svn commit: samba r17237 - in branches/SAMBA_4_0/source/ldap_server: .

metze at samba.org metze at samba.org
Tue Jul 25 19:20:05 GMT 2006


Author: metze
Date: 2006-07-25 19:20:04 +0000 (Tue, 25 Jul 2006)
New Revision: 17237

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17237

Log:
- keep pointer to the different sockets
- we need this to later:
  - to disallow a StartTLS when TLS is already in use
  - to place the TLS socket between the raw and sasl socket
    when we had a sasl bind before the StartTLS
  - and rfc4513 says that the server may allow to remove the TLS from
    the tcp connection again and reuse raw tcp
  - and also a 2nd sasl bind should replace the old sasl socket

metze
Modified:
   branches/SAMBA_4_0/source/ldap_server/ldap_backend.c
   branches/SAMBA_4_0/source/ldap_server/ldap_bind.c
   branches/SAMBA_4_0/source/ldap_server/ldap_server.c
   branches/SAMBA_4_0/source/ldap_server/ldap_server.h


Changeset:
Modified: branches/SAMBA_4_0/source/ldap_server/ldap_backend.c
===================================================================
--- branches/SAMBA_4_0/source/ldap_server/ldap_backend.c	2006-07-25 18:42:26 UTC (rev 17236)
+++ branches/SAMBA_4_0/source/ldap_server/ldap_backend.c	2006-07-25 19:20:04 UTC (rev 17237)
@@ -747,6 +747,7 @@
 	talloc_steal(ctx->conn->connection, ctx->tls_socket);
 	talloc_unlink(ctx->conn->connection, ctx->conn->connection->socket);
 
+	ctx->conn->sockets.tls = ctx->tls_socket;
 	ctx->conn->connection->socket = ctx->tls_socket;
 	packet_set_socket(ctx->conn->packet, ctx->conn->connection->socket);
 }
@@ -767,7 +768,6 @@
 
 	/* check if we have a START_TLS call */
 	if (strcmp(req->oid, LDB_EXTENDED_START_TLS_OID) == 0) {
-		NTSTATUS status;
 		struct ldapsrv_starttls_context *ctx;
 		int result = 0;
 		const char *errstr;

Modified: branches/SAMBA_4_0/source/ldap_server/ldap_bind.c
===================================================================
--- branches/SAMBA_4_0/source/ldap_server/ldap_bind.c	2006-07-25 18:42:26 UTC (rev 17236)
+++ branches/SAMBA_4_0/source/ldap_server/ldap_bind.c	2006-07-25 19:20:04 UTC (rev 17237)
@@ -101,6 +101,7 @@
 	talloc_steal(ctx->conn->connection, ctx->sasl_socket);
 	talloc_unlink(ctx->conn->connection, ctx->conn->connection->socket);
 
+	ctx->conn->sockets.sasl = ctx->sasl_socket;
 	ctx->conn->connection->socket = ctx->sasl_socket;
 	packet_set_socket(ctx->conn->packet, ctx->conn->connection->socket);
 }

Modified: branches/SAMBA_4_0/source/ldap_server/ldap_server.c
===================================================================
--- branches/SAMBA_4_0/source/ldap_server/ldap_server.c	2006-07-25 18:42:26 UTC (rev 17236)
+++ branches/SAMBA_4_0/source/ldap_server/ldap_server.c	2006-07-25 19:20:04 UTC (rev 17237)
@@ -330,6 +330,7 @@
 	conn->packet      = NULL;
 	conn->connection  = c;
 	conn->service     = ldapsrv_service;
+	conn->sockets.raw = c->socket;
 
 	c->private        = conn;
 
@@ -351,6 +352,7 @@
 		talloc_unlink(c, c->socket);
 		talloc_steal(c, tls_socket);
 		c->socket = tls_socket;
+		conn->sockets.tls = tls_socket;
 
 	} else if (port == 3268) /* Global catalog */ {
 		conn->global_catalog = True;

Modified: branches/SAMBA_4_0/source/ldap_server/ldap_server.h
===================================================================
--- branches/SAMBA_4_0/source/ldap_server/ldap_server.h	2006-07-25 18:42:26 UTC (rev 17236)
+++ branches/SAMBA_4_0/source/ldap_server/ldap_server.h	2006-07-25 19:20:04 UTC (rev 17237)
@@ -31,6 +31,12 @@
 	struct cli_credentials *server_credentials;
 	struct ldb_context *ldb;
 
+	struct {
+		struct socket_context *raw;
+		struct socket_context *tls;
+		struct socket_context *sasl;
+	} sockets;
+
 	BOOL global_catalog;
 
 	struct packet_context *packet;
@@ -57,8 +63,6 @@
 	void *send_private;
 };
 
-struct ldapsrv_service;
-
 struct ldapsrv_service {
 	struct tls_params *tls_params;
 };



More information about the samba-cvs mailing list