Re: [PATCH 0/3] MR8020: libs/ldap: Make GSS-SPNEGO SASL plugin work with LDAP server that uses Kerberos authentication.

13 May 2025


      On Tue May 13 18:54:00 2025 +0000, Hans Leidekker wrote:
...
I'm not sure about that. There's the LDAP_OPT_SSPI_FLAGS as you mention
in your patch and it could be that we're supposed to build the REQ flags
from it and return the RET flags for it.
I've added a test
```
flags = 0;
ret = ldap_get_option(ld, LDAP_OPT_SSPI_FLAGS, &flags);
ok(!ret, "ldap_get_option error %#x\n", ret);
ok(flags == (ISC_REQ_MUTUAL_AUTH | ISC_REQ_EXTENDED_ERROR), "got SSPI flags %08lx\n", flags);
```
I'll see if just requesting these flags work for LDAP over Kerberos. Hans, could you please test them with NTLM and report back?
-- 
https://gitlab.winehq.org/wine/wine/-/merge_requests/8020#note_103187

2025

2024

2023

2022

Re: [PATCH 0/3] MR8020: libs/ldap: Make GSS-SPNEGO SASL plugin work with LDAP server that uses Kerberos authentication.