return ret;
}
- ldb_req_mark_untrusted(req);
+ if (!call->conn->is_privileged) {
+ ldb_req_mark_untrusted(req);
+ }
LDB_REQ_SET_LOCATION(req);
return ret;
}
- ldb_req_mark_untrusted(req);
+ if (!call->conn->is_privileged) {
+ ldb_req_mark_untrusted(req);
+ }
LDB_REQ_SET_LOCATION(req);
return ret;
}
- ldb_req_mark_untrusted(req);
+ if (!call->conn->is_privileged) {
+ ldb_req_mark_untrusted(req);
+ }
LDB_REQ_SET_LOCATION(req);
return ret;
}
- ldb_req_mark_untrusted(req);
+ if (!call->conn->is_privileged) {
+ ldb_req_mark_untrusted(req);
+ }
LDB_REQ_SET_LOCATION(req);
ldb_set_timeout(samdb, lreq, req->timelimit);
- ldb_req_mark_untrusted(lreq);
+ if (!call->conn->is_privileged) {
+ ldb_req_mark_untrusted(lreq);
+ }
LDB_REQ_SET_LOCATION(lreq);
for reading from that socket
*/
static void ldapsrv_accept(struct stream_connection *c,
- struct auth_session_info *session_info)
+ struct auth_session_info *session_info,
+ bool is_privileged)
{
struct ldapsrv_service *ldapsrv_service =
talloc_get_type(c->private_data, struct ldapsrv_service);
stream_terminate_connection(c, "ldapsrv_accept: out of memory");
return;
}
+ conn->is_privileged = is_privileged;
conn->sockets.send_queue = tevent_queue_create(conn, "ldapsev send queue");
if (conn->sockets.send_queue == NULL) {
"session info");
return;
}
- ldapsrv_accept(c, session_info);
+ ldapsrv_accept(c, session_info, false);
}
static const struct stream_server_ops ldap_stream_nonpriv_ops = {
"session info");
return;
}
- ldapsrv_accept(c, session_info);
+ ldapsrv_accept(c, session_info, true);
}
static const struct stream_server_ops ldap_stream_priv_ops = {