Remove depracated "ldap ssl ads" smb.conf option

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14462

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Tue Aug 11 10:53:05 UTC 2020 on sn-devel-184

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index f76aa4e79a0f22776fb4353095666ac7068b3387..206ee6ad20dc0079801262d27ffd40cf79ee0817 100644 (file)
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -17,17 +17,6 @@ NEW FEATURES/CHANGES
 ====================
 
 
-The "ldap ssl ads" option no longer depends on "ldap ssl" option:
------------------------------------------------------------------
-With this release, the "ldap ssl ads" can be set to "yes" even if "ldap ssl"
-is off.
-
-The "ldap ssl ads" no longer requires sasl-wrapping to be set to plain:
------------------------------------------------------------------------
-This is now done implicitly when over TLS, so "client ldap sasl wrapping"
-does not need to be set to "plain" in order for it to work.
-
-
 CTDB CHANGES
 ============
 
@@ -44,12 +33,14 @@ CTDB CHANGES
 REMOVED FEATURES
 ================
 
+The deprecated "ldap ssl ads" smb.conf option has been removed.
 
 smb.conf changes
 ================
 
   Parameter Name                     Description                Default
   --------------                     -----------                -------
+  ldap ssl ads                       removed
 
 
 

diff --git a/docs-xml/smbdotconf/ldap/ldapsslads.xml b/docs-xml/smbdotconf/ldap/ldapsslads.xml
deleted file mode 100644 (file)
index f99afe5..0000000
--- a/docs-xml/smbdotconf/ldap/ldapsslads.xml
+++ /dev/null
@@ -1,18 +0,0 @@
-<samba:parameter name="ldap ssl ads"
-                 context="G"
-                 type="boolean"
-                deprecated="1"
-                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
-<description>
-       <para>This option is used to define whether or not Samba should
-       use SSL when connecting to the ldap server using
-       <emphasis>ads</emphasis> methods.
-       Rpc methods are not affected by this parameter.
-       </para>
-
-       <para>See also <smbconfoption name="ldap ssl"/>.
-       </para>
-
-</description>
-<value type="default">no</value>
-</samba:parameter>

diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index d431156912fbd28006f2b8b7984f9439a187cbd2..ee4628a09a27ee637bf361fabfe1f254f248fc3e 100755 (executable)
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -704,17 +704,6 @@ got_connection:
 
        ldap_set_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version);
 
-       if ( lp_ldap_ssl_ads() ) {
-               status = ADS_ERROR(smbldap_start_tls_start(ads->ldap.ld, version));
-               if (!ADS_ERR_OK(status)) {
-                       goto out;
-               }
-               if (!ads_set_sasl_wrap_flags(ads, 0)) {
-                       status = ADS_ERROR(LDAP_OPERATIONS_ERROR);
-                       goto out;
-               }
-       }
-
        /* fill in the current time and offsets */
 
        status = ads_current_time( ads );

diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index ebe120433ee09317e9d59a0b756b7534032cbc16..73f7c065e0977eac0fd4bfbc0a76c0b1c81932b8 100644 (file)
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -740,7 +740,6 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
 
        lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
        Globals.ldap_ssl = LDAP_SSL_START_TLS;
-       Globals.ldap_ssl_ads = false;
        Globals.ldap_deref = -1;
        Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
        Globals.ldap_delete_dn = false;