diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2015-07-20 11:22:46 +1200 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2015-07-20 03:08:26 +0200 |
| commit | 374d73617d71abf594cc92d335cd8bc60c10a1b7 (patch) | |
| tree | bdc8d12c63c28c7db33a95426a274776f9c52aba /source4/libcli | |
| parent | 1a8c1bd952c0f373b8a47448906852f13a6dad1b (diff) | |
| download | samba-374d73617d71abf594cc92d335cd8bc60c10a1b7.tar.gz | |
lib/tls: Add new 'tls priority' option
This adds a new option to the smb.conf to allow administrators to disable
TLS protocols in GnuTLS without changing the code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11076
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/libcli')
| -rw-r--r-- | source4/libcli/ldap/ldap_client.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/source4/libcli/ldap/ldap_client.c b/source4/libcli/ldap/ldap_client.c index 68ebfcf1b56..94367a17c04 100644 --- a/source4/libcli/ldap/ldap_client.c +++ b/source4/libcli/ldap/ldap_client.c @@ -464,7 +464,7 @@ _PUBLIC_ struct composite_context *ldap_connect_send(struct ldap_connection *con if (conn->ldaps) { char *ca_file = lpcfg_tls_cafile(state, conn->lp_ctx); char *crl_file = lpcfg_tls_crlfile(state, conn->lp_ctx); - + const char *tls_priority = lpcfg_tls_priority(conn->lp_ctx); if (!ca_file || !*ca_file) { composite_error(result, NT_STATUS_INVALID_PARAMETER_MIX); @@ -474,6 +474,7 @@ _PUBLIC_ struct composite_context *ldap_connect_send(struct ldap_connection *con status = tstream_tls_params_client(state, ca_file, crl_file, + tls_priority, &state->tls_params); if (!NT_STATUS_IS_OK(status)) { composite_error(result, status); |