From 9d6f2767179fad2f9a067c67c09afddb6304e4eb Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 25 Jul 2006 00:57:27 +0000 Subject: r17222: Change the function prototypes for the GENSEc and TLS socket creation routines to return an NTSTATUS. This should help track down errors. Use a bit of talloc_steal and talloc_unlink to get the real socket to be a child of the GENSEC or TLS socket. Always return a new socket, even for the 'pass-though' case. Andrew Bartlett (This used to be commit 003e2ab93c87267ba28cd67bd85975bad62a8ea2) --- source4/ldap_server/ldap_bind.c | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) (limited to 'source4/ldap_server/ldap_bind.c') diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c index 3afb617499..daa82c1e48 100644 --- a/source4/ldap_server/ldap_bind.c +++ b/source4/ldap_server/ldap_bind.c @@ -98,9 +98,11 @@ struct ldapsrv_sasl_context { static void ldapsrv_set_sasl(void *private) { struct ldapsrv_sasl_context *ctx = talloc_get_type(private, struct ldapsrv_sasl_context); + talloc_steal(ctx->conn->connection, ctx->sasl_socket); + talloc_unlink(ctx->conn->connection, ctx->conn->connection->socket); + ctx->conn->connection->socket = ctx->sasl_socket; - talloc_steal(ctx->conn->connection->socket, ctx->sasl_socket); - packet_set_socket(ctx->conn->packet, ctx->sasl_socket); + packet_set_socket(ctx->conn->packet, ctx->conn->connection->socket); } static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call) @@ -193,21 +195,24 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call) ctx = talloc(call, struct ldapsrv_sasl_context); - if (ctx) { + if (!ctx) { + status = NT_STATUS_NO_MEMORY; + } else { ctx->conn = conn; - ctx->sasl_socket = gensec_socket_init(conn->gensec, - conn->connection->socket, - conn->connection->event.ctx, - stream_io_handler_callback, - conn->connection); - } - - if (!ctx || !ctx->sasl_socket) { + status = gensec_socket_init(conn->gensec, + conn->connection->socket, + conn->connection->event.ctx, + stream_io_handler_callback, + conn->connection, + &ctx->sasl_socket); + } + + if (!ctx || !NT_STATUS_IS_OK(status)) { conn->session_info = old_session_info; result = LDAP_OPERATIONS_ERROR; errstr = talloc_asprintf(reply, - "SASL:[%s]: Failed to setup SASL socket (out of memory)", - req->creds.SASL.mechanism); + "SASL:[%s]: Failed to setup SASL socket: %s", + req->creds.SASL.mechanism, nt_errstr(status)); } else { call->send_callback = ldapsrv_set_sasl; -- cgit