From 78c57f59ac7d47425ebb450205efc981575aab8d Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 10 Apr 2007 16:04:22 +0000
Subject: r22153: fix LDAP SASL "GSSAPI" bind against w2k3, this isn't critical
 because we try "GSS-SPNEGO" first and all windows version support that.

metze
(This used to be commit 34a5badbded0b2537ee854287931e2a7dc3aeb37)
---
 source3/libads/sasl.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

(limited to 'source3')

diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index b5f92044ef..2fc66bd929 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -441,7 +441,8 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads)
 
 	gss_release_buffer(&minor_status, &output_token);
 
-	output_token.value = SMB_MALLOC(strlen(ads->config.bind_path) + 8);
+	output_token.length = 4;
+	output_token.value = SMB_MALLOC(output_token.length);
 	p = (uint8 *)output_token.value;
 
 	*p++ = 1; /* no sign & seal selection */
@@ -449,10 +450,14 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads)
 	*p++ = max_msg_size>>16;
 	*p++ = max_msg_size>>8;
 	*p++ = max_msg_size;
-	snprintf((char *)p, strlen(ads->config.bind_path)+4, "dn:%s", ads->config.bind_path);
-	p += strlen((const char *)p);
-
-	output_token.length = PTR_DIFF(p, output_token.value);
+	/*
+	 * we used to add sprintf("dn:%s", ads->config.bind_path) here.
+	 * but using ads->config.bind_path is the wrong! It should be
+	 * the DN of the user object!
+	 *
+	 * w2k3 gives an error when we send an incorrect DN, but sending nothing
+	 * is ok and matches the information flow used in GSS-SPNEGO.
+	 */
 
 	gss_rc = gss_wrap(&minor_status, context_handle,0,GSS_C_QOP_DEFAULT,
 			  &output_token, (int *)&conf_state,
-- 
cgit