3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1998-2004 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
16 /* Portions Copyright (c) 1990 Regents of the University of Michigan.
17 * All rights reserved.
19 /* Portions Copyright (C) The Internet Society (1997)
20 * ASN.1 fragments are from RFC 2251; see RFC for full legal notices.
24 * BindRequest ::= SEQUENCE {
26 * name DistinguishedName, -- who
27 * authentication CHOICE {
28 * simple [0] OCTET STRING -- passwd
29 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
30 * krbv42ldap [1] OCTET STRING
31 * krbv42dsa [2] OCTET STRING
33 * sasl [3] SaslCredentials -- LDAPv3
37 * BindResponse ::= SEQUENCE {
38 * COMPONENTS OF LDAPResult,
39 * serverSaslCreds OCTET STRING OPTIONAL -- LDAPv3
48 #include <ac/stdlib.h>
50 #include <ac/socket.h>
51 #include <ac/string.h>
58 * ldap_bind - bind to the ldap server (and X.500). The dn and password
59 * of the entry to which to bind are supplied, along with the authentication
60 * method to use. The msgid of the bind request is returned on success,
61 * -1 if there's trouble. Note, the kerberos support assumes the user already
62 * has a valid tgt for now. ldap_result() should be called to find out the
63 * outcome of the bind request.
66 * ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret",
71 ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmethod )
74 LDAP_LOG ( OPERATION, ENTRY, "ldap_bind\n", 0, 0, 0 );
76 Debug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 );
79 switch ( authmethod ) {
80 case LDAP_AUTH_SIMPLE:
81 return( ldap_simple_bind( ld, dn, passwd ) );
83 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
84 case LDAP_AUTH_KRBV41:
85 return( ldap_kerberos_bind1( ld, dn ) );
87 case LDAP_AUTH_KRBV42:
88 return( ldap_kerberos_bind2( ld, dn ) );
92 /* user must use ldap_sasl_bind */
96 ld->ld_errno = LDAP_AUTH_UNKNOWN;
102 * ldap_bind_s - bind to the ldap server (and X.500). The dn and password
103 * of the entry to which to bind are supplied, along with the authentication
104 * method to use. This routine just calls whichever bind routine is
105 * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
106 * some other error indication). Note, the kerberos support assumes the
107 * user already has a valid tgt for now.
110 * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
111 * "secret", LDAP_AUTH_SIMPLE )
112 * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
113 * NULL, LDAP_AUTH_KRBV4 )
119 LDAP_CONST char *passwd,
123 LDAP_LOG ( OPERATION, ENTRY, "ldap_bind_s\n", 0, 0, 0 );
125 Debug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 );
128 switch ( authmethod ) {
129 case LDAP_AUTH_SIMPLE:
130 return( ldap_simple_bind_s( ld, dn, passwd ) );
132 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
133 case LDAP_AUTH_KRBV4:
134 return( ldap_kerberos_bind_s( ld, dn ) );
136 case LDAP_AUTH_KRBV41:
137 return( ldap_kerberos_bind1_s( ld, dn ) );
139 case LDAP_AUTH_KRBV42:
140 return( ldap_kerberos_bind2_s( ld, dn ) );
144 /* user must use ldap_sasl_bind */
148 return( ld->ld_errno = LDAP_AUTH_UNKNOWN );