git.sur5r.net Git - openldap/blob - servers/slapd/back-ldbm/kerberos.c

   1 /* kerberos.c - ldbm backend kerberos bind routines */
   2 /* $OpenLDAP$ */
   3 /*
   4  * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
   5  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
   6  */
   7
   8 #include "portable.h"
   9
  10 #ifdef HAVE_KERBEROS
  11
  12 #include <stdio.h>
  13
  14 #include <ac/krb.h>
  15 #include <ac/socket.h>
  16 #include <ac/string.h>
  17
  18 #include "slap.h"
  19 #include "back-ldbm.h"
  20
  21 #define LDAP_KRB_PRINCIPAL      "ldapserver"
  22
  23 extern char             *ldap_srvtab;
  24 extern Attribute        *attr_find();
  25
  26 krbv4_ldap_auth(
  27     Backend             *be,
  28     struct berval       *cred,
  29     AUTH_DAT            *ad
  30 )
  31 {
  32         KTEXT_ST        k;
  33         KTEXT           ktxt = &k;
  34         char            instance[INST_SZ];
  35         int             err;
  36
  37         Debug( LDAP_DEBUG_TRACE, "=> kerberosv4_ldap_auth\n", 0, 0, 0 );
  38
  39         SAFEMEMCPY( ktxt->dat, cred->bv_val, cred->bv_len );
  40         ktxt->length = cred->bv_len;
  41
  42         strcpy( instance, "*" );
  43         if ( (err = krb_rd_req( ktxt, LDAP_KRB_PRINCIPAL, instance, 0L, ad,
  44             ldap_srvtab )) != KSUCCESS ) {
  45                 Debug( LDAP_DEBUG_ANY, "krb_rd_req failed (%s)\n",
  46                     krb_err_txt[err], 0, 0 );
  47                 return( LDAP_INVALID_CREDENTIALS );
  48         }
  49
  50         return( LDAP_SUCCESS );
  51 }
  52
  53 #endif /* kerberos */