r12227: I realised that I wasn't yet seeing authenticated LDAP for the ldb

backend.

The idea is that every time we open an LDB, we can provide a
session_info and/or credentials.  This would allow any ldb to be remote
to LDAP.  We should also support provisioning to a authenticated ldap
server.

(They are separate so we can say authenticate as foo for remote, but
here we just want a token of SYSTEM).

Andrew Bartlett
(This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)

1 files changed, 2 insertions, 4 deletions

diff --git a/source4/lib/ldb/ldb_ildap/ldb_ildap.c b/source4/lib/ldb/ldb_ildap/ldb_ildap.c
index e195ec24aa..582513df6f 100644
--- a/source4/lib/ldb/ldb_ildap/ldb_ildap.c
+++ b/source4/lib/ldb/ldb_ildap/ldb_ildap.c
@@ -224,7 +224,7 @@ static int ildb_search_bytree(struct ldb_module *module, const struct ldb_dn *ba
 		msg = ldapres[i];
 		search = &msg->r.SearchResultEntry;
 
-		(*res)->msgs[i] = talloc(*res, struct ldb_message);
+		(*res)->msgs[i] = talloc((*res)->msgs, struct ldb_message);
 		if (!(*res)->msgs[i]) {
 			goto failed;
 		}
@@ -504,10 +504,8 @@ int ildb_connect(struct ldb_context *ldb, const char *url,
 	creds = talloc_get_type(ldb_get_opaque(ldb, "credentials"), struct cli_credentials);
 	if (creds == NULL) {
 		struct auth_session_info *session_info = talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"), struct auth_session_info);
-		if (session_info && session_info->credentials) {
+		if (session_info) {
 			creds = session_info->credentials;
-		} else {
-			creds = cmdline_credentials;
 		}
 	}