diff options
author | Stefan Metzmacher <metze@samba.org> | 2017-05-12 12:04:59 +0200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-06-15 09:13:23 +0200 |
commit | 399936239c24cc71430d1187d05e8d38284bda62 (patch) | |
tree | 28be37fb1b60be6501b48aa6bd67fdc6cff4f47d /source4/ldap_server | |
parent | dc56e8874fbb07385bed79419529c93fb7f4c561 (diff) | |
download | samba-399936239c24cc71430d1187d05e8d38284bda62.tar.gz |
s4:ldap_server: do the transport validation before calling gensec_create_tstream()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/ldap_server')
-rw-r--r-- | source4/ldap_server/ldap_bind.c | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c index e259727484a..6a88891152f 100644 --- a/source4/ldap_server/ldap_bind.c +++ b/source4/ldap_server/ldap_bind.c @@ -467,18 +467,7 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call) goto do_reply; } - if (context) { - context->conn = conn; - status = gensec_create_tstream(context, - context->conn->gensec, - context->conn->sockets.raw, - &context->sasl); - if (NT_STATUS_IS_OK(status)) { - if (!talloc_reference(context->sasl, conn->gensec)) { - status = NT_STATUS_NO_MEMORY; - } - } - } else { + if (context == NULL) { switch (call->conn->require_strong_auth) { case LDAP_SERVER_REQUIRE_STRONG_AUTH_NO: break; @@ -503,6 +492,19 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call) } } + if (context != NULL) { + context->conn = conn; + status = gensec_create_tstream(context, + context->conn->gensec, + context->conn->sockets.raw, + &context->sasl); + if (NT_STATUS_IS_OK(status)) { + if (!talloc_reference(context->sasl, conn->gensec)) { + status = NT_STATUS_NO_MEMORY; + } + } + } + if (result != LDAP_SUCCESS) { } else if (!NT_STATUS_IS_OK(status)) { result = LDAP_OPERATIONS_ERROR; |