1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00

s4:ldap_server: Add copy of non‐privileged ops specifically for ldapi connections

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15634

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Jo Sutton 2024-04-16 14:27:41 +12:00 committed by Andrew Bartlett
parent ec6579829f
commit c2378d0c6f

View File

@ -1139,6 +1139,30 @@ static const struct stream_server_ops ldap_stream_nonpriv_ops = {
.send_handler = ldapsrv_send,
};
static void ldapsrv_accept_nonpriv_ldapi(struct stream_connection *c)
{
struct ldapsrv_service *ldapsrv_service = talloc_get_type_abort(
c->private_data, struct ldapsrv_service);
struct auth_session_info *session_info;
NTSTATUS status;
status = auth_anonymous_session_info(
c, ldapsrv_service->lp_ctx, &session_info);
if (!NT_STATUS_IS_OK(status)) {
stream_terminate_connection(c, "failed to setup anonymous "
"session info");
return;
}
ldapsrv_accept(c, session_info, false);
}
static const struct stream_server_ops ldapi_stream_nonpriv_ops = {
.name = "ldap",
.accept_connection = ldapsrv_accept_nonpriv_ldapi,
.recv_handler = ldapsrv_recv,
.send_handler = ldapsrv_send,
};
/* The feature removed behind an #ifdef until we can do it properly
* with an EXTERNAL bind. */
@ -1479,7 +1503,7 @@ static NTSTATUS ldapsrv_task_init(struct task_server *task)
}
status = stream_setup_socket(task, task->event_ctx, task->lp_ctx,
task->model_ops, &ldap_stream_nonpriv_ops,
task->model_ops, &ldapi_stream_nonpriv_ops,
"unix", ldapi_path, NULL,
lpcfg_socket_options(task->lp_ctx),
ldap_service, task->process_context);