lib: Make sid_parse return the parsed length

[samba.git] / source3 / lib / smbldap.c

diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index ba845af4778701ef8de113d2e2b0478392276915..cdd350fffa1e23051594b7efbedc197456472085 100644 (file)
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -35,12 +35,54 @@
 
 #define SMBLDAP_IDLE_TIME 150          /* After 2.5 minutes disconnect */
 
+struct smbldap_state {
+       LDAP *ldap_struct;
+       pid_t pid;
+       time_t last_ping; /* monotonic */
+       /* retrieve-once info */
+       const char *uri;
+
+       /* credentials */
+       bool anonymous;
+       char *bind_dn;
+       char *bind_secret;
+       smbldap_bind_callback_fn bind_callback;
+       void *bind_callback_data;
+
+       bool paged_results;
+
+       unsigned int num_failures;
+
+       time_t last_use; /* monotonic */
+       struct tevent_context *tevent_context;
+       struct tevent_timer *idle_event;
+
+       struct timeval last_rebind; /* monotonic */
+};
+
 LDAP *smbldap_get_ldap(struct smbldap_state *state)
 {
        return state->ldap_struct;
 }
 
+bool smbldap_get_paged_results(struct smbldap_state *state)
+{
+       return state->paged_results;
+}
+
+void smbldap_set_paged_results(struct smbldap_state *state,
+                              bool paged_results)
+{
+       state->paged_results = paged_results;
+}
 
+void smbldap_set_bind_callback(struct smbldap_state *state,
+                              smbldap_bind_callback_fn callback,
+                              void *callback_data)
+{
+       state->bind_callback = callback;
+       state->bind_callback_data = callback_data;
+}
 /*******************************************************************
  Search an attribute and return the first value found.
 ******************************************************************/
@@ -236,7 +278,7 @@ LDAP *smbldap_get_ldap(struct smbldap_state *state)
                       struct dom_sid *sid)
 {
        DATA_BLOB blob;
-       bool ret;
+       struct sid_parse_ret ret;
 
        if (!smbldap_talloc_single_blob(talloc_tos(), ld, msg, attrib,
                                        &blob)) {
@@ -244,7 +286,7 @@ LDAP *smbldap_get_ldap(struct smbldap_state *state)
        }
        ret = sid_parse(blob.data, blob.length, sid);
        TALLOC_FREE(blob.data);
-       return ret;
+       return (ret.len != -1);
 }
 
  static int ldapmsg_destructor(LDAPMessage **result) {
@@ -562,7 +604,7 @@ static void smbldap_store_state(LDAP *ld, struct smbldap_state *smbldap_state)
 int smbldap_start_tls(LDAP *ldap_struct, int version)
 { 
 #ifdef LDAP_OPT_X_TLS
-       int rc;
+       int rc,tls;
 #endif
 
        if (lp_ldap_ssl() != LDAP_SSL_START_TLS) {
@@ -570,6 +612,12 @@ int smbldap_start_tls(LDAP *ldap_struct, int version)
        }
 
 #ifdef LDAP_OPT_X_TLS
+       /* check if we use ldaps already */
+       ldap_get_option(ldap_struct, LDAP_OPT_X_TLS, &tls);
+       if (tls == LDAP_OPT_X_TLS_HARD) {
+               return LDAP_SUCCESS;
+       }
+
        if (version != LDAP_VERSION3) {
                DEBUG(0, ("Need LDAPv3 for Start TLS\n"));
                return LDAP_OPERATIONS_ERROR;
@@ -1690,8 +1738,7 @@ void smbldap_free_struct(struct smbldap_state **ldap_state)
 
        SAFE_FREE((*ldap_state)->bind_dn);
        SAFE_FREE((*ldap_state)->bind_secret);
-       (*ldap_state)->bind_callback = NULL;
-       (*ldap_state)->bind_callback_data = NULL;
+       smbldap_set_bind_callback(*ldap_state, NULL, NULL);
 
        TALLOC_FREE(*ldap_state);
 
@@ -1871,8 +1918,7 @@ bool smbldap_set_creds(struct smbldap_state *ldap_state, bool anon, const char *
        /* free any previously set credential */
 
        SAFE_FREE(ldap_state->bind_dn);
-       ldap_state->bind_callback = NULL;
-       ldap_state->bind_callback_data = NULL;
+       smbldap_set_bind_callback(ldap_state, NULL, NULL);
 
        if (ldap_state->bind_secret) {
                /* make sure secrets are zeroed out of memory */