Re: [PATCH 0/3] MR8020: libs/ldap: Make GSS-SPNEGO SASL plugin work with LDAP server that uses Kerberos authentication.

19 May 2025


      I restored my test setup and compared packet captures with Wireshark. There's an obvious difference because we don't support SPNEGO in the Negotiate provider, instead we pass NTLM or Kerberos straight through which is also accepted by Windows. Even if NTLM is wrapped in SPNEGO the buffer layout is the same, i.e. the reverse of Kerberos, so there's no way around detecting the package in use.
I'm attaching a patch that works here for Kerberos and NTLM. Does it work for you?
[ldap.diff](/uploads/f17c839bd1ffed2b5f3d107e48437c8e/ldap.diff)
-- 
https://gitlab.winehq.org/wine/wine/-/merge_requests/8020#note_103809

2025

2024

2023

2022

Re: [PATCH 0/3] MR8020: libs/ldap: Make GSS-SPNEGO SASL plugin work with LDAP server that uses Kerberos authentication.