r17222: Change the function prototypes for the GENSEc and TLS socket creation

routines to return an NTSTATUS.  This should help track down errors.

Use a bit of talloc_steal and talloc_unlink to get the real socket to
be a child of the GENSEC or TLS socket.

Always return a new socket, even for the 'pass-though' case.

Andrew Bartlett
(This used to be commit 003e2ab93c87267ba28cd67bd85975bad62a8ea2)

2 files changed, 39 insertions, 10 deletions

diff --git a/source4/lib/stream/packet.c b/source4/lib/stream/packet.c
index 2759c75214..0d14435486 100644
--- a/source4/lib/stream/packet.c
+++ b/source4/lib/stream/packet.c
@@ -270,6 +270,16 @@ _PUBLIC_ void packet_recv(struct packet_context *pc)
 		return;
 	}
 
+	if (npending + pc->num_read < npending) {
+		packet_error(pc, NT_STATUS_INVALID_PARAMETER);
+		return;
+	}
+
+	if (npending + pc->num_read < pc->num_read) {
+		packet_error(pc, NT_STATUS_INVALID_PARAMETER);
+		return;
+	}
+
 	/* possibly expand the partial packet buffer */
 	if (npending + pc->num_read > pc->partial.length) {
 		status = data_blob_realloc(pc, &pc->partial, npending+pc->num_read);
@@ -279,6 +289,20 @@ _PUBLIC_ void packet_recv(struct packet_context *pc)
 		}
 	}
 
+	if (pc->partial.length < pc->num_read + npending) {
+		packet_error(pc, NT_STATUS_INVALID_PARAMETER);
+		return;
+	}
+
+	if ((uint8_t *)pc->partial.data + pc->num_read < (uint8_t *)pc->partial.data) {
+		packet_error(pc, NT_STATUS_INVALID_PARAMETER);
+		return;
+	}
+	if ((uint8_t *)pc->partial.data + pc->num_read + npending < (uint8_t *)pc->partial.data) {
+		packet_error(pc, NT_STATUS_INVALID_PARAMETER);
+		return;
+	}
+
 	status = socket_recv(pc->sock, pc->partial.data + pc->num_read, 
 			     npending, &nread);
 
@@ -337,6 +361,7 @@ next_partial:
 			packet_error(pc, NT_STATUS_NO_MEMORY);
 			return;
 		}
+		/* Trunate the blob sent to the caller to only the packet length */
 		status = data_blob_realloc(pc, &blob, pc->packet_size);
 		if (!NT_STATUS_IS_OK(status)) {
 			packet_error(pc, status);
diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c
index f9213af2a7..9a37dd0bc3 100644
--- a/source4/lib/tls/tls.c
+++ b/source4/lib/tls/tls.c
@@ -433,9 +433,9 @@ init_failed:
   setup for a new connection
 */
 struct socket_context *tls_init_server(struct tls_params *params, 
-				    struct socket_context *socket,
-				    struct fd_event *fde, 
-				    const char *plain_chars)
+				       struct socket_context *socket,
+				       struct fd_event *fde, 
+				       const char *plain_chars)
 {
 	struct tls_context *tls;
 	int ret;
@@ -457,17 +457,19 @@ struct socket_context *tls_init_server(struct tls_params *params,
 	tls->socket          = socket;
 	tls->fde             = fde;
 	if (talloc_reference(tls, fde) == NULL) {
+		talloc_free(new_sock);
 		return NULL;
 	}
 	if (talloc_reference(tls, socket) == NULL) {
+		talloc_free(new_sock);
 		return NULL;
 	}
 
 	new_sock->private_data    = tls;
 
 	if (!params->tls_enabled) {
-		tls->tls_enabled = False;
-		return new_sock;
+		talloc_free(new_sock);
+		return NULL;
 	}
 
 	TLSCHECK(gnutls_init(&tls->session, GNUTLS_SERVER));
@@ -503,9 +505,8 @@ struct socket_context *tls_init_server(struct tls_params *params,
 
 failed:
 	DEBUG(0,("TLS init connection failed - %s\n", gnutls_strerror(ret)));
-	tls->tls_enabled = False;
-	params->tls_enabled = False;
-	return new_sock;
+	talloc_free(new_sock);
+	return NULL;
 }
 
 
@@ -649,7 +650,10 @@ struct socket_context *tls_init_server(struct tls_params *params,
 				    struct fd_event *fde, 
 				    const char *plain_chars)
 {
-	return socket;
+	if (plain_chars) {
+		return socket;
+	}
+	return NULL;
 }
 
 
@@ -659,7 +663,7 @@ struct socket_context *tls_init_server(struct tls_params *params,
 struct socket_context *tls_init_client(struct socket_context *socket,
 				       struct fd_event *fde)
 {
-	return socket;
+	return NULL;
 }
 
 BOOL tls_support(struct tls_params *params)