[Bug 19529] New: .NET 2.0: LDAP authorization fails (bug report + solution)

wine-bugs at winehq.org wine-bugs at winehq.org
Fri Jul 31 05:30:25 CDT 2009 

http://bugs.winehq.org/show_bug.cgi?id=19529

           Summary: .NET 2.0: LDAP authorization fails (bug report +
                    solution)
           Product: Wine
           Version: 1.1.26
          Platform: PC
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: -unknown
        AssignedTo: wine-bugs at winehq.org
        ReportedBy: a.romanek at no.pl


Created an attachment (id=22726)
 --> (http://bugs.winehq.org/attachment.cgi?id=22726)
Patched search.c file from wine/dlls/wldap32

In the company where I work we use our own internal software written in .NET
2.0. This software authenticates users using LDAP. When I was trying to run
this software under Ubuntu 9.04 using WINE 1.26 authentication always failed. I
started debugging the problem and I found that a .NET API call to
"System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest
request)" throws an exception. A debug was also printed on the console log says
that "A bad parameter was passed to a routine". According to this website -
http://msdn.microsoft.com/en-us/library/aa367014%28VS.85%29.aspx - it is the
error message representation of the LDAP_PARAM_ERROR return code from WinLDAP
library.

I was digging further and I found that in WINE "SendRequest(DirectoryRequest
request)" method calls "ldap_search_extW()" WINE API function
(http://source.winehq.org/source/dlls/wldap32/search.c#L238). This function
calls ldap_search_ext from OpenLDAP API. A quick look in the source code
(http://www.openldap.org/devel/cvsweb.cgi/~checkout~/libraries/libldap/search.c?rev=1.87&hideattic=1&sortbydate=0)
and I got it - see ldap_pvt_search():

    if( timeout != NULL ) {
        if( timeout->tv_sec == 0 && timeout->tv_usec == 0 ) {
            return LDAP_PARAM_ERROR;
        }

I went back to 'ldap_search_extW()'. Here it is: the 'tv_sec' member of 'struct
timeval tv' is always filled with the value of timelimit argument, even if this
value is 0. Then the address of the structure is ALWAYS passed to
'ldap_search_ext()'. As a consequence (see above) LDAP_PARAM_ERROR is returned.
If we make a change in call to 'ldap_search_ext()' and pass NULL as timeout
argument when 'timelimit' is 0 instead of passing 'tv' structure address
everything works perfectly. I think this is how this 'timelimit' argument is
handled in WinLDAP library.

And what's the most important, this solves the problem of authentication in my
company's software.

-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list