git.sur5r.net Git - openldap/blob - servers/slapd/back-ldbm/kerberos.c

   1 /* kerberos.c - ldbm backend kerberos bind routines */
   2
   3 #include <stdio.h>
   4 #include <string.h>
   5 #include <sys/types.h>
   6 #include <sys/socket.h>
   7 #include "slap.h"
   8 #include "back-ldbm.h"
   9
  10 #ifdef KERBEROS
  11 #include "krb.h"
  12
  13 #define LDAP_KRB_PRINCIPAL      "ldapserver"
  14
  15 extern char             *ldap_srvtab;
  16 extern Entry            *dn2entry();
  17 extern Attribute        *attr_find();
  18
  19 krbv4_ldap_auth(
  20     Backend             *be,
  21     struct berval       *cred,
  22     AUTH_DAT            *ad
  23 )
  24 {
  25         KTEXT_ST        k;
  26         KTEXT           ktxt = &k;
  27         char            instance[INST_SZ];
  28         int             err;
  29
  30         Debug( LDAP_DEBUG_TRACE, "=> kerberosv4_ldap_auth\n", 0, 0, 0 );
  31
  32         SAFEMEMCPY( ktxt->dat, cred->bv_val, cred->bv_len );
  33         ktxt->length = cred->bv_len;
  34
  35         strcpy( instance, "*" );
  36         if ( (err = krb_rd_req( ktxt, LDAP_KRB_PRINCIPAL, instance, 0L, ad,
  37             ldap_srvtab )) != KSUCCESS ) {
  38                 Debug( LDAP_DEBUG_ANY, "krb_rd_req failed (%s)\n",
  39                     krb_err_txt[err], 0, 0 );
  40                 return( LDAP_INVALID_CREDENTIALS );
  41         }
  42
  43         return( LDAP_SUCCESS );
  44 }
  45
  46 #endif /* kerberos */