dovecot-1.2: Renamed auth_ntlm_use_winbind to auth_use_winbind,

Wed Aug 13 23:43:37 EEST 2008

details:   http://hg.dovecot.org/dovecot-1.2/rev/1f948670f274
changeset: 8095:1f948670f274
user:      Timo Sirainen <tss at iki.fi>
date:      Wed Aug 13 16:43:29 2008 -0400
description:
Renamed auth_ntlm_use_winbind to auth_use_winbind,
which also determines if GSS-SPNEGO is handled by GSSAPI or winbind.

diffstat:

6 files changed, 31 insertions(+), 27 deletions(-)
dovecot-example.conf         |    6 +++---
src/auth/mech-gssapi.c       |   16 +++++++++-------
src/auth/mech.c              |   26 ++++++++++++++------------
src/master/auth-process.c    |    4 ++--
src/master/master-settings.c |    4 ++--
src/master/master-settings.h |    2 +-

diffs (151 lines):

diff -r 641d761219a6 -r 1f948670f274 dovecot-example.conf

--- a/dovecot-example.conf	Wed Aug 13 16:22:53 2008 -0400
+++ b/dovecot-example.conf	Wed Aug 13 16:43:29 2008 -0400
@@ -786,9 +786,9 @@ protocol lda {
 # default (usually /etc/krb5.keytab) if not specified.
 #auth_krb5_keytab = 
 
-# Do NTLM authentication using Samba's winbind daemon and ntlm_auth helper.
-# <doc/wiki/Authentication/Mechanisms/Winbind.txt>
-#auth_ntlm_use_winbind = no
+# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
+# ntlm_auth helper. <doc/wiki/Authentication/Mechanisms/Winbind.txt>
+#auth_use_winbind = no
 
 # Path for Samba's ntlm_auth helper binary.
 #auth_winbind_helper_path = /usr/bin/ntlm_auth
diff -r 641d761219a6 -r 1f948670f274 src/auth/mech-gssapi.c
--- a/src/auth/mech-gssapi.c	Wed Aug 13 16:22:53 2008 -0400
+++ b/src/auth/mech-gssapi.c	Wed Aug 13 16:43:29 2008 -0400
@@ -578,7 +578,8 @@ void mech_gssapi_init(void)
 {
 	mech_register_module(&mech_gssapi);
 #ifdef HAVE_GSSAPI_SPNEGO
-	mech_register_module(&mech_gssapi_spnego);
+	if (getenv("NTLM_USE_WINBIND") == NULL)
+		mech_register_module(&mech_gssapi_spnego);
 #endif
 }
 
@@ -586,9 +587,10 @@ void mech_gssapi_deinit(void)
 {
 	mech_unregister_module(&mech_gssapi);
 #ifdef HAVE_GSSAPI_SPNEGO
-	mech_unregister_module(&mech_gssapi_spnego);
-#endif
-}
-#endif
-
-#endif
+	if (getenv("NTLM_USE_WINBIND") == NULL)
+		mech_unregister_module(&mech_gssapi_spnego);
+#endif
+}
+#endif
+
+#endif
diff -r 641d761219a6 -r 1f948670f274 src/auth/mech.c
--- a/src/auth/mech.c	Wed Aug 13 16:22:53 2008 -0400
+++ b/src/auth/mech.c	Wed Aug 13 16:43:29 2008 -0400
@@ -88,20 +88,21 @@ void mech_init(void)
 	mech_register_module(&mech_apop);
 	mech_register_module(&mech_cram_md5);
 	mech_register_module(&mech_digest_md5);
-	if (getenv("NTLM_USE_WINBIND") != NULL)
+	if (getenv("USE_WINBIND") != NULL) {
 		mech_register_module(&mech_winbind_ntlm);
-	else
+		mech_register_module(&mech_winbind_spnego);
+	} else {
 		mech_register_module(&mech_ntlm);
-	mech_register_module(&mech_winbind_spnego);
+#if defined(HAVE_GSSAPI_SPNEGO) && defined(BUILTIN_GSSAPI)
+		mech_register_module(&mech_gssapi_spnego);
+#endif
+	}
 	mech_register_module(&mech_otp);
 	mech_register_module(&mech_skey);
 	mech_register_module(&mech_rpa);
 	mech_register_module(&mech_anonymous);
 #ifdef BUILTIN_GSSAPI
 	mech_register_module(&mech_gssapi);
-#ifdef HAVE_GSSAPI_SPNEGO
-	mech_register_module(&mech_gssapi_spnego);
-#endif
 #endif
 }
 
