Changeset 740 for vendor/current/source4/ldap_server/ldap_extended.c

Timestamp:

Nov 14, 2012, 12:59:34 PM (13 years ago)

Author:

Silvan Scherrer

Message:

Samba Server: update vendor to 3.6.0

File:

• vendor/current/source4/ldap_server/ldap_extended.c (modified) (4 diffs)

vendor/current/source4/ldap_server/ldap_extended.c

@@ -21 +21 @@
 #include "ldap_server/ldap_server.h"
 #include "../lib/util/dlinklist.h"
-#include "libcli/ldap/ldap.h"
 #include "lib/tls/tls.h"
 #include "smbd/service_stream.h"
-
-struct ldapsrv_starttls_context {
+#include "../lib/util/tevent_ntstatus.h"
+
+struct ldapsrv_starttls_postprocess_context {
         struct ldapsrv_connection *conn;
-        struct socket_context *tls_socket;
-};
-
-static void ldapsrv_start_tls(void *private_data)
-{
-        struct ldapsrv_starttls_context *ctx = talloc_get_type(private_data, struct ldapsrv_starttls_context);
-        talloc_steal(ctx->conn->connection, ctx->tls_socket);
-
-        ctx->conn->sockets.tls = ctx->tls_socket;
-        ctx->conn->connection->socket = ctx->tls_socket;
-        packet_set_socket(ctx->conn->packet, ctx->conn->connection->socket);
-        packet_set_unreliable_select(ctx->conn->packet);
+};
+
+struct ldapsrv_starttls_postprocess_state {
+        struct ldapsrv_connection *conn;
+};
+
+static void ldapsrv_starttls_postprocess_done(struct tevent_req *subreq);
+
+static struct tevent_req *ldapsrv_starttls_postprocess_send(TALLOC_CTX *mem_ctx,
+                                                struct tevent_context *ev,
+                                                void *private_data)
+{
+        struct ldapsrv_starttls_postprocess_context *context =
+                talloc_get_type_abort(private_data,
+                struct ldapsrv_starttls_postprocess_context);
+        struct ldapsrv_connection *conn = context->conn;
+        struct tevent_req *req;
+        struct ldapsrv_starttls_postprocess_state *state;
+        struct tevent_req *subreq;
+
+        req = tevent_req_create(mem_ctx, &state,
+                                struct ldapsrv_starttls_postprocess_state);
+        if (req == NULL) {
+                return NULL;
+        }
+
+        state->conn = conn;
+
+        subreq = tstream_tls_accept_send(conn,
+                                         conn->connection->event.ctx,
+                                         conn->sockets.raw,
+                                         conn->service->tls_params);
+        if (tevent_req_nomem(subreq, req)) {
+                return tevent_req_post(req, ev);
+        }
+        tevent_req_set_callback(subreq, ldapsrv_starttls_postprocess_done, req);
+
+        return req;
+}
+
+static void ldapsrv_starttls_postprocess_done(struct tevent_req *subreq)
+{
+        struct tevent_req *req =
+                tevent_req_callback_data(subreq,
+                struct tevent_req);
+        struct ldapsrv_starttls_postprocess_state *state =
+                tevent_req_data(req,
+                struct ldapsrv_starttls_postprocess_state);
+        struct ldapsrv_connection *conn = state->conn;
+        int ret;
+        int sys_errno;
+
+        ret = tstream_tls_accept_recv(subreq, &sys_errno,
+                                      conn, &conn->sockets.tls);
+        TALLOC_FREE(subreq);
+        if (ret == -1) {
+                NTSTATUS status = map_nt_error_from_unix(sys_errno);
+
+                DEBUG(1,("ldapsrv_starttls_postprocess_done: accept_tls_loop: "
+                         "tstream_tls_accept_recv() - %d:%s => %s",
+                         sys_errno, strerror(sys_errno), nt_errstr(status)));
+
+                tevent_req_nterror(req, status);
+                return;
+        }
+
+        conn->sockets.active = conn->sockets.tls;
+
+        tevent_req_done(req);
+}
+
+static NTSTATUS ldapsrv_starttls_postprocess_recv(struct tevent_req *req)
+{
+        return tevent_req_simple_recv_ntstatus(req);
 }
 
@@ -45 +107 @@
                                  const char **errstr)
 {
-        struct ldapsrv_starttls_context *ctx;
+        struct ldapsrv_starttls_;
 
         (*errstr) = NULL;
@@ -60 +122 @@
         }
 
-        ctx = talloc(call, struct ldapsrv_starttls_context);
-        NT_STATUS_HAVE_NO_MEMORY(ctx);
-
-        ctx->conn = call->conn;
-        ctx->tls_socket = tls_init_server(call->conn->service->tls_params,
-                                          call->conn->connection->socket,
-                                          call->conn->connection->event.fde, 
-                                          NULL);
-        if (!ctx->tls_socket) {
-                (*errstr) = talloc_asprintf(reply, "START-TLS: Failed to setup TLS socket");
+        if (call->conn->sockets.sasl) {
+                (*errstr) = talloc_asprintf(reply, "START-TLS: SASL is already enabled on this LDAP session");
                 return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
         }
 
-        call->send_callback = ldapsrv_start_tls;
-        call->send_private  = ctx;
+        context = talloc(call, struct ldapsrv_starttls_postprocess_context);
+        NT_STATUS_HAVE_NO_MEMORY(context);
+
+        context->conn = call->conn;
+
+        call->postprocess_send = ldapsrv_starttls_postprocess_send;
+        call->postprocess_recv = ldapsrv_starttls_postprocess_recv;
+        call->postprocess_private = context;
 
         reply->msg->r.ExtendedResponse.response.resultcode = LDAP_SUCCESS;
@@ -105 +165 @@
         const char *error_str = NULL;
         NTSTATUS status = NT_STATUS_OK;
-        uint32_t i;
+        ut i;
 
         DEBUG(10, ("Extended\n"));