#include "dlinklist.h"
#include "lib/events/events.h"
#include "lib/socket/socket.h"
+#include "lib/tls/tls.h"
#include "libcli/ldap/ldap.h"
#include "libcli/ldap/ldap_client.h"
}
}
- talloc_free(conn->sock);
- conn->sock = NULL;
+ talloc_free(conn->tls);
+ conn->tls = NULL;
}
req->replies[req->num_replies] = talloc_steal(req->replies, msg);
req->num_replies++;
- if (msg->type != LDAP_TAG_SearchResultEntry) {
+ if (msg->type != LDAP_TAG_SearchResultEntry &&
+ msg->type != LDAP_TAG_SearchResultReference) {
/* currently only search results expect multiple
replies */
req->state = LDAP_REQUEST_DONE;
/* try and decode - this will fail if we don't have a full packet yet */
while (asn1.ofs < asn1.length) {
struct ldap_message *msg = talloc(conn, struct ldap_message);
+ off_t saved_ofs = asn1.ofs;
+
if (msg == NULL) {
ldap_connection_dead(conn);
return;
if (ldap_decode(&asn1, msg)) {
ldap_match_message(conn, msg);
} else {
+ asn1.ofs = saved_ofs;
talloc_free(msg);
break;
}
/* keep any remaining data in conn->partial */
data_blob_free(&conn->partial);
- if (asn1.ofs != conn->partial.length) {
+ if (asn1.ofs != asn1.length) {
conn->partial = data_blob_talloc(conn,
asn1.data + asn1.ofs,
asn1.length - asn1.ofs);
return;
}
- if (ldap_decode(&asn1, msg)) {
+ while (ldap_decode(&asn1, msg)) {
ldap_match_message(conn, msg);
- } else {
- talloc_free(msg);
+ msg = talloc(conn, struct ldap_message);
}
+ talloc_free(msg);
asn1_free(&asn1);
if (conn->partial.length == len + 4) {
size_t npending=0, nread;
/* work out how much data is pending */
- status = socket_pending(conn->sock, &npending);
+ status = tls_socket_pending(conn->tls, &npending);
if (!NT_STATUS_IS_OK(status) || npending == 0) {
- DEBUG(0,("ldap_recv_handler - pending=%d - %s\n",
- (int)npending, nt_errstr(status)));
+ ldap_connection_dead(conn);
return;
}
}
/* receive the pending data */
- status = socket_recv(conn->sock, conn->partial.data + conn->partial.length,
- npending, &nread, 0);
+ status = tls_socket_recv(conn->tls, conn->partial.data + conn->partial.length,
+ npending, &nread);
if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
return;
}
size_t nsent;
NTSTATUS status;
- status = socket_send(conn->sock, &req->data, &nsent, 0);
+ status = tls_socket_send(conn->tls, &req->data, &nsent);
if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
break;
}
struct ldap_connection *conn = talloc_get_type(private, struct ldap_connection);
if (flags & EVENT_FD_WRITE) {
ldap_send_handler(conn);
- if (conn->sock == NULL) return;
+ if (conn->tls == NULL) return;
}
if (flags & EVENT_FD_READ) {
ldap_recv_handler(conn);
return NT_STATUS_INTERNAL_ERROR;
}
+ conn->tls = tls_init_client(conn->sock, conn->event.fde, conn->ldaps);
+ if (conn->tls == NULL) {
+ talloc_free(conn->sock);
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+ talloc_steal(conn, conn->tls);
+ talloc_steal(conn->tls, conn->sock);
+
return NT_STATUS_OK;
}
{
struct ldap_request *req;
- if (conn->sock == NULL) {
+ if (conn->tls == NULL) {
return NULL;
}
}
conn->last_error = talloc_asprintf(conn, "LDAP error %u - %s <%s> <%s>",
r->resultcode,
- r->dn, r->errormessage, r->referral);
+ r->dn?r->dn:"(NULL)",
+ r->errormessage?r->errormessage:"",
+ r->referral?r->referral:"");
return NT_STATUS_LDAP(r->resultcode);
}