Mercurial > dovecot > original-hg > dovecot-1.2

changeset 8095:1f948670f274 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Renamed auth_ntlm_use_winbind to auth_use_winbind, which also determines if GSS-SPNEGO is handled by GSSAPI or winbind.
author Timo Sirainen <tss@iki.fi>
date Wed, 13 Aug 2008 16:43:29 -0400
parents 641d761219a6
children f35a8a3dc06d
files dovecot-example.conf src/auth/mech-gssapi.c src/auth/mech.c src/master/auth-process.c src/master/master-settings.c src/master/master-settings.h
diffstat 6 files changed, 26 insertions(+), 22 deletions(-) [+]
line wrap: on
line diff
--- a/dovecot-example.conf	Wed Aug 13 16:22:53 2008 -0400
+++ b/dovecot-example.conf	Wed Aug 13 16:43:29 2008 -0400
@@ -786,9 +786,9 @@
 # default (usually /etc/krb5.keytab) if not specified.
 #auth_krb5_keytab = 
 
-# Do NTLM authentication using Samba's winbind daemon and ntlm_auth helper.
-# <doc/wiki/Authentication/Mechanisms/Winbind.txt>
-#auth_ntlm_use_winbind = no
+# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
+# ntlm_auth helper. <doc/wiki/Authentication/Mechanisms/Winbind.txt>
+#auth_use_winbind = no
 
 # Path for Samba's ntlm_auth helper binary.
 #auth_winbind_helper_path = /usr/bin/ntlm_auth
--- a/src/auth/mech-gssapi.c	Wed Aug 13 16:22:53 2008 -0400
+++ b/src/auth/mech-gssapi.c	Wed Aug 13 16:43:29 2008 -0400
@@ -578,7 +578,8 @@
 {
 	mech_register_module(&mech_gssapi);
 #ifdef HAVE_GSSAPI_SPNEGO
-	mech_register_module(&mech_gssapi_spnego);
+	if (getenv("NTLM_USE_WINBIND") == NULL)
+		mech_register_module(&mech_gssapi_spnego);
 #endif
 }
 
@@ -586,7 +587,8 @@
 {
 	mech_unregister_module(&mech_gssapi);
 #ifdef HAVE_GSSAPI_SPNEGO
-	mech_unregister_module(&mech_gssapi_spnego);
+	if (getenv("NTLM_USE_WINBIND") == NULL)
+		mech_unregister_module(&mech_gssapi_spnego);
 #endif
 }
 #endif
--- a/src/auth/mech.c	Wed Aug 13 16:22:53 2008 -0400
+++ b/src/auth/mech.c	Wed Aug 13 16:43:29 2008 -0400
@@ -88,20 +88,21 @@
 	mech_register_module(&mech_apop);
 	mech_register_module(&mech_cram_md5);
 	mech_register_module(&mech_digest_md5);
-	if (getenv("NTLM_USE_WINBIND") != NULL)
+	if (getenv("USE_WINBIND") != NULL) {
 		mech_register_module(&mech_winbind_ntlm);
-	else
+		mech_register_module(&mech_winbind_spnego);
+	} else {
 		mech_register_module(&mech_ntlm);
-	mech_register_module(&mech_winbind_spnego);
+#if defined(HAVE_GSSAPI_SPNEGO) && defined(BUILTIN_GSSAPI)
+		mech_register_module(&mech_gssapi_spnego);
+#endif
+	}
 	mech_register_module(&mech_otp);
 	mech_register_module(&mech_skey);
 	mech_register_module(&mech_rpa);
 	mech_register_module(&mech_anonymous);
 #ifdef BUILTIN_GSSAPI
 	mech_register_module(&mech_gssapi);
-#ifdef HAVE_GSSAPI_SPNEGO
-	mech_register_module(&mech_gssapi_spnego);
-#endif
 #endif
 }
 
@@ -112,19 +113,20 @@
 	mech_unregister_module(&mech_apop);
 	mech_unregister_module(&mech_cram_md5);
 	mech_unregister_module(&mech_digest_md5);
-	if (getenv("NTLM_USE_WINBIND") != NULL)
+	if (getenv("NTLM_USE_WINBIND") != NULL) {
 		mech_unregister_module(&mech_winbind_ntlm);
-	else
+		mech_unregister_module(&mech_winbind_spnego);
+	} else {
 		mech_unregister_module(&mech_ntlm);
-	mech_unregister_module(&mech_winbind_spnego);
+#if defined(HAVE_GSSAPI_SPNEGO) && defined(BUILTIN_GSSAPI)
+		mech_unregister_module(&mech_gssapi_spnego);
+#endif
+	}
 	mech_unregister_module(&mech_otp);
 	mech_unregister_module(&mech_skey);
 	mech_unregister_module(&mech_rpa);
 	mech_unregister_module(&mech_anonymous);
 #ifdef BUILTIN_GSSAPI
 	mech_unregister_module(&mech_gssapi);
-#ifdef HAVE_GSSAPI_SPNEGO
-	mech_unregister_module(&mech_gssapi_spnego);
-#endif
 #endif
 }
--- a/src/master/auth-process.c	Wed Aug 13 16:22:53 2008 -0400
+++ b/src/master/auth-process.c	Wed Aug 13 16:43:29 2008 -0400
@@ -485,8 +485,8 @@
 		env_put("SSL_REQUIRE_CLIENT_CERT=1");
 	if (set->ssl_username_from_cert)
 		env_put("SSL_USERNAME_FROM_CERT=1");
-	if (set->ntlm_use_winbind)
-		env_put("NTLM_USE_WINBIND=1");
+	if (set->use_winbind)
+		env_put("USE_WINBIND=1");
 	if (*set->krb5_keytab != '\0') {
 		/* Environment may be used by Kerberos 5 library directly,
 		   although we also try to use it directly as well */
--- a/src/master/master-settings.c	Wed Aug 13 16:22:53 2008 -0400
+++ b/src/master/master-settings.c	Wed Aug 13 16:43:29 2008 -0400
@@ -90,7 +90,7 @@
 	DEF_BOOL(debug_passwords),
 	DEF_BOOL(ssl_require_client_cert),
 	DEF_BOOL(ssl_username_from_cert),
-	DEF_BOOL(ntlm_use_winbind),
+	DEF_BOOL(use_winbind),
 
 	DEF_INT(count),
 	DEF_INT(worker_max_count),
@@ -327,7 +327,7 @@
 	MEMBER(debug_passwords) FALSE,
 	MEMBER(ssl_require_client_cert) FALSE,
 	MEMBER(ssl_username_from_cert) FALSE,
-	MEMBER(ntlm_use_winbind) FALSE,
+	MEMBER(use_winbind) FALSE,
 
 	MEMBER(count) 1,
 	MEMBER(worker_max_count) 30,
--- a/src/master/master-settings.h	Wed Aug 13 16:22:53 2008 -0400
+++ b/src/master/master-settings.h	Wed Aug 13 16:43:29 2008 -0400
@@ -217,7 +217,7 @@
 	bool verbose, debug, debug_passwords;
 	bool ssl_require_client_cert;
 	bool ssl_username_from_cert;
-	bool ntlm_use_winbind;
+	bool use_winbind;
 
 	unsigned int count;
 	unsigned int worker_max_count;