@@ -112,19 +113,20 @@ void mech_deinit(void)
 	mech_unregister_module(&mech_apop);
 	mech_unregister_module(&mech_cram_md5);
 	mech_unregister_module(&mech_digest_md5);
-	if (getenv("NTLM_USE_WINBIND") != NULL)
+	if (getenv("NTLM_USE_WINBIND") != NULL) {
 		mech_unregister_module(&mech_winbind_ntlm);
-	else
+		mech_unregister_module(&mech_winbind_spnego);
+	} else {
 		mech_unregister_module(&mech_ntlm);
-	mech_unregister_module(&mech_winbind_spnego);
+#if defined(HAVE_GSSAPI_SPNEGO) && defined(BUILTIN_GSSAPI)
+		mech_unregister_module(&mech_gssapi_spnego);
+#endif
+	}
 	mech_unregister_module(&mech_otp);
 	mech_unregister_module(&mech_skey);
 	mech_unregister_module(&mech_rpa);
 	mech_unregister_module(&mech_anonymous);
 #ifdef BUILTIN_GSSAPI
 	mech_unregister_module(&mech_gssapi);
-#ifdef HAVE_GSSAPI_SPNEGO
-	mech_unregister_module(&mech_gssapi_spnego);
-#endif
 #endif
 }
diff -r 641d761219a6 -r 1f948670f274 src/master/auth-process.c
--- a/src/master/auth-process.c	Wed Aug 13 16:22:53 2008 -0400
+++ b/src/master/auth-process.c	Wed Aug 13 16:43:29 2008 -0400
@@ -485,8 +485,8 @@ static void auth_set_environment(struct 
 		env_put("SSL_REQUIRE_CLIENT_CERT=1");
 	if (set->ssl_username_from_cert)
 		env_put("SSL_USERNAME_FROM_CERT=1");
-	if (set->ntlm_use_winbind)
-		env_put("NTLM_USE_WINBIND=1");
+	if (set->use_winbind)
+		env_put("USE_WINBIND=1");
 	if (*set->krb5_keytab != '\0') {
 		/* Environment may be used by Kerberos 5 library directly,
 		   although we also try to use it directly as well */
diff -r 641d761219a6 -r 1f948670f274 src/master/master-settings.c
--- a/src/master/master-settings.c	Wed Aug 13 16:22:53 2008 -0400
+++ b/src/master/master-settings.c	Wed Aug 13 16:43:29 2008 -0400
@@ -90,7 +90,7 @@ static struct setting_def auth_setting_d
 	DEF_BOOL(debug_passwords),
 	DEF_BOOL(ssl_require_client_cert),
 	DEF_BOOL(ssl_username_from_cert),
-	DEF_BOOL(ntlm_use_winbind),
+	DEF_BOOL(use_winbind),
 
 	DEF_INT(count),
 	DEF_INT(worker_max_count),
@@ -327,7 +327,7 @@ struct auth_settings default_auth_settin
 	MEMBER(debug_passwords) FALSE,
 	MEMBER(ssl_require_client_cert) FALSE,
 	MEMBER(ssl_username_from_cert) FALSE,
-	MEMBER(ntlm_use_winbind) FALSE,
+	MEMBER(use_winbind) FALSE,
 
 	MEMBER(count) 1,
 	MEMBER(worker_max_count) 30,
diff -r 641d761219a6 -r 1f948670f274 src/master/master-settings.h
--- a/src/master/master-settings.h	Wed Aug 13 16:22:53 2008 -0400
+++ b/src/master/master-settings.h	Wed Aug 13 16:43:29 2008 -0400
@@ -217,7 +217,7 @@ struct auth_settings {
 	bool verbose, debug, debug_passwords;
 	bool ssl_require_client_cert;
 	bool ssl_username_from_cert;
-	bool ntlm_use_winbind;
+	bool use_winbind;
 
 	unsigned int count;
 	unsigned int worker_max_count;
