s4:ldap_server: always allocate resp->SASL.secblob

The code path with resp->SASL.secblob = NULL was completely untested
(and wrong) as ldapsrv_setup_gensec() is very unlikely to ever fail.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index 3f2cd2be246b55707a758c47616a06b2e4dd7a2a..4913629cfcc118901d3de4c267d4631c66f88921 100644 (file)
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -382,7 +382,12 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
                return NT_STATUS_NO_MEMORY;
        }
        resp = &reply->msg->r.BindResponse;
-       
+       /* Windows 2000 mmc doesn't like secblob == NULL and reports a decoding error */
+       resp->SASL.secblob = talloc_zero(reply, DATA_BLOB);
+       if (resp->SASL.secblob == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
        conn = call->conn;
 
        /* 
@@ -416,12 +421,7 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
                status = gensec_update_ev(conn->gensec, reply, conn->connection->event.ctx,
                                          input, &output);
 
-               /* Windows 2000 mmc doesn't like secblob == NULL and reports a decoding error */
-               resp->SASL.secblob = talloc(reply, DATA_BLOB);
-               NT_STATUS_HAVE_NO_MEMORY(resp->SASL.secblob);
                *resp->SASL.secblob = output;
-       } else {
-               resp->SASL.secblob = NULL;
        }
 
        if (NT_STATUS_EQUAL(NT_STATUS_MORE_PROCESSING_REQUIRED, status)) {