From 7496095c1b119c1e4f99d985b6dca6ee68dcb520 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 14 Aug 2009 17:50:18 +1000 Subject: [PATCH] s4:libcli/ldap Explain why we set a hostname for ldapi:// connections It is a pretty odd thing to do, and it's only because of the restrictions of DIGEST-MD5 in Cyrus SASL that we do it. Andrew Bartlett --- source4/libcli/ldap/ldap_client.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/source4/libcli/ldap/ldap_client.c b/source4/libcli/ldap/ldap_client.c index 9135b425743f..d278f407dcf2 100644 --- a/source4/libcli/ldap/ldap_client.c +++ b/source4/libcli/ldap/ldap_client.c @@ -335,7 +335,9 @@ _PUBLIC_ struct composite_context *ldap_connect_send(struct ldap_connection *con SMB_ASSERT(sizeof(protocol)>10); SMB_ASSERT(sizeof(path)>1024); - /* LDAPI connections are to localhost, so give the local host name as the target for gensec */ + /* LDAPI connections are to localhost, so give the + * local host name as the target for gensec's + * DIGEST-MD5 mechanism */ conn->host = talloc_asprintf(conn, "%s.%s", lp_netbios_name(conn->lp_ctx), lp_realm(conn->lp_ctx)); if (composite_nomem(conn->host, state->ctx)) { return result; -- 2.34.1