13 May
2025
13 May
'25
12:15 p.m.
Hans Leidekker (@hans) commented about libs/ldap/libldap/sasl_w.c:
if (status == SEC_I_CONTINUE_NEEDED) return SASL_CONTINUE; else { + if (((flags & ISC_REQ_INTEGRITY) && !(attrs & ISC_RET_INTEGRITY)) || + ((flags & ISC_REQ_CONFIDENTIALITY) && !(attrs & ISC_RET_CONFIDENTIALITY))) + return SASL_BADSERV; /* refuse to continue if the server doesn't support requested security levels */
The RFC you mention is about Kerberos. Does NTLM have the same requirement? -- https://gitlab.winehq.org/wine/wine/-/merge_requests/8020#note_103108