From b8b874ef5e40d266a54501ba4523c6af7032ca00 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 13 Feb 2024 16:50:23 +0100
Subject: [PATCH] s3:rpc_server/mdssvc: make use of
 tstream_tls_params_client_lpcfg()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15621

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 source3/rpc_server/mdssvc/mdssvc_es.c | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/source3/rpc_server/mdssvc/mdssvc_es.c b/source3/rpc_server/mdssvc/mdssvc_es.c
index 8460b48b80a..d51441092b4 100644
--- a/source3/rpc_server/mdssvc/mdssvc_es.c
+++ b/source3/rpc_server/mdssvc/mdssvc_es.c
@@ -29,6 +29,7 @@
 #include "mdssvc.h"
 #include "mdssvc_es.h"
 #include "rpc_server/mdssvc/es_parser.tab.h"
+#include "lib/param/param.h"
 
 #include <jansson.h>
 
@@ -246,18 +247,18 @@ static struct tevent_req *mds_es_connect_send(
 		  use_tls ? "S" : "", state->server_addr, state->server_port);
 
 	if (use_tls) {
-		const char *ca_file = lp__tls_cafile();
-		const char *crl_file = lp__tls_crlfile();
-		const char *tls_priority = lp_tls_priority();
-		enum tls_verify_peer_state verify_peer = lp_tls_verify_peer();
-
-		status = tstream_tls_params_client(state,
-						   ca_file,
-						   crl_file,
-						   tls_priority,
-						   verify_peer,
-						   state->server_addr,
-						   &state->tls_params);
+		struct loadparm_context *lp_ctx = NULL;
+
+		lp_ctx = loadparm_init_s3(state, loadparm_s3_helpers());
+		if (tevent_req_nomem(lp_ctx, req)) {
+			return tevent_req_post(req, ev);
+		}
+
+		status = tstream_tls_params_client_lpcfg(state,
+							 lp_ctx,
+							 state->server_addr,
+							 &state->tls_params);
+		TALLOC_FREE(lp_ctx);
 		if (!NT_STATUS_IS_OK(status)) {
 			DBG_ERR("Failed tstream_tls_params_client - %s\n",
 				nt_errstr(status));
-- 
2.11.4.GIT