git.sur5r.net Git - openldap/blob - servers/slapd/back-ldbm/kerberos.c

   1 /* kerberos.c - ldbm backend kerberos bind routines */
   2
   3 #include "portable.h"
   4
   5 #include <stdio.h>
   6 #include <string.h>
   7 #include <sys/types.h>
   8 #include <sys/socket.h>
   9 #include "slap.h"
  10 #include "back-ldbm.h"
  11
  12 #ifdef KERBEROS
  13 #ifdef KERBEROS_V
  14 #include <kerberosIV/krb.h>
  15 #else
  16 #include <krb.h>
  17 #endif /* KERBEROS_V */
  18
  19 #define LDAP_KRB_PRINCIPAL      "ldapserver"
  20
  21 extern char             *ldap_srvtab;
  22 extern Attribute        *attr_find();
  23
  24 krbv4_ldap_auth(
  25     Backend             *be,
  26     struct berval       *cred,
  27     AUTH_DAT            *ad
  28 )
  29 {
  30         KTEXT_ST        k;
  31         KTEXT           ktxt = &k;
  32         char            instance[INST_SZ];
  33         int             err;
  34
  35         Debug( LDAP_DEBUG_TRACE, "=> kerberosv4_ldap_auth\n", 0, 0, 0 );
  36
  37         SAFEMEMCPY( ktxt->dat, cred->bv_val, cred->bv_len );
  38         ktxt->length = cred->bv_len;
  39
  40         strcpy( instance, "*" );
  41         if ( (err = krb_rd_req( ktxt, LDAP_KRB_PRINCIPAL, instance, 0L, ad,
  42             ldap_srvtab )) != KSUCCESS ) {
  43                 Debug( LDAP_DEBUG_ANY, "krb_rd_req failed (%s)\n",
  44                     krb_err_txt[err], 0, 0 );
  45                 return( LDAP_INVALID_CREDENTIALS );
  46         }
  47
  48         return( LDAP_SUCCESS );
  49 }
  50
  51 #endif /* kerberos */