summaryrefslogtreecommitdiff
path: root/lib/param/param_table.c
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2015-12-23 22:12:56 +0100
committerStefan Metzmacher <metze@samba.org>2016-04-12 19:25:25 +0200
commit2362c0353b5c8601eda61875f0fea84c8f76e06d (patch)
treeb981c227a5d4132482f47317f3da54cfc9f437fd /lib/param/param_table.c
parent64a9cd2a38d8a9503560524f5a6feea25651f11c (diff)
downloadsamba-2362c0353b5c8601eda61875f0fea84c8f76e06d.tar.gz
CVE-2016-2113: docs-xml: add "tls verify peer" option defaulting to "no_check"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'lib/param/param_table.c')
-rw-r--r--lib/param/param_table.c15
1 files changed, 15 insertions, 0 deletions
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index be4881f9249..d8d9144b70c 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -33,6 +33,7 @@
#include "lib/param/param_global.h"
#include "libcli/smb/smb_constants.h"
#include "libds/common/roles.h"
+#include "source4/lib/tls/tls.h"
#ifndef N_
#define N_(x) x
@@ -125,6 +126,20 @@ static const struct enum_list enum_smb_signing_vals[] = {
{-1, NULL}
};
+static const struct enum_list enum_tls_verify_peer_vals[] = {
+ {TLS_VERIFY_PEER_NO_CHECK,
+ TLS_VERIFY_PEER_NO_CHECK_STRING},
+ {TLS_VERIFY_PEER_CA_ONLY,
+ TLS_VERIFY_PEER_CA_ONLY_STRING},
+ {TLS_VERIFY_PEER_CA_AND_NAME_IF_AVAILABLE,
+ TLS_VERIFY_PEER_CA_AND_NAME_IF_AVAILABLE_STRING},
+ {TLS_VERIFY_PEER_CA_AND_NAME,
+ TLS_VERIFY_PEER_CA_AND_NAME_STRING},
+ {TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE,
+ TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE_STRING},
+ {-1, NULL}
+};
+
/* DNS update options. */
static const struct enum_list enum_dns_update_settings[] = {
{DNS_UPDATE_OFF, "disabled"},
View Lorry Controller Status