/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2010 The OpenLDAP Foundation.
+ * Copyright 1998-2013 The OpenLDAP Foundation.
* All rights reserved.
*
* Author: Stefan Metzmacher <metze@sernet.de>
} else if (allow_remote && dnsHostName) {
principal_fmt = "ldap/%s";
- svc_principal_size = strlen(dnsHostName) + strlen(principal_fmt);
+ svc_principal_size = STRLENOF("ldap/") + strlen(dnsHostName) + 1;
str = dnsHostName;
} else {
principal_fmt = "ldap/%s";
- svc_principal_size = strlen(host) + strlen(principal_fmt);
+ svc_principal_size = STRLENOF("ldap/") + strlen(host) + 1;
str = host;
}
return ld->ld_errno;
}
- ret = snprintf( svc_principal, svc_principal_size - 1, principal_fmt, str);
- if (ret < 0 || (size_t)ret + 1 >= svc_principal_size) {
+ ret = snprintf( svc_principal, svc_principal_size, principal_fmt, str );
+ if (ret < 0 || (size_t)ret >= svc_principal_size) {
ld->ld_errno = LDAP_LOCAL_ERROR;
return ld->ld_errno;
}
host, svc_principal, 0 );
input_name.value = svc_principal;
- input_name.length = strlen( svc_principal );
+ input_name.length = (size_t)ret;
gss_rc = gss_import_name( &minor_status, &input_name, &nt_principal, principal );
ldap_memfree( svc_principal );
gss_buffer_desc input_token, output_token = GSS_C_EMPTY_BUFFER;
struct berval cred, *scred = NULL;
-#ifdef LDAP_R_COMPILE
- ldap_pvt_thread_mutex_lock( &ldap_int_gssapi_mutex );
-#endif
+ LDAP_MUTEX_LOCK( &ldap_int_gssapi_mutex );
/* get information from RootDSE entry */
rc = ldap_gssapi_get_rootdse_infos ( ld, &mechlist,
req_mech = &spnego_oid;
}
- req_flags = ld->ld_options.gssapi_flags;
+ req_flags = ld->ld_options.ldo_gssapi_flags;
req_flags |= GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG;
/*
(ret_mech != GSS_C_NO_OID ? ret_mech : req_mech ),
gss_rc, minor_status );
rc_error:
-#ifdef LDAP_R_COMPILE
- ldap_pvt_thread_mutex_unlock( &ldap_int_gssapi_mutex );
-#endif
+ LDAP_MUTEX_UNLOCK( &ldap_int_gssapi_mutex );
LDAP_FREE( mechlist );
LDAP_FREE( ldapServiceName );
LDAP_FREE( dnsHostName );
switch ( option ) {
case LDAP_OPT_SSPI_FLAGS:
- * (unsigned *) arg = (unsigned) ld->ld_options.gssapi_flags;
+ * (unsigned *) arg = (unsigned) ld->ld_options.ldo_gssapi_flags;
break;
case LDAP_OPT_SIGN:
- if ( ld->ld_options.gssapi_flags & GSS_C_INTEG_FLAG ) {
+ if ( ld->ld_options.ldo_gssapi_flags & GSS_C_INTEG_FLAG ) {
* (int *) arg = (int)-1;
} else {
* (int *) arg = (int)0;
break;
case LDAP_OPT_ENCRYPT:
- if ( ld->ld_options.gssapi_flags & GSS_C_CONF_FLAG ) {
+ if ( ld->ld_options.ldo_gssapi_flags & GSS_C_CONF_FLAG ) {
* (int *) arg = (int)-1;
} else {
* (int *) arg = (int)0;
switch ( option ) {
case LDAP_OPT_SSPI_FLAGS:
if ( arg != LDAP_OPT_OFF ) {
- ld->ld_options.gssapi_flags = * (unsigned *)arg;
+ ld->ld_options.ldo_gssapi_flags = * (unsigned *)arg;
}
break;
case LDAP_OPT_SIGN:
if ( arg != LDAP_OPT_OFF ) {
- ld->ld_options.gssapi_flags |= GSS_C_INTEG_FLAG;
+ ld->ld_options.ldo_gssapi_flags |= GSS_C_INTEG_FLAG;
}
break;
case LDAP_OPT_ENCRYPT:
if ( arg != LDAP_OPT_OFF ) {
- ld->ld_options.gssapi_flags |= GSS_C_INTEG_FLAG | GSS_C_CONF_FLAG;
+ ld->ld_options.ldo_gssapi_flags |= GSS_C_INTEG_FLAG | GSS_C_CONF_FLAG;
}
break;