struct tldap_tls_connect_state {
struct tevent_context *ev;
struct tldap_context *ctx;
- struct loadparm_context *lp_ctx;
- const char *peer_name;
+ struct tstream_tls_params *tls_params;
};
static void tldap_tls_connect_starttls_done(struct tevent_req *subreq);
static void tldap_tls_connect_crypto_start(struct tevent_req *req);
static void tldap_tls_connect_crypto_done(struct tevent_req *subreq);
-struct tevent_req *tldap_tls_connect_send(
- TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct tldap_context *ctx,
- struct loadparm_context *lp_ctx,
- const char *peer_name)
+struct tevent_req *tldap_tls_connect_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tldap_context *ctx,
+ struct tstream_tls_params *tls_params)
{
struct tevent_req *req = NULL;
struct tldap_tls_connect_state *state = NULL;
}
state->ev = ev;
state->ctx = ctx;
- state->lp_ctx = lp_ctx;
- state->peer_name = peer_name;
+ state->tls_params = tls_params;
if (!tldap_connection_ok(ctx)) {
DBG_ERR("tldap_connection_ok() => false\n");
TALLOC_FREE(subreq);
if (!TLDAP_RC_IS_SUCCESS(rc)) {
DBG_ERR("tldap_extended_recv(STARTTLS, %s): %s\n",
- state->peer_name, tldap_rc2string(rc));
+ tstream_tls_params_peer_name(state->tls_params),
+ tldap_rc2string(rc));
tevent_req_ldap_error(req, rc);
return;
}
struct tldap_tls_connect_state *state = tevent_req_data(
req, struct tldap_tls_connect_state);
struct tstream_context *plain_stream = NULL;
- struct tstream_tls_params *tls_params = NULL;
struct tevent_req *subreq = NULL;
- NTSTATUS status;
plain_stream = tldap_get_plain_tstream(state->ctx);
if (plain_stream == NULL) {
return;
}
- status = tstream_tls_params_client_lpcfg(state,
- state->lp_ctx,
- state->peer_name,
- &tls_params);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_ERR("tstream_tls_params_client_lpcfg(%s): %s\n",
- state->peer_name, nt_errstr(status));
- tevent_req_ldap_error(req, TLDAP_LOCAL_ERROR);
- return;
- }
-
subreq = tstream_tls_connect_send(state,
state->ev,
plain_stream,
- tls_params);
+ state->tls_params);
if (tevent_req_nomem(subreq, req)) {
return;
}
TALLOC_FREE(subreq);
if (ret != 0) {
DBG_ERR("tstream_tls_connect_recv(%s): %d %d\n",
- state->peer_name, ret, error);
+ tstream_tls_params_peer_name(state->tls_params),
+ ret,
+ error);
tevent_req_ldap_error(req, TLDAP_CONNECT_ERROR);
return;
}
return TLDAP_SUCCESS;
}
-TLDAPRC tldap_tls_connect(
- struct tldap_context *ctx,
- struct loadparm_context *lp_ctx,
- const char *peer_name)
+TLDAPRC tldap_tls_connect(struct tldap_context *ctx,
+ struct tstream_tls_params *tls_params)
{
TALLOC_CTX *frame = talloc_stackframe();
struct tevent_context *ev;
if (ev == NULL) {
goto fail;
}
- req = tldap_tls_connect_send(frame,
- ev,
- ctx,
- lp_ctx,
- peer_name);
+ req = tldap_tls_connect_send(frame, ev, ctx, tls_params);
if (req == NULL) {
goto fail;
}
struct tevent_context;
struct tldap_context;
struct loadparm_context;
+struct tstream_tls_params;
struct tevent_req *tldap_tls_connect_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct tldap_context *ctx,
- struct loadparm_context *lp_ctx,
- const char *peer_name);
+ struct tstream_tls_params *tls_params);
TLDAPRC tldap_tls_connect_recv(struct tevent_req *req);
-TLDAPRC tldap_tls_connect(
- struct tldap_context *ctx,
- struct loadparm_context *lp_ctx,
- const char *peer_name);
+TLDAPRC tldap_tls_connect(struct tldap_context *ctx,
+ struct tstream_tls_params *tls_params);
#endif
#include "lib/util/string_wrappers.h"
#include "source3/lib/substitute.h"
#include "ads.h"
+#include "source4/lib/tls/tls.h"
#include <gnutls/gnutls.h>
#include <gnutls/crypto.h>
}
if (use_tls && !tldap_has_tls_tstream(ld)) {
+ struct tstream_tls_params *tls_params = NULL;
+
tldap_set_starttls_needed(ld, use_starttls);
- rc = tldap_tls_connect(ld, lp_ctx, host);
+ status = tstream_tls_params_client_lpcfg(talloc_tos(),
+ lp_ctx,
+ host,
+ &tls_params);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_ERR("tstream_tls_params_client_lpcfg failed: %s\n",
+ nt_errstr(status));
+ return false;
+ }
+
+ rc = tldap_tls_connect(ld, tls_params);
if (!TLDAP_RC_IS_SUCCESS(rc)) {
DBG_ERR("tldap_tls_connect(%s) failed: %s\n",
host, tldap_errstr(talloc_tos(), ld, rc));
#include "source3/librpc/gen_ndr/ads.h"
#include "source3/lib/global_contexts.h"
#include <ldb.h>
+#include "source4/lib/tls/tls.h"
struct idmap_ad_schema_names;
}
if (use_tls && !tldap_has_tls_tstream(ld)) {
+ struct tstream_tls_params *tls_params = NULL;
+
tldap_set_starttls_needed(ld, use_starttls);
- rc = tldap_tls_connect(ld, lp_ctx, dcinfo->dc_unc);
+ status = tstream_tls_params_client_lpcfg(talloc_tos(),
+ lp_ctx,
+ dcinfo->dc_unc,
+ &tls_params);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_ERR("tstream_tls_params_client_lpcfg failed: %s\n",
+ nt_errstr(status));
+ TALLOC_FREE(dcinfo);
+ return status;
+ }
+
+ rc = tldap_tls_connect(ld, tls_params);
if (!TLDAP_RC_IS_SUCCESS(rc)) {
DBG_ERR("tldap_gensec_bind(%s) failed: %s\n",
dcinfo->dc_unc,
projects / thirdparty / samba.git / commitdiff
