s4:libcli/ldap Explain why we set a hostname for ldapi:// connections

It is a pretty odd thing to do, and it's only because of the
restrictions of DIGEST-MD5 in Cyrus SASL that we do it.

Andrew Bartlett

diff --git a/source4/libcli/ldap/ldap_client.c b/source4/libcli/ldap/ldap_client.c
index 9135b425743f3562eeedf14390481d221e7f9be2..d278f407dcf2da2b44f525b9c42a2fd1522d2068 100644 (file)
--- a/source4/libcli/ldap/ldap_client.c
+++ b/source4/libcli/ldap/ldap_client.c
@@ -335,7 +335,9 @@ _PUBLIC_ struct composite_context *ldap_connect_send(struct ldap_connection *con
                SMB_ASSERT(sizeof(protocol)>10);
                SMB_ASSERT(sizeof(path)>1024);
        
-               /* LDAPI connections are to localhost, so give the local host name as the target for gensec */
+               /* LDAPI connections are to localhost, so give the
+                * local host name as the target for gensec's
+                * DIGEST-MD5 mechanism */
                conn->host = talloc_asprintf(conn, "%s.%s", lp_netbios_name(conn->lp_ctx),  lp_realm(conn->lp_ctx));
                if (composite_nomem(conn->host, state->ctx)) {
                        return result;