svn commit: samba r17237 - in
branches/SAMBA_4_0/source/ldap_server: .
metze at samba.org
metze at samba.org
Tue Jul 25 19:20:05 GMT 2006
Author: metze
Date: 2006-07-25 19:20:04 +0000 (Tue, 25 Jul 2006)
New Revision: 17237
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17237
Log:
- keep pointer to the different sockets
- we need this to later:
- to disallow a StartTLS when TLS is already in use
- to place the TLS socket between the raw and sasl socket
when we had a sasl bind before the StartTLS
- and rfc4513 says that the server may allow to remove the TLS from
the tcp connection again and reuse raw tcp
- and also a 2nd sasl bind should replace the old sasl socket
metze
Modified:
branches/SAMBA_4_0/source/ldap_server/ldap_backend.c
branches/SAMBA_4_0/source/ldap_server/ldap_bind.c
branches/SAMBA_4_0/source/ldap_server/ldap_server.c
branches/SAMBA_4_0/source/ldap_server/ldap_server.h
Changeset:
Modified: branches/SAMBA_4_0/source/ldap_server/ldap_backend.c
===================================================================
--- branches/SAMBA_4_0/source/ldap_server/ldap_backend.c 2006-07-25 18:42:26 UTC (rev 17236)
+++ branches/SAMBA_4_0/source/ldap_server/ldap_backend.c 2006-07-25 19:20:04 UTC (rev 17237)
@@ -747,6 +747,7 @@
talloc_steal(ctx->conn->connection, ctx->tls_socket);
talloc_unlink(ctx->conn->connection, ctx->conn->connection->socket);
+ ctx->conn->sockets.tls = ctx->tls_socket;
ctx->conn->connection->socket = ctx->tls_socket;
packet_set_socket(ctx->conn->packet, ctx->conn->connection->socket);
}
@@ -767,7 +768,6 @@
/* check if we have a START_TLS call */
if (strcmp(req->oid, LDB_EXTENDED_START_TLS_OID) == 0) {
- NTSTATUS status;
struct ldapsrv_starttls_context *ctx;
int result = 0;
const char *errstr;
Modified: branches/SAMBA_4_0/source/ldap_server/ldap_bind.c
===================================================================
--- branches/SAMBA_4_0/source/ldap_server/ldap_bind.c 2006-07-25 18:42:26 UTC (rev 17236)
+++ branches/SAMBA_4_0/source/ldap_server/ldap_bind.c 2006-07-25 19:20:04 UTC (rev 17237)
@@ -101,6 +101,7 @@
talloc_steal(ctx->conn->connection, ctx->sasl_socket);
talloc_unlink(ctx->conn->connection, ctx->conn->connection->socket);
+ ctx->conn->sockets.sasl = ctx->sasl_socket;
ctx->conn->connection->socket = ctx->sasl_socket;
packet_set_socket(ctx->conn->packet, ctx->conn->connection->socket);
}
Modified: branches/SAMBA_4_0/source/ldap_server/ldap_server.c
===================================================================
--- branches/SAMBA_4_0/source/ldap_server/ldap_server.c 2006-07-25 18:42:26 UTC (rev 17236)
+++ branches/SAMBA_4_0/source/ldap_server/ldap_server.c 2006-07-25 19:20:04 UTC (rev 17237)
@@ -330,6 +330,7 @@
conn->packet = NULL;
conn->connection = c;
conn->service = ldapsrv_service;
+ conn->sockets.raw = c->socket;
c->private = conn;
@@ -351,6 +352,7 @@
talloc_unlink(c, c->socket);
talloc_steal(c, tls_socket);
c->socket = tls_socket;
+ conn->sockets.tls = tls_socket;
} else if (port == 3268) /* Global catalog */ {
conn->global_catalog = True;
Modified: branches/SAMBA_4_0/source/ldap_server/ldap_server.h
===================================================================
--- branches/SAMBA_4_0/source/ldap_server/ldap_server.h 2006-07-25 18:42:26 UTC (rev 17236)
+++ branches/SAMBA_4_0/source/ldap_server/ldap_server.h 2006-07-25 19:20:04 UTC (rev 17237)
@@ -31,6 +31,12 @@
struct cli_credentials *server_credentials;
struct ldb_context *ldb;
+ struct {
+ struct socket_context *raw;
+ struct socket_context *tls;
+ struct socket_context *sasl;
+ } sockets;
+
BOOL global_catalog;
struct packet_context *packet;
@@ -57,8 +63,6 @@
void *send_private;
};
-struct ldapsrv_service;
-
struct ldapsrv_service {
struct tls_params *tls_params;
};
More information about the samba-cvs
mailing list