diff options
author | Andrew Bartlett <abartlet@samba.org> | 2006-02-04 11:19:09 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:51:46 -0500 |
commit | 2e7f35f88faedb5b6e2302c5dacf62709dee12a9 (patch) | |
tree | 80f6867ebb17054a22831f1010b5f1c2bf6077d4 /source4/libcli | |
parent | f256a9c55e4785e4383a0546e75bba355a51fa04 (diff) | |
download | samba-2e7f35f88faedb5b6e2302c5dacf62709dee12a9.tar.gz samba-2e7f35f88faedb5b6e2302c5dacf62709dee12a9.tar.xz samba-2e7f35f88faedb5b6e2302c5dacf62709dee12a9.zip |
r13344: Trust SASL to have subtle distinctions between NULL and zero-length
responses...
Also trust OpenLDAP to be pedantic about it, breaking connections to AD.
In any case, we now get this 'right' (by nasty overloading hacks, but
hey), and we can now use system-supplied OpenLDAP libs and SASL/GSSAPI
to talk to Samba4.
Andrew Bartlett
(This used to be commit 0cbe18211a95f811b51865bc0e8729e9a302ad25)
Diffstat (limited to 'source4/libcli')
-rw-r--r-- | source4/libcli/ldap/ldap.c | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/source4/libcli/ldap/ldap.c b/source4/libcli/ldap/ldap.c index b281f62ed0..496fec527f 100644 --- a/source4/libcli/ldap/ldap.c +++ b/source4/libcli/ldap/ldap.c @@ -219,8 +219,15 @@ BOOL ldap_encode(struct ldap_message *msg, DATA_BLOB *result, TALLOC_CTX *mem_ct asn1_push_tag(&data, ASN1_CONTEXT(3)); asn1_write_OctetString(&data, r->creds.SASL.mechanism, strlen(r->creds.SASL.mechanism)); - asn1_write_OctetString(&data, r->creds.SASL.secblob.data, - r->creds.SASL.secblob.length); + /* The value of data indicates if this + * optional element exists at all. In SASL + * there is a difference between NULL and + * zero-legnth, but our APIs don't express it + * well */ + if (r->creds.SASL.secblob.data) { + asn1_write_OctetString(&data, r->creds.SASL.secblob.data, + r->creds.SASL.secblob.length); + } asn1_pop_tag(&data); break; default: @@ -234,7 +241,14 @@ BOOL ldap_encode(struct ldap_message *msg, DATA_BLOB *result, TALLOC_CTX *mem_ct struct ldap_BindResponse *r = &msg->r.BindResponse; asn1_push_tag(&data, ASN1_APPLICATION(msg->type)); ldap_encode_response(&data, &r->response); - asn1_write_ContextSimple(&data, 7, &r->SASL.secblob); + /* The value of data indicates if this + * optional element exists at all. In SASL + * there is a difference between NULL and + * zero-legnth, but our APIs don't express it + * well */ + if (r->SASL.secblob.data) { + asn1_write_ContextSimple(&data, 7, &r->SASL.secblob); + } asn1_pop_tag(&data); break; } |