diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2006-05-02 20:15:47 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:05:32 -0500 |
| commit | 742c110cd67f4995639822981e8bfcb1f652f2c4 (patch) | |
| tree | cd6774c861b0a968c3d22b24b5a02a0be9c54043 /source4/ldap_server | |
| parent | 49994442bbb035b2c438a33f411d6b5a8b2313df (diff) | |
| download | samba-742c110cd67f4995639822981e8bfcb1f652f2c4.tar.gz samba-742c110cd67f4995639822981e8bfcb1f652f2c4.tar.bz2 samba-742c110cd67f4995639822981e8bfcb1f652f2c4.zip | |
r15400: Move the TLS code behind the socket interface.
This reduces caller complexity, because the TLS code is now called
just like any other socket. (A new socket context is returned by the
tls_init_server and tls_init_client routines).
When TLS is not available, the original socket is returned.
Andrew Bartlett
(This used to be commit 09b2f30dfa7a640f5187b4933204e9680be61497)
Diffstat (limited to 'source4/ldap_server')
| -rw-r--r-- | source4/ldap_server/ldap_server.c | 19 | ||||
| -rw-r--r-- | source4/ldap_server/ldap_server.h | 1 |
2 files changed, 8 insertions, 12 deletions
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c index ba5f415169..6f57073f18 100644 --- a/source4/ldap_server/ldap_server.c +++ b/source4/ldap_server/ldap_server.c @@ -46,10 +46,6 @@ static void ldapsrv_terminate_connection(struct ldapsrv_connection *conn, const char *reason) { - if (conn->tls) { - talloc_free(conn->tls); - conn->tls = NULL; - } stream_terminate_connection(conn->connection, reason); } @@ -430,13 +426,14 @@ static void ldapsrv_accept(struct stream_connection *c) port = socket_address->port; talloc_free(socket_address); - conn->tls = tls_init_server(ldapsrv_service->tls_params, c->socket, - c->event.fde, NULL, port != 389); - if (!conn->tls) { - ldapsrv_terminate_connection(conn, "ldapsrv_accept: tls_init_server() failed"); - return; + if (port == 636) { + c->socket = tls_init_server(ldapsrv_service->tls_params, c->socket, + c->event.fde, NULL); + if (!c->socket) { + ldapsrv_terminate_connection(conn, "ldapsrv_accept: tls_init_server() failed"); + return; + } } - conn->packet = packet_init(conn); if (conn->packet == NULL) { ldapsrv_terminate_connection(conn, "out of memory"); @@ -444,7 +441,7 @@ static void ldapsrv_accept(struct stream_connection *c) } packet_set_private(conn->packet, conn); - packet_set_tls(conn->packet, conn->tls); + packet_set_socket(conn->packet, c->socket); packet_set_callback(conn->packet, ldapsrv_decode); packet_set_full_request(conn->packet, ldapsrv_complete_packet); packet_set_error_handler(conn->packet, ldapsrv_error_handler); diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h index 10c93f6610..033f8ef67c 100644 --- a/source4/ldap_server/ldap_server.h +++ b/source4/ldap_server/ldap_server.h @@ -26,7 +26,6 @@ struct ldapsrv_connection { struct gensec_security *gensec; struct auth_session_info *session_info; struct ldapsrv_service *service; - struct tls_context *tls; struct cli_credentials *server_credentials; struct ldb_context *ldb; |