summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWilliam Brown <william.e.brown@adelaide.edu.au>2011-01-20 11:41:01 +1030
committerMatthias Dieter Wallnöfer <mdw@samba.org>2011-02-01 20:05:39 +0100
commit3b948008ce4083ab551257c18659d5ff912990bd (patch)
treed91727f8b0377a689c920537bd29170e6f4b2417
parentff0f63329a884d74d088436958b963787426dc7c (diff)
downloadsamba-3b948008ce4083ab551257c18659d5ff912990bd.tar.gz
samba-3b948008ce4083ab551257c18659d5ff912990bd.tar.xz
samba-3b948008ce4083ab551257c18659d5ff912990bd.zip
Added SSL global catalog
Reviewed-by: Andrew Bartlett Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Feb 1 20:05:39 CET 2011 on sn-devel-104
-rw-r--r--source4/ldap_server/ldap_server.c21
1 files changed, 18 insertions, 3 deletions
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index 21030ba318..4547759a37 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -314,7 +314,7 @@ static void ldapsrv_accept(struct stream_connection *c,
}
port = socket_address->port;
talloc_free(socket_address);
- if (port == 3268) /* Global catalog */ {
+ if (port == 3268 || port == 3269) /* Global catalog */ {
conn->global_catalog = true;
}
@@ -347,7 +347,7 @@ static void ldapsrv_accept(struct stream_connection *c,
conn->sockets.active = conn->sockets.raw;
- if (port != 636) {
+ if (port != 636 && port != 3269) {
ldapsrv_call_read_next(conn);
return;
}
@@ -860,9 +860,24 @@ static NTSTATUS add_socket(struct task_server *task,
address, port, nt_errstr(status)));
return status;
}
+ if (tstream_tls_params_enabled(ldap_service->tls_params)) {
+ /* add ldaps server for the global catalog */
+ port = 3269;
+ status = stream_setup_socket(task, task->event_ctx, lp_ctx,
+ model_ops,
+ &ldap_stream_nonpriv_ops,
+ "ipv4", address, &port,
+ lpcfg_socket_options(lp_ctx),
+ ldap_service);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("ldapsrv failed to bind to %s:%u - %s\n",
+ address, port, nt_errstr(status)));
+ return status;
+ }
+ }
}
- /* And once we are bound, free the tempoary ldb, it will
+ /* And once we are bound, free the temporary ldb, it will
* connect again on each incoming LDAP connection */
talloc_unlink(ldap_service, ldb);