git.sur5r.net Git - openldap/blob - servers/slapd/back-ldbm/kerberos.c

   1 /* kerberos.c - ldbm backend kerberos bind routines */
   2
   3 #include "portable.h"
   4
   5 #ifdef HAVE_KERBEROS
   6
   7 #include <stdio.h>
   8
   9 #include <ac/krb.h>
  10 #include <ac/socket.h>
  11 #include <ac/string.h>
  12
  13 #include "slap.h"
  14 #include "back-ldbm.h"
  15
  16 #define LDAP_KRB_PRINCIPAL      "ldapserver"
  17
  18 extern char             *ldap_srvtab;
  19 extern Attribute        *attr_find();
  20
  21 krbv4_ldap_auth(
  22     Backend             *be,
  23     struct berval       *cred,
  24     AUTH_DAT            *ad
  25 )
  26 {
  27         KTEXT_ST        k;
  28         KTEXT           ktxt = &k;
  29         char            instance[INST_SZ];
  30         int             err;
  31
  32         Debug( LDAP_DEBUG_TRACE, "=> kerberosv4_ldap_auth\n", 0, 0, 0 );
  33
  34         SAFEMEMCPY( ktxt->dat, cred->bv_val, cred->bv_len );
  35         ktxt->length = cred->bv_len;
  36
  37         strcpy( instance, "*" );
  38         if ( (err = krb_rd_req( ktxt, LDAP_KRB_PRINCIPAL, instance, 0L, ad,
  39             ldap_srvtab )) != KSUCCESS ) {
  40                 Debug( LDAP_DEBUG_ANY, "krb_rd_req failed (%s)\n",
  41                     krb_err_txt[err], 0, 0 );
  42                 return( LDAP_INVALID_CREDENTIALS );
  43         }
  44
  45         return( LDAP_SUCCESS );
  46 }
  47
  48 #endif /* kerberos */