summaryrefslogtreecommitdiff
path: root/source4/ldap_server
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-05-02 20:15:47 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:05:32 -0500
commit742c110cd67f4995639822981e8bfcb1f652f2c4 (patch)
treecd6774c861b0a968c3d22b24b5a02a0be9c54043 /source4/ldap_server
parent49994442bbb035b2c438a33f411d6b5a8b2313df (diff)
downloadsamba-742c110cd67f4995639822981e8bfcb1f652f2c4.tar.gz
samba-742c110cd67f4995639822981e8bfcb1f652f2c4.tar.bz2
samba-742c110cd67f4995639822981e8bfcb1f652f2c4.zip
r15400: Move the TLS code behind the socket interface.
This reduces caller complexity, because the TLS code is now called just like any other socket. (A new socket context is returned by the tls_init_server and tls_init_client routines). When TLS is not available, the original socket is returned. Andrew Bartlett (This used to be commit 09b2f30dfa7a640f5187b4933204e9680be61497)
Diffstat (limited to 'source4/ldap_server')
-rw-r--r--source4/ldap_server/ldap_server.c19
-rw-r--r--source4/ldap_server/ldap_server.h1
2 files changed, 8 insertions, 12 deletions
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index ba5f415169..6f57073f18 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -46,10 +46,6 @@
static void ldapsrv_terminate_connection(struct ldapsrv_connection *conn,
const char *reason)
{
- if (conn->tls) {
- talloc_free(conn->tls);
- conn->tls = NULL;
- }
stream_terminate_connection(conn->connection, reason);
}
@@ -430,13 +426,14 @@ static void ldapsrv_accept(struct stream_connection *c)
port = socket_address->port;
talloc_free(socket_address);
- conn->tls = tls_init_server(ldapsrv_service->tls_params, c->socket,
- c->event.fde, NULL, port != 389);
- if (!conn->tls) {
- ldapsrv_terminate_connection(conn, "ldapsrv_accept: tls_init_server() failed");
- return;
+ if (port == 636) {
+ c->socket = tls_init_server(ldapsrv_service->tls_params, c->socket,
+ c->event.fde, NULL);
+ if (!c->socket) {
+ ldapsrv_terminate_connection(conn, "ldapsrv_accept: tls_init_server() failed");
+ return;
+ }
}
-
conn->packet = packet_init(conn);
if (conn->packet == NULL) {
ldapsrv_terminate_connection(conn, "out of memory");
@@ -444,7 +441,7 @@ static void ldapsrv_accept(struct stream_connection *c)
}
packet_set_private(conn->packet, conn);
- packet_set_tls(conn->packet, conn->tls);
+ packet_set_socket(conn->packet, c->socket);
packet_set_callback(conn->packet, ldapsrv_decode);
packet_set_full_request(conn->packet, ldapsrv_complete_packet);
packet_set_error_handler(conn->packet, ldapsrv_error_handler);
diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 10c93f6610..033f8ef67c 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -26,7 +26,6 @@ struct ldapsrv_connection {
struct gensec_security *gensec;
struct auth_session_info *session_info;
struct ldapsrv_service *service;
- struct tls_context *tls;
struct cli_credentials *server_credentials;
struct ldb_context *ldb;