libcli: Speed up sddl_decode_ace()
[samba.git] / source3 / lib / tldap_tls_connect.c
blobec0c6e9818796670e26eeef7a42ea7c30ff3fb18
1 /*
2 * Unix SMB/CIFS implementation.
3 * tls based tldap connect
4 * Copyright (C) Stefan Metzmacher 2024
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "replace.h"
21 #include "tldap.h"
22 #include "tldap_tls_connect.h"
23 #include "lib/util/samba_util.h"
24 #include "lib/util/debug.h"
25 #include "lib/param/param.h"
26 #include "../libcli/util/ntstatus.h"
27 #include "../source4/lib/tls/tls.h"
29 struct tldap_tls_connect_state {
30 struct tevent_context *ev;
31 struct tldap_context *ctx;
32 struct tstream_tls_params *tls_params;
35 static void tldap_tls_connect_crypto_done(struct tevent_req *subreq);
37 struct tevent_req *tldap_tls_connect_send(TALLOC_CTX *mem_ctx,
38 struct tevent_context *ev,
39 struct tldap_context *ctx,
40 struct tstream_tls_params *tls_params)
42 struct tevent_req *req = NULL, *subreq = NULL;
43 struct tldap_tls_connect_state *state = NULL;
44 struct tstream_context *plain_stream = NULL;
46 req = tevent_req_create(mem_ctx, &state,
47 struct tldap_tls_connect_state);
48 if (req == NULL) {
49 return NULL;
51 state->ev = ev;
52 state->ctx = ctx;
53 state->tls_params = tls_params;
55 if (!tldap_connection_ok(ctx)) {
56 DBG_ERR("tldap_connection_ok() => false\n");
57 tevent_req_ldap_error(req, TLDAP_CONNECT_ERROR);
58 return tevent_req_post(req, ev);
61 if (tldap_has_gensec_tstream(ctx)) {
62 DBG_ERR("tldap_has_gensec_tstream() => true\n");
63 tevent_req_ldap_error(req, TLDAP_LOCAL_ERROR);
64 return tevent_req_post(req, ev);
67 plain_stream = tldap_get_plain_tstream(state->ctx);
68 if (plain_stream == NULL) {
69 DBG_ERR("tldap_get_plain_tstream() = NULL\n");
70 tevent_req_ldap_error(req, TLDAP_LOCAL_ERROR);
71 return req;
74 subreq = tstream_tls_connect_send(state,
75 state->ev,
76 plain_stream,
77 state->tls_params);
78 if (tevent_req_nomem(subreq, req)) {
79 return tevent_req_post(req, ev);
81 tevent_req_set_callback(subreq,
82 tldap_tls_connect_crypto_done,
83 req);
84 return req;
87 static void tldap_tls_connect_crypto_done(struct tevent_req *subreq)
89 struct tevent_req *req = tevent_req_callback_data(
90 subreq, struct tevent_req);
91 struct tldap_tls_connect_state *state = tevent_req_data(
92 req, struct tldap_tls_connect_state);
93 struct tstream_context *tls_stream = NULL;
94 int ret;
95 int error;
97 ret = tstream_tls_connect_recv(subreq, &error, state, &tls_stream);
98 TALLOC_FREE(subreq);
99 if (ret != 0) {
100 DBG_ERR("tstream_tls_connect_recv(%s): %d %d\n",
101 tstream_tls_params_peer_name(state->tls_params),
102 ret,
103 error);
104 tevent_req_ldap_error(req, TLDAP_CONNECT_ERROR);
105 return;
108 tldap_set_tls_tstream(state->ctx, &tls_stream);
110 tevent_req_done(req);
113 TLDAPRC tldap_tls_connect_recv(struct tevent_req *req)
115 TLDAPRC rc;
117 if (tevent_req_is_ldap_error(req, &rc)) {
118 return rc;
121 return TLDAP_SUCCESS;
124 TLDAPRC tldap_tls_connect(struct tldap_context *ctx,
125 struct tstream_tls_params *tls_params)
127 TALLOC_CTX *frame = talloc_stackframe();
128 struct tevent_context *ev;
129 struct tevent_req *req;
130 TLDAPRC rc = TLDAP_NO_MEMORY;
132 ev = samba_tevent_context_init(frame);
133 if (ev == NULL) {
134 goto fail;
136 req = tldap_tls_connect_send(frame, ev, ctx, tls_params);
137 if (req == NULL) {
138 goto fail;
140 if (!tevent_req_poll(req, ev)) {
141 rc = TLDAP_OPERATIONS_ERROR;
142 goto fail;
144 rc = tldap_tls_connect_recv(req);
145 fail:
146 TALLOC_FREE(frame);
147 return rc;