From 9d6f2767179fad2f9a067c67c09afddb6304e4eb Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 25 Jul 2006 00:57:27 +0000
Subject: r17222: Change the function prototypes for the GENSEc and TLS socket
 creation routines to return an NTSTATUS.  This should help track down errors.

Use a bit of talloc_steal and talloc_unlink to get the real socket to
be a child of the GENSEC or TLS socket.

Always return a new socket, even for the 'pass-though' case.

Andrew Bartlett
(This used to be commit 003e2ab93c87267ba28cd67bd85975bad62a8ea2)
---
 source4/ldap_server/ldap_server.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'source4/ldap_server/ldap_server.c')

diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index cfbe6eb5b2..7807a93666 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -342,12 +342,16 @@ static void ldapsrv_accept(struct stream_connection *c)
 	talloc_free(socket_address);
 
 	if (port == 636) {
-		c->socket = tls_init_server(ldapsrv_service->tls_params, c->socket, 
-					    c->event.fde, NULL);
-		if (!c->socket) {
+		struct socket_context *tls_socket = tls_init_server(ldapsrv_service->tls_params, c->socket, 
+								    c->event.fde, NULL);
+		if (!tls_socket) {
 			ldapsrv_terminate_connection(conn, "ldapsrv_accept: tls_init_server() failed");
 			return;
 		}
+		talloc_unlink(c, c->socket);
+		talloc_steal(c, tls_socket);
+		c->socket = tls_socket;
+
 	} else if (port == 3268) /* Global catalog */ {
 		conn->global_catalog = True;
 	}
-- 
cgit