diff options
author | William Brown <william.e.brown@adelaide.edu.au> | 2011-01-20 11:41:01 +1030 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mdw@samba.org> | 2011-02-01 20:05:39 +0100 |
commit | 3b948008ce4083ab551257c18659d5ff912990bd (patch) | |
tree | d91727f8b0377a689c920537bd29170e6f4b2417 | |
parent | ff0f63329a884d74d088436958b963787426dc7c (diff) | |
download | samba-3b948008ce4083ab551257c18659d5ff912990bd.tar.gz samba-3b948008ce4083ab551257c18659d5ff912990bd.tar.xz samba-3b948008ce4083ab551257c18659d5ff912990bd.zip |
Added SSL global catalog
Reviewed-by: Andrew Bartlett
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Feb 1 20:05:39 CET 2011 on sn-devel-104
-rw-r--r-- | source4/ldap_server/ldap_server.c | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c index 21030ba318..4547759a37 100644 --- a/source4/ldap_server/ldap_server.c +++ b/source4/ldap_server/ldap_server.c @@ -314,7 +314,7 @@ static void ldapsrv_accept(struct stream_connection *c, } port = socket_address->port; talloc_free(socket_address); - if (port == 3268) /* Global catalog */ { + if (port == 3268 || port == 3269) /* Global catalog */ { conn->global_catalog = true; } @@ -347,7 +347,7 @@ static void ldapsrv_accept(struct stream_connection *c, conn->sockets.active = conn->sockets.raw; - if (port != 636) { + if (port != 636 && port != 3269) { ldapsrv_call_read_next(conn); return; } @@ -860,9 +860,24 @@ static NTSTATUS add_socket(struct task_server *task, address, port, nt_errstr(status))); return status; } + if (tstream_tls_params_enabled(ldap_service->tls_params)) { + /* add ldaps server for the global catalog */ + port = 3269; + status = stream_setup_socket(task, task->event_ctx, lp_ctx, + model_ops, + &ldap_stream_nonpriv_ops, + "ipv4", address, &port, + lpcfg_socket_options(lp_ctx), + ldap_service); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("ldapsrv failed to bind to %s:%u - %s\n", + address, port, nt_errstr(status))); + return status; + } + } } - /* And once we are bound, free the tempoary ldb, it will + /* And once we are bound, free the temporary ldb, it will * connect again on each incoming LDAP connection */ talloc_unlink(ldap_service, ldb); |