diff options
author | Andrew Tridgell <tridge@samba.org> | 2005-06-24 00:03:17 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:18:43 -0500 |
commit | 63811f0cb82229bc4d0473204fb43b411ca3a021 (patch) | |
tree | 93cf7afa8ad88532c8a54f60872469d3594e97a4 | |
parent | ce2e35309e26d7fc23ba54f1caeb8aeeefa7ccc2 (diff) | |
download | samba-63811f0cb82229bc4d0473204fb43b411ca3a021.tar.gz samba-63811f0cb82229bc4d0473204fb43b411ca3a021.tar.xz samba-63811f0cb82229bc4d0473204fb43b411ca3a021.zip |
r7854: only enable wrapping in the ldap server if it was negotiated by gensec
(This used to be commit 355983493bc87b9e812152ef81773dccb23e03d5)
-rw-r--r-- | source4/ldap_server/ldap_bind.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c index aba35e0b56e..0cf2a8b7e6a 100644 --- a/source4/ldap_server/ldap_bind.c +++ b/source4/ldap_server/ldap_bind.c @@ -74,7 +74,6 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call) gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SIGN); gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SEAL); - status = gensec_start_mech_by_sasl_name(call->conn->gensec, req->creds.SASL.mechanism); if (!NT_STATUS_IS_OK(status)) { @@ -104,7 +103,10 @@ reply: } else if (NT_STATUS_IS_OK(status)) { result = LDAP_SUCCESS; errstr = NULL; - call->conn->enable_wrap = True; + if (gensec_have_feature(call->conn->gensec, GENSEC_FEATURE_SEAL) || + gensec_have_feature(call->conn->gensec, GENSEC_FEATURE_SIGN)) { + call->conn->enable_wrap = True; + } } else { result = 49; errstr = talloc_asprintf(reply, "SASL:[%s]: %s", req->creds.SASL.mechanism, nt_errstr(status)); |