git.sur5r.net Git - openldap/blob - servers/slapd/back-bdb2/kerberos.c

   1 /* kerberos.c - bdb2 backend kerberos bind routines */
   2 /* $OpenLDAP$ */
   3
   4 #include "portable.h"
   5
   6 #ifdef HAVE_KERBEROS
   7
   8 #include <stdio.h>
   9
  10 #include <ac/krb.h>
  11 #include <ac/socket.h>
  12 #include <ac/string.h>
  13
  14 #include "slap.h"
  15 #include "back-bdb2.h"
  16
  17 #define LDAP_KRB_PRINCIPAL      "ldapserver"
  18
  19 extern char             *ldap_srvtab;
  20 extern Attribute        *attr_find();
  21
  22 bdb2i_krbv4_ldap_auth(
  23     BackendDB           *be,
  24     struct berval       *cred,
  25     AUTH_DAT            *ad
  26 )
  27 {
  28         KTEXT_ST        k;
  29         KTEXT           ktxt = &k;
  30         char            instance[INST_SZ];
  31         int             err;
  32
  33         Debug( LDAP_DEBUG_TRACE, "=> kerberosv4_ldap_auth\n", 0, 0, 0 );
  34
  35         SAFEMEMCPY( ktxt->dat, cred->bv_val, cred->bv_len );
  36         ktxt->length = cred->bv_len;
  37
  38         strcpy( instance, "*" );
  39         if ( (err = krb_rd_req( ktxt, LDAP_KRB_PRINCIPAL, instance, 0L, ad,
  40             ldap_srvtab )) != KSUCCESS ) {
  41                 Debug( LDAP_DEBUG_ANY, "krb_rd_req failed (%s)\n",
  42                     krb_err_txt[err], 0, 0 );
  43                 return( LDAP_INVALID_CREDENTIALS );
  44         }
  45
  46         return( LDAP_SUCCESS );
  47 }
  48
  49 #endif /* kerberos */