http://bugs.winehq.org/show_bug.cgi?id=19529
Summary: .NET 2.0: LDAP authorization fails (bug report + solution) Product: Wine Version: 1.1.26 Platform: PC OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: a.romanek@no.pl
Created an attachment (id=22726) --> (http://bugs.winehq.org/attachment.cgi?id=22726) Patched search.c file from wine/dlls/wldap32
In the company where I work we use our own internal software written in .NET 2.0. This software authenticates users using LDAP. When I was trying to run this software under Ubuntu 9.04 using WINE 1.26 authentication always failed. I started debugging the problem and I found that a .NET API call to "System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)" throws an exception. A debug was also printed on the console log says that "A bad parameter was passed to a routine". According to this website - http://msdn.microsoft.com/en-us/library/aa367014%28VS.85%29.aspx - it is the error message representation of the LDAP_PARAM_ERROR return code from WinLDAP library.
I was digging further and I found that in WINE "SendRequest(DirectoryRequest request)" method calls "ldap_search_extW()" WINE API function (http://source.winehq.org/source/dlls/wldap32/search.c#L238). This function calls ldap_search_ext from OpenLDAP API. A quick look in the source code (http://www.openldap.org/devel/cvsweb.cgi/~checkout~/libraries/libldap/search...) and I got it - see ldap_pvt_search():
if( timeout != NULL ) { if( timeout->tv_sec == 0 && timeout->tv_usec == 0 ) { return LDAP_PARAM_ERROR; }
I went back to 'ldap_search_extW()'. Here it is: the 'tv_sec' member of 'struct timeval tv' is always filled with the value of timelimit argument, even if this value is 0. Then the address of the structure is ALWAYS passed to 'ldap_search_ext()'. As a consequence (see above) LDAP_PARAM_ERROR is returned. If we make a change in call to 'ldap_search_ext()' and pass NULL as timeout argument when 'timelimit' is 0 instead of passing 'tv' structure address everything works perfectly. I think this is how this 'timelimit' argument is handled in WinLDAP library.
And what's the most important, this solves the problem of authentication in my company's software.