From 9d6f2767179fad2f9a067c67c09afddb6304e4eb Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 25 Jul 2006 00:57:27 +0000
Subject: r17222: Change the function prototypes for the GENSEc and TLS socket
 creation routines to return an NTSTATUS.  This should help track down errors.

Use a bit of talloc_steal and talloc_unlink to get the real socket to
be a child of the GENSEC or TLS socket.

Always return a new socket, even for the 'pass-though' case.

Andrew Bartlett
(This used to be commit 003e2ab93c87267ba28cd67bd85975bad62a8ea2)
---
 source4/libcli/ldap/ldap_bind.c   | 21 ++++++++++++---------
 source4/libcli/ldap/ldap_client.c | 11 ++++++-----
 2 files changed, 18 insertions(+), 14 deletions(-)

(limited to 'source4/libcli/ldap')

diff --git a/source4/libcli/ldap/ldap_bind.c b/source4/libcli/ldap/ldap_bind.c
index 2b209c3871..f1f7872455 100644
--- a/source4/libcli/ldap/ldap_bind.c
+++ b/source4/libcli/ldap/ldap_bind.c
@@ -370,15 +370,18 @@ NTSTATUS ldap_bind_sasl(struct ldap_connection *conn, struct cli_credentials *cr
 	talloc_free(tmp_ctx);
 
 	if (NT_STATUS_IS_OK(status)) {
-		struct socket_context *socket = gensec_socket_init(conn->gensec, 
-								   conn->sock,
-								   conn->event.event_ctx, 
-								   ldap_read_io_handler,
-								   conn);
-		if (socket) {
-			conn->sock = socket;
-			talloc_steal(conn->sock, socket);
-			packet_set_socket(conn->packet, socket);
+		struct socket_context *sasl_socket;
+		status = gensec_socket_init(conn->gensec, 
+					    conn->sock,
+					    conn->event.event_ctx, 
+					    ldap_read_io_handler,
+					    conn,
+					    &sasl_socket);
+		if (NT_STATUS_IS_OK(status)) {
+			talloc_steal(conn->sock, sasl_socket);
+			talloc_unlink(conn, conn->sock);
+			conn->sock = sasl_socket;
+			packet_set_socket(conn->packet, conn->sock);
 		} else {
 			status = NT_STATUS_NO_MEMORY;
 			goto failed;
diff --git a/source4/libcli/ldap/ldap_client.c b/source4/libcli/ldap/ldap_client.c
index 2e834b5244..eb7b9c6327 100644
--- a/source4/libcli/ldap/ldap_client.c
+++ b/source4/libcli/ldap/ldap_client.c
@@ -320,7 +320,6 @@ struct composite_context *ldap_connect_send(struct ldap_connection *conn,
 
 static void ldap_connect_recv_conn(struct composite_context *ctx)
 {
-	struct socket_context *initial_socket;
 	struct ldap_connect_state *state =
 		talloc_get_type(ctx->async.private_data,
 				struct ldap_connect_state);
@@ -341,13 +340,15 @@ static void ldap_connect_recv_conn(struct composite_context *ctx)
 	}
 
 	talloc_steal(conn, conn->sock);
-	initial_socket = conn->sock;
 	if (conn->ldaps) {
-		conn->sock = tls_init_client(conn->sock, conn->event.fde);
-		if (conn->sock == NULL) {
-			talloc_free(initial_socket);
+		struct socket_context *tls_socket = tls_init_client(conn->sock, conn->event.fde);
+		if (tls_socket == NULL) {
+			talloc_free(conn->sock);
 			return;
 		}
+		talloc_unlink(conn, conn->sock);
+		conn->sock = tls_socket;
+		talloc_steal(conn, conn->sock);
 	}
 
 	conn->packet = packet_init(conn);
-- 
cgit