summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2008-09-24 18:38:45 +0200
committerJelmer Vernooij <jelmer@samba.org>2008-09-24 18:38:45 +0200
commitedeb20b92128f1859d2d8ecee820846ac5799ed5 (patch)
treeb7c66bf4da6bbe5628fc25def555448d1789b5b1
parentda01822671b3a553fd805315df7322b8225cfe95 (diff)
parentd2062ab74f7684f8b6975a7415fac23389851278 (diff)
downloadsamba-edeb20b92128f1859d2d8ecee820846ac5799ed5.tar.gz
samba-edeb20b92128f1859d2d8ecee820846ac5799ed5.tar.bz2
samba-edeb20b92128f1859d2d8ecee820846ac5799ed5.zip
Merge branch 'master' of ssh://git.samba.org/data/git/samba into arc4
Conflicts: source3/include/includes.h
-rw-r--r--lib/crypto/hmacmd5.h2
-rw-r--r--lib/crypto/hmacmd5test.c2
-rw-r--r--lib/crypto/hmacsha256.c2
-rw-r--r--lib/crypto/md4test.c2
-rw-r--r--lib/crypto/md5test.c2
-rw-r--r--source3/Makefile.in2
-rw-r--r--source3/include/includes.h1
-rw-r--r--source3/include/proto.h4
-rw-r--r--source3/lib/crc32.c103
-rw-r--r--source3/libsmb/ntlmssp_sign.c4
-rw-r--r--source3/libsmb/smbencrypt.c2
-rw-r--r--source4/Makefile3
-rw-r--r--source4/auth/gensec/gensec.h1
-rw-r--r--source4/auth/gensec/socket.c13
-rw-r--r--source4/ldap_server/ldap_bind.c1
-rwxr-xr-xsource4/lib/ldb/tests/python/ldap.py5
-rw-r--r--source4/libcli/ldap/ldap_bind.c1
-rw-r--r--source4/libcli/ldap/ldap_client.c21
18 files changed, 40 insertions, 131 deletions
diff --git a/lib/crypto/hmacmd5.h b/lib/crypto/hmacmd5.h
index d649906bb4..91b8ca586c 100644
--- a/lib/crypto/hmacmd5.h
+++ b/lib/crypto/hmacmd5.h
@@ -21,6 +21,8 @@
#ifndef _HMAC_MD5_H
#define _HMAC_MD5_H
+#include "../lib/crypto/md5.h"
+
typedef struct
{
struct MD5Context ctx;
diff --git a/lib/crypto/hmacmd5test.c b/lib/crypto/hmacmd5test.c
index 07ed54c98d..0a98404eda 100644
--- a/lib/crypto/hmacmd5test.c
+++ b/lib/crypto/hmacmd5test.c
@@ -17,7 +17,7 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
-#include "lib/crypto/crypto.h"
+#include "../lib/crypto/crypto.h"
struct torture_context;
diff --git a/lib/crypto/hmacsha256.c b/lib/crypto/hmacsha256.c
index 6b0af9ee83..53d4fe3883 100644
--- a/lib/crypto/hmacsha256.c
+++ b/lib/crypto/hmacsha256.c
@@ -27,7 +27,7 @@
*/
#include "includes.h"
-#include "lib/crypto/crypto.h"
+#include "../lib/crypto/crypto.h"
/***********************************************************************
the rfc 2104/2202 version of hmac_sha256 initialisation.
diff --git a/lib/crypto/md4test.c b/lib/crypto/md4test.c
index 5e0451973c..dddf9e61a0 100644
--- a/lib/crypto/md4test.c
+++ b/lib/crypto/md4test.c
@@ -18,7 +18,7 @@
*/
#include "includes.h"
-#include "lib/crypto/crypto.h"
+#include "../lib/crypto/crypto.h"
struct torture_context;
diff --git a/lib/crypto/md5test.c b/lib/crypto/md5test.c
index 702e0fcf41..1244dca753 100644
--- a/lib/crypto/md5test.c
+++ b/lib/crypto/md5test.c
@@ -18,7 +18,7 @@
*/
#include "includes.h"
-#include "lib/crypto/crypto.h"
+#include "../lib/crypto/crypto.h"
struct torture_context;
diff --git a/source3/Makefile.in b/source3/Makefile.in
index d48e597ce3..b8ce0523dd 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -320,7 +320,7 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) \
lib/signal.o lib/system.o lib/sendfile.o lib/recvfile.o lib/time.o \
lib/ufc.o lib/genrand.o lib/username.o \
lib/util_pw.o lib/access.o lib/smbrun.o \
- lib/bitmap.o lib/crc32.o lib/dprintf.o \
+ lib/bitmap.o ../lib/crypto/crc32.o lib/dprintf.o \
lib/xfile.o lib/wins_srv.o $(UTIL_REG_OBJ) \
lib/util_str.o lib/clobber.o lib/util_sid.o lib/util_uuid.o \
lib/util_unistr.o lib/util_file.o lib/data_blob.o \
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 25135d75ed..0417a7e01c 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -688,6 +688,7 @@ typedef char fstring[FSTRING_LEN];
#include "rap.h"
#include "../lib/crypto/md5.h"
#include "../lib/crypto/arcfour.h"
+#include "../lib/crypto/crc32.h"
#include "../lib/crypto/hmacmd5.h"
#include "ntlmssp.h"
#include "auth.h"
diff --git a/source3/include/proto.h b/source3/include/proto.h
index ad7350c5d1..198248c517 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -432,10 +432,6 @@ int connections_forall(int (*fn)(struct db_record *rec,
void *private_data);
bool connections_init(bool rw);
-/* The following definitions come from lib/crc32.c */
-
-uint32 crc32_calc_buffer(const char *buf, size_t size);
-
/* The following definitions come from lib/data_blob.c */
DATA_BLOB data_blob(const void *p, size_t length);
diff --git a/source3/lib/crc32.c b/source3/lib/crc32.c
deleted file mode 100644
index a4ae90c469..0000000000
--- a/source3/lib/crc32.c
+++ /dev/null
@@ -1,103 +0,0 @@
-/*-
- * COPYRIGHT (C) 1986 Gary S. Brown. You may use this program, or
- * code or tables extracted from it, as desired without restriction.
- *
- * First, the polynomial itself and its table of feedback terms. The
- * polynomial is
- * X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8+X^7+X^5+X^4+X^2+X^1+X^0
- *
- * Note that we take it "backwards" and put the highest-order term in
- * the lowest-order bit. The X^32 term is "implied"; the LSB is the
- * X^31 term, etc. The X^0 term (usually shown as "+1") results in
- * the MSB being 1
- *
- * Note that the usual hardware shift register implementation, which
- * is what we're using (we're merely optimizing it by doing eight-bit
- * chunks at a time) shifts bits into the lowest-order term. In our
- * implementation, that means shifting towards the right. Why do we
- * do it this way? Because the calculated CRC must be transmitted in
- * order from highest-order term to lowest-order term. UARTs transmit
- * characters in order from LSB to MSB. By storing the CRC this way
- * we hand it to the UART in the order low-byte to high-byte; the UART
- * sends each low-bit to hight-bit; and the result is transmission bit
- * by bit from highest- to lowest-order term without requiring any bit
- * shuffling on our part. Reception works similarly
- *
- * The feedback terms table consists of 256, 32-bit entries. Notes
- *
- * The table can be generated at runtime if desired; code to do so
- * is shown later. It might not be obvious, but the feedback
- * terms simply represent the results of eight shift/xor opera
- * tions for all combinations of data and CRC register values
- *
- * The values must be right-shifted by eight bits by the "updcrc
- * logic; the shift must be unsigned (bring in zeroes). On some
- * hardware you could probably optimize the shift in assembler by
- * using byte-swap instructions
- * polynomial $edb88320
- *
- *
- * CRC32 code derived from work by Gary S. Brown.
- */
-
-#include "includes.h"
-
-static const uint32 crc32_tab[] = {
- 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f,
- 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
- 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2,
- 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
- 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9,
- 0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
- 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c,
- 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
- 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423,
- 0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
- 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106,
- 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
- 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d,
- 0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
- 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,
- 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
- 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7,
- 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
- 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa,
- 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
- 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81,
- 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
- 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84,
- 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
- 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,
- 0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
- 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e,
- 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
- 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55,
- 0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
- 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28,
- 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
- 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f,
- 0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
- 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,
- 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
- 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69,
- 0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
- 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc,
- 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
- 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693,
- 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
- 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
-};
-
-uint32 crc32_calc_buffer(const char *buf, size_t size)
-{
- const unsigned char *p;
- uint32 crc;
-
- p = (const unsigned char *)buf;
- crc = ~0U;
-
- while (size--)
- crc = crc32_tab[(crc ^ *p++) & 0xFF] ^ (crc >> 8);
-
- return crc ^ ~0U;
-}
diff --git a/source3/libsmb/ntlmssp_sign.c b/source3/libsmb/ntlmssp_sign.c
index 4db5141cce..5120544058 100644
--- a/source3/libsmb/ntlmssp_sign.c
+++ b/source3/libsmb/ntlmssp_sign.c
@@ -117,7 +117,7 @@ static NTSTATUS ntlmssp_make_packet_signature(NTLMSSP_STATE *ntlmssp_state,
} else {
uint32 crc;
- crc = crc32_calc_buffer((const char *)data, length);
+ crc = crc32_calc_buffer(data, length);
if (!msrpc_gen(sig, "dddd", NTLMSSP_SIGN_VERSION, 0, crc, ntlmssp_state->ntlmv1_seq_num)) {
return NT_STATUS_NO_MEMORY;
}
@@ -265,7 +265,7 @@ NTSTATUS ntlmssp_seal_packet(NTLMSSP_STATE *ntlmssp_state,
}
} else {
uint32 crc;
- crc = crc32_calc_buffer((const char *)data, length);
+ crc = crc32_calc_buffer(data, length);
if (!msrpc_gen(sig, "dddd", NTLMSSP_SIGN_VERSION, 0, crc, ntlmssp_state->ntlmv1_seq_num)) {
return NT_STATUS_NO_MEMORY;
}
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 0742976635..05fd808a32 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -847,7 +847,7 @@ DATA_BLOB decrypt_drsuapi_blob(TALLOC_CTX *mem_ctx,
* of the remaining bytes
*/
crc32_given = IVAL(dec_buffer.data, 0);
- crc32_calc = crc32_calc_buffer((const char *)dec_buffer.data + 4 , dec_buffer.length - 4);
+ crc32_calc = crc32_calc_buffer(dec_buffer.data + 4 , dec_buffer.length - 4);
if (crc32_given != crc32_calc) {
DEBUG(1,("CRC32: given[0x%08X] calc[0x%08X]\n",
crc32_given, crc32_calc));
diff --git a/source4/Makefile b/source4/Makefile
index 3630adce56..813f0cedd4 100644
--- a/source4/Makefile
+++ b/source4/Makefile
@@ -132,6 +132,9 @@ else
include $(srcdir)/static_deps.mk
endif
+clean::
+ @find ../lib ../libcli -name '*.o' -o -name '*.hd' | xargs rm -f
+
DEFAULT_HEADERS = $(srcdir)/lib/util/dlinklist.h \
$(srcdir)/version.h
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h
index 2830297ffe..84fc26d127 100644
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -174,6 +174,7 @@ struct gensec_security;
struct socket_context;
NTSTATUS gensec_socket_init(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
struct socket_context *current_socket,
struct event_context *ev,
void (*recv_handler)(void *, uint16_t),
diff --git a/source4/auth/gensec/socket.c b/source4/auth/gensec/socket.c
index 27449bf610..319730e2ca 100644
--- a/source4/auth/gensec/socket.c
+++ b/source4/auth/gensec/socket.c
@@ -408,8 +408,10 @@ static NTSTATUS gensec_socket_send(struct socket_context *sock,
}
/* Turn a normal socket into a potentially GENSEC wrapped socket */
+/* CAREFUL: this function will steal 'current_socket' */
NTSTATUS gensec_socket_init(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
struct socket_context *current_socket,
struct event_context *ev,
void (*recv_handler)(void *, uint16_t),
@@ -420,7 +422,7 @@ NTSTATUS gensec_socket_init(struct gensec_security *gensec_security,
struct socket_context *new_sock;
NTSTATUS nt_status;
- nt_status = socket_create_with_ops(current_socket, &gensec_socket_ops, &new_sock,
+ nt_status = socket_create_with_ops(mem_ctx, &gensec_socket_ops, &new_sock,
SOCKET_TYPE_STREAM, current_socket->flags | SOCKET_FLAG_ENCRYPT);
if (!NT_STATUS_IS_OK(nt_status)) {
*new_socket = NULL;
@@ -432,22 +434,19 @@ NTSTATUS gensec_socket_init(struct gensec_security *gensec_security,
gensec_socket = talloc(new_sock, struct gensec_socket);
if (gensec_socket == NULL) {
*new_socket = NULL;
+ talloc_free(new_sock);
return NT_STATUS_NO_MEMORY;
}
new_sock->private_data = gensec_socket;
gensec_socket->socket = current_socket;
- if (talloc_reference(gensec_socket, current_socket) == NULL) {
- *new_socket = NULL;
- return NT_STATUS_NO_MEMORY;
- }
-
/* Nothing to do here, if we are not actually wrapping on this socket */
if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL) &&
!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
gensec_socket->wrap = false;
+ talloc_steal(gensec_socket, current_socket);
*new_socket = new_sock;
return NT_STATUS_OK;
}
@@ -469,6 +468,7 @@ NTSTATUS gensec_socket_init(struct gensec_security *gensec_security,
gensec_socket->packet = packet_init(gensec_socket);
if (gensec_socket->packet == NULL) {
*new_socket = NULL;
+ talloc_free(new_sock);
return NT_STATUS_NO_MEMORY;
}
@@ -481,6 +481,7 @@ NTSTATUS gensec_socket_init(struct gensec_security *gensec_security,
/* TODO: full-request that knows about maximum packet size */
+ talloc_steal(gensec_socket, current_socket);
*new_socket = new_sock;
return NT_STATUS_OK;
}
diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index 8357251a8f..20777e5261 100644
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -208,6 +208,7 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
} else {
ctx->conn = conn;
status = gensec_socket_init(conn->gensec,
+ conn->connection,
conn->connection->socket,
conn->connection->event.ctx,
stream_io_handler_callback,
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index bc6f80e856..6c910b63f1 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -781,7 +781,10 @@ member: cn=ldaptestuser4,cn=ldaptestcontainer,""" + self.base_dn + """
self.assertTrue("objectGuid" not in res[0])
self.assertTrue("whenCreated" in res[0])
self.assertTrue("nTSecurityDescriptor" in res[0])
- self.assertEquals(res[0]["member"][0].upper(), ("CN=ldaptestuser2,CN=Users," + self.base_dn).upper())
+ memberUP = []
+ for m in res[0]["member"]:
+ memberUP.append(m.upper())
+ self.assertTrue(("CN=ldaptestuser2,CN=Users," + self.base_dn).upper() in memberUP)
ldb.modify_ldif("""
dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
diff --git a/source4/libcli/ldap/ldap_bind.c b/source4/libcli/ldap/ldap_bind.c
index 65673116be..b66232c02e 100644
--- a/source4/libcli/ldap/ldap_bind.c
+++ b/source4/libcli/ldap/ldap_bind.c
@@ -387,6 +387,7 @@ _PUBLIC_ NTSTATUS ldap_bind_sasl(struct ldap_connection *conn,
if (NT_STATUS_IS_OK(status)) {
struct socket_context *sasl_socket;
status = gensec_socket_init(conn->gensec,
+ conn,
conn->sock,
conn->event.event_ctx,
ldap_read_io_handler,
diff --git a/source4/libcli/ldap/ldap_client.c b/source4/libcli/ldap/ldap_client.c
index 844238afdb..d7960f901a 100644
--- a/source4/libcli/ldap/ldap_client.c
+++ b/source4/libcli/ldap/ldap_client.c
@@ -77,6 +77,12 @@ static void ldap_connection_dead(struct ldap_connection *conn)
{
struct ldap_request *req;
+ talloc_free(conn->sock); /* this will also free event.fde */
+ talloc_free(conn->packet);
+ conn->sock = NULL;
+ conn->event.fde = NULL;
+ conn->packet = NULL;
+
/* return an error for any pending request ... */
while (conn->pending) {
req = conn->pending;
@@ -87,12 +93,6 @@ static void ldap_connection_dead(struct ldap_connection *conn)
req->async.fn(req);
}
}
-
- talloc_free(conn->sock); /* this will also free event.fde */
- talloc_free(conn->packet);
- conn->sock = NULL;
- conn->event.fde = NULL;
- conn->packet = NULL;
}
static void ldap_reconnect(struct ldap_connection *conn);
@@ -400,6 +400,7 @@ static void ldap_connect_got_sock(struct composite_context *ctx,
talloc_steal(conn, conn->sock);
if (conn->ldaps) {
struct socket_context *tls_socket;
+ struct socket_context *tmp_socket;
char *cafile = private_path(conn->sock, conn->lp_ctx, lp_tls_cafile(conn->lp_ctx));
if (!cafile || !*cafile) {
@@ -414,9 +415,11 @@ static void ldap_connect_got_sock(struct composite_context *ctx,
talloc_free(conn->sock);
return;
}
- talloc_unlink(conn, conn->sock);
- conn->sock = tls_socket;
- talloc_steal(conn, conn->sock);
+
+ /* the original socket, must become a child of the tls socket */
+ tmp_socket = conn->sock;
+ conn->sock = talloc_steal(conn, tls_socket);
+ talloc_steal(conn->sock, tmp_socket);
}
conn->packet = packet_init(conn);