[PATCH] some cleanups for smbldap.c
Alexander Bokovoy
ab at samba.org
Wed Apr 19 16:13:15 UTC 2017
On ke, 19 huhti 2017, vl--- via samba-technical wrote:
> On Wed, Apr 19, 2017 at 07:00:52PM +0300, Alexander Bokovoy wrote:
> > > As a quick workaround, sure. I would however highly appreciate to get
> > > proper authentication (based on gensec?) into smbldap proper. That's
> > > one of the reasons why I started working on that: I want to get rid of
> > > the special code in source3/libads/ldap.c. That also does "proper"
> > > authentication, and I want that to use smbldap, or vice-versa. But
> > > because smbldap looks more basic to me, the initial idea is to layer
> > > ads_struct on top of smbldap. So smbldap needs to learn sasl.
> > I can make a patch that introduces SASL GSSAPI similar what we have in
> > ipasam. A general helper should be fine but I need to think more on
> > how to pass authentication information as
> >
> > bool smbldap_set_creds(struct smbldap_state *ldap_state, bool anon, const char *dn, const char *secret);
> >
> > is not enough -- we should probably move to a better way to specify
> > creds.
>
> Right. That's why I referred to gensec. As much as I disagree with the
> bloat and non-asynchrony of gensec_update it brings, this is our
> solution to do such things.
Can we look into gensec use at SambaXP?
--
/ Alexander Bokovoy
More information about the samba-technical
mailing list