1 /* kerberos.c - ldbm backend kerberos bind routines */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1998-2008 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
19 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
24 #include <ac/socket.h>
25 #include <ac/string.h>
29 #define LDAP_KRB_PRINCIPAL "ldapserver"
39 char instance[INST_SZ];
42 Debug( LDAP_DEBUG_TRACE, "=> kerberosv4_ldap_auth\n", 0, 0, 0 );
44 if( cred->len > sizeof(ktxt->dat) ) {
48 AC_MEMCPY( ktxt->dat, cred->bv_val, cred->bv_len );
49 ktxt->length = cred->bv_len;
51 strcpy( instance, "*" );
52 if ( (err = krb_rd_req( ktxt, LDAP_KRB_PRINCIPAL, instance, 0L, ad,
53 ldap_srvtab )) != KSUCCESS ) {
54 Debug( LDAP_DEBUG_ANY, "krb_rd_req failed (%s)\n",
55 krb_err_txt[err], 0, 0 );
56 return( LDAP_INVALID_CREDENTIALS );
59 return( LDAP_SUCCESS );