summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2005-06-24 00:03:17 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:18:43 -0500
commit63811f0cb82229bc4d0473204fb43b411ca3a021 (patch)
tree93cf7afa8ad88532c8a54f60872469d3594e97a4
parentce2e35309e26d7fc23ba54f1caeb8aeeefa7ccc2 (diff)
downloadsamba-63811f0cb82229bc4d0473204fb43b411ca3a021.tar.gz
samba-63811f0cb82229bc4d0473204fb43b411ca3a021.tar.xz
samba-63811f0cb82229bc4d0473204fb43b411ca3a021.zip
r7854: only enable wrapping in the ldap server if it was negotiated by gensec
(This used to be commit 355983493bc87b9e812152ef81773dccb23e03d5)
-rw-r--r--source4/ldap_server/ldap_bind.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index aba35e0b56e..0cf2a8b7e6a 100644
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -74,7 +74,6 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SIGN);
gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SEAL);
-
status = gensec_start_mech_by_sasl_name(call->conn->gensec, req->creds.SASL.mechanism);
if (!NT_STATUS_IS_OK(status)) {
@@ -104,7 +103,10 @@ reply:
} else if (NT_STATUS_IS_OK(status)) {
result = LDAP_SUCCESS;
errstr = NULL;
- call->conn->enable_wrap = True;
+ if (gensec_have_feature(call->conn->gensec, GENSEC_FEATURE_SEAL) ||
+ gensec_have_feature(call->conn->gensec, GENSEC_FEATURE_SIGN)) {
+ call->conn->enable_wrap = True;
+ }
} else {
result = 49;
errstr = talloc_asprintf(reply, "SASL:[%s]: %s", req->creds.SASL.mechanism, nt_errstr(status));