<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Feb 8, 2021 at 11:35 AM Dmitry Timoshkov <<a href="mailto:dmitry@baikal.ru">dmitry@baikal.ru</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hans Leidekker <<a href="mailto:hans@codeweavers.com" target="_blank">hans@codeweavers.com</a>> wrote:<br>
<br>
> > Hans Leidekker <<a href="mailto:hans@codeweavers.com" target="_blank">hans@codeweavers.com</a>> wrote:<br>
> > <br>
> > > > > -        else if (sasl->id == SASL_CB_USER)<br>
> > > > > +        else if (sasl->id == SASL_CB_AUTHNAME)<br>
> > > > >          {<br>
> > > > >              sasl->result = id->User;<br>
> > > > >              sasl->len = id->UserLength;<br>
> > > > <br>
> > > > <a href="https://bugs.winehq.org/show_bug.cgi?id=50545#c23" rel="noreferrer" target="_blank">https://bugs.winehq.org/show_bug.cgi?id=50545#c23</a><br>
> > > <br>
> > > That comment is not entirely correct. In my testing GSSAPI does invoke<br>
> > > this callback but fails if it returns a result.<br>
> > <br>
> > It works here with my username and a Kerberos ticket (0x4001 - SASL_CB_USER):<br>
> > <br>
> > 0024:trace:adsldp:openobj_OpenDSObject 0019975C,L"LDAP://xxx.yyy.zzz/rootDSE",L"user",001997FC,00000021,0031C1E0<br>
> > 0024:trace:adsldp:openobj_OpenDSObject host L"xxx.yyy.zzz", port 0, object L"rootDSE"<br>
> > 0024:trace:wldap32:ldap_initW (L"xxx.yyy.zzz", 0)<br>
> > 0024:trace:wldap32:ldap_set_optionW (0x19a5a8, 0x00000011, 0x31bd60)<br>
> > 0024:trace:wldap32:ldap_connect (0x19a5a8, (nil))<br>
> > 0024:trace:wldap32:ldap_bind_sW (0x19a5a8, (null), 0x31bd70, 0x00000486)<br>
> > 0024:trace:wldap32:sasl_interact 0x7d78f320,00000002,0x31bbd8,0x7d792600<br>
> > 0024:trace:wldap32:sasl_interact sasl->id = 4001<br>
> > 0024:trace:wldap32:ldap_search_sW (0x19a5a8, (null), 0x00000000, L"(objectClass=*)", 0x31bd28, 0x00000000, 0x31bd14)<br>
> > 0024:trace:wldap32:WLDAP32_ldap_first_entry (0x19a5a8, 0x7d784d00)<br>
> > 0024:trace:wldap32:ldap_get_valuesW (0x19a5a8, 0x7d784d00, L"subschemaSubentry")<br>
> <br>
> And it fails with Damjan's patch?<br>
<br>
With Damjan's patch it fails on the first run, after renewing the Kerberos<br>
ticket it works. I have to note, that the Kerberos ticket was valid and<br>
functional before renewing.<br>
<br></blockquote><div><br></div><div>What about if you return id->User on both SASL_CB_USER and SASL_CB_AUTHNAME?</div></div></div>