https://bugs.winehq.org/show_bug.cgi?id=55304
--- Comment #14 from Hans Leidekker hans@meelstraat.net --- (In reply to Dmitry Timoshkov from comment #13)
(In reply to Hans Leidekker from comment #12)
It comes from a test that calls QueryContextAttributesA(SECPKG_ATTR_SIZES) under Windows 10 for the Samba server.
Hmm, maybe it's not decrypting in-place? This used to work without querying the trailer size from the context.
It does encrypt/decrypt in place, however as far as I understand it in win32 data and trailer are separate buffers while gss_wrap/gss_unwrap operate on a continuous buffer, and using wrong trailer size creates a hole between data and trailer which breaks gss_wrap/gss_unwrap assumptions.
The _iov variants should be compatible with win32 and I'm pretty sure this worked before. I'd like to figure out why it doesn't work anymore.
As I can see iov variants are used only for DCE style contexts, and that's not the case for the GSSAPI plugin.
Right, previously we'd use the Unix LDAP library which links to SASL which in turn links to GSSAPI. I'll check SASL to see how it uses GSSAPI.