sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-11-30 20:23:49 +03:00
Code Activity

r17237: - keep pointer to the different sockets

Browse Source 
- we need this to later:
  - to disallow a StartTLS when TLS is already in use
  - to place the TLS socket between the raw and sasl socket
    when we had a sasl bind before the StartTLS
  - and rfc4513 says that the server may allow to remove the TLS from
    the tcp connection again and reuse raw tcp
  - and also a 2nd sasl bind should replace the old sasl socket

metze
This commit is contained in:
Stefan Metzmacher
2006-07-25 19:20:04 +00:00
committed by Gerald (Jerry) Carter
parent f2196bf9b6
commit 10cb9c07ac
4 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
source/ldap_server/ldap_backend.c
View File

@@ -747,6 +747,7 @@ static void ldapsrv_start_tls(void *private)
talloc_steal(ctx->conn->connection, ctx->tls_socket);
talloc_unlink(ctx->conn->connection, ctx->conn->connection->socket);
ctx->conn->sockets.tls = ctx->tls_socket;
ctx->conn->connection->socket = ctx->tls_socket;
packet_set_socket(ctx->conn->packet, ctx->conn->connection->socket);
}
@@ -767,7 +768,6 @@ static NTSTATUS ldapsrv_ExtendedRequest(struct ldapsrv_call *call)
/* check if we have a START_TLS call */
if (strcmp(req->oid, LDB_EXTENDED_START_TLS_OID) == 0) {
NTSTATUS status;
struct ldapsrv_starttls_context *ctx;
int result = 0;
const char *errstr;

1
source/ldap_server/ldap_bind.c
View File

@@ -101,6 +101,7 @@ static void ldapsrv_set_sasl(void *private)
talloc_steal(ctx->conn->connection, ctx->sasl_socket);
talloc_unlink(ctx->conn->connection, ctx->conn->connection->socket);
ctx->conn->sockets.sasl = ctx->sasl_socket;
ctx->conn->connection->socket = ctx->sasl_socket;
packet_set_socket(ctx->conn->packet, ctx->conn->connection->socket);
}

2
source/ldap_server/ldap_server.c
View File

@@ -330,6 +330,7 @@ static void ldapsrv_accept(struct stream_connection *c)
conn->packet = NULL;
conn->connection = c;
conn->service = ldapsrv_service;
conn->sockets.raw = c->socket;
c->private = conn;
@@ -351,6 +352,7 @@ static void ldapsrv_accept(struct stream_connection *c)
talloc_unlink(c, c->socket);
talloc_steal(c, tls_socket);
c->socket = tls_socket;
conn->sockets.tls = tls_socket;
} else if (port == 3268) /* Global catalog */ {
conn->global_catalog = True;

8
source/ldap_server/ldap_server.h
View File

@@ -31,6 +31,12 @@ struct ldapsrv_connection {
struct cli_credentials *server_credentials;
struct ldb_context *ldb;
struct {
struct socket_context *raw;
struct socket_context *tls;
struct socket_context *sasl;
} sockets;
BOOL global_catalog;
struct packet_context *packet;
@@ -57,8 +63,6 @@ struct ldapsrv_call {
void *send_private;
};
struct ldapsrv_service;
struct ldapsrv_service {
struct tls_params *tls_params;
};