
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Mar 30 09:50:09 2010 +0200

    s3:libads: retry with signing after getting LDAP_STRONG_AUTH_REQUIRED
    
    If server requires LDAP signing we're getting LDAP_STRONG_AUTH_REQUIRED,
    if "client ldap sasl wrapping = plain", instead of failing we now
    autoupgrade to "client ldap sasl wrapping = sign" for the given connection.
    
    metze

-----------------------------------------------------------------------

Summary of changes:
 source3/libads/sasl.c |   10 ++++++++++
 1 files changed, 10 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 3856f5b..d6e4f68 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -1117,7 +1117,17 @@ ADS_STATUS ads_sasl_bind(ADS_STRUCT *ads)
 		for (j=0;values && values[j];j++) {
 			if (strcmp(values[j], sasl_mechanisms[i].name) == 0) {
 				DEBUG(4,("Found SASL mechanism %s\n", values[j]));
+retry:
 				status = sasl_mechanisms[i].fn(ads);
+				if (status.error_type == ENUM_ADS_ERROR_LDAP &&
+				    status.err.rc == LDAP_STRONG_AUTH_REQUIRED &&
+				    ads->ldap.wrap_type == ADS_SASLWRAP_TYPE_PLAIN)
+				{
+					DEBUG(3,("SASL bin got LDAP_STRONG_AUTH_REQUIRED "
+						 "retrying with signing enabled\n"));
+					ads->ldap.wrap_type = ADS_SASLWRAP_TYPE_SIGN;
+					goto retry;
+				}
 				ldap_value_free(values);
 				ldap_msgfree(res);
 				return status;


-- 
Samba Shared Repository