r24804: As a temporary workaround, also try to guess the server's principal in the

"not_defined_in_RFC4178@please_ignore" case to make at least LDAP SASL binds
succeed with windows server 2008.

Guenther
(This used to be commit f5b3de4d3069eaa750240e3422bac5cb169b6c0a)

1 files changed, 58 insertions, 0 deletions

diff --git a/source3/libads/util.c b/source3/libads/util.c
index 2fb9fa81b4..a0c9d8f4c4 100644
--- a/source3/libads/util.c
+++ b/source3/libads/util.c
@@ -51,4 +51,62 @@ failed:
 	SAFE_FREE(password);
 	return ret;
 }
+
+ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads,
+				       const char *given_principal,
+				       char **returned_principal)
+{
+	char *princ = NULL;
+
+	if (ads->server.realm && ads->server.ldap_server) {
+		char *server, *server_realm;
+
+		server = SMB_STRDUP(ads->server.ldap_server);
+		server_realm = SMB_STRDUP(ads->server.realm);
+
+		if (!server || !server_realm) {
+			return ADS_ERROR(LDAP_NO_MEMORY);
+		}
+
+		strlower_m(server);
+		strupper_m(server_realm);
+		asprintf(&princ, "ldap/%s@%s", server, server_realm);
+
+		SAFE_FREE(server);
+		SAFE_FREE(server_realm);
+
+		if (!princ) {
+			return ADS_ERROR(LDAP_NO_MEMORY);
+		}
+	} else if (ads->config.realm && ads->config.ldap_server_name) {
+		char *server, *server_realm;
+
+		server = SMB_STRDUP(ads->config.ldap_server_name);
+		server_realm = SMB_STRDUP(ads->config.realm);
+
+		if (!server || !server_realm) {
+			return ADS_ERROR(LDAP_NO_MEMORY);
+		}
+
+		strlower_m(server);
+		strupper_m(server_realm);
+		asprintf(&princ, "ldap/%s@%s", server, server_realm);
+
+		SAFE_FREE(server);
+		SAFE_FREE(server_realm);
+
+		if (!princ) {
+			return ADS_ERROR(LDAP_NO_MEMORY);
+		}
+	}
+
+	if (!princ) {
+		return ADS_ERROR(LDAP_PARAM_ERROR);
+	}
+
+	*returned_principal = princ;
+
+	return ADS_SUCCESS;
+}
+
 #endif