sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-09 09:57:48 +03:00
Code

r22153: fix LDAP SASL "GSSAPI" bind against w2k3, this isn't critical

Browse Source 
because we try "GSS-SPNEGO" first and all windows version support
that.

metze
This commit is contained in:
Stefan Metzmacher 2007-04-10 16:04:22 +00:00 committed by Gerald (Jerry) Carter
parent 7f61b3f009
commit 34a5badbde
1 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
source/libads/sasl.c
View File

@ -441,7 +441,8 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads)
gss_release_buffer(&minor_status, &output_token);
output_token.value = SMB_MALLOC(strlen(ads->config.bind_path) + 8);
output_token.length = 4;
output_token.value = SMB_MALLOC(output_token.length);
p = (uint8 *)output_token.value;
*p++ = 1; /* no sign & seal selection */
@ -449,10 +450,14 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads)
*p++ = max_msg_size>>16;
*p++ = max_msg_size>>8;
*p++ = max_msg_size;
snprintf((char *)p, strlen(ads->config.bind_path)+4, "dn:%s", ads->config.bind_path);
p += strlen((const char *)p);
output_token.length = PTR_DIFF(p, output_token.value);
/*
* we used to add sprintf("dn:%s", ads->config.bind_path) here.
* but using ads->config.bind_path is the wrong! It should be
* the DN of the user object!
*
* w2k3 gives an error when we send an incorrect DN, but sending nothing
* is ok and matches the information flow used in GSS-SPNEGO.
*/
gss_rc = gss_wrap(&minor_status, context_handle,0,GSS_C_QOP_DEFAULT,
&output_token, (int *)&conf_state,