- /* check for root dn/passwd */
- if ( be_isroot_pw( be, conn, ndn, cred ) ) {
- /* front end will send result */
- if(*edn != NULL) free( *edn );
- *edn = ch_strdup( be_root_dn( be ) );
- rc = LDAP_SUCCESS;
- goto done;
- }
-
- if ( ! access_allowed( be, conn, op, e,
- password, NULL, ACL_AUTH ) )
- {
- send_ldap_result( conn, op, rc = LDAP_INSUFFICIENT_ACCESS,
- NULL, NULL, NULL, NULL );
- goto done;
- }
-
- if ( (a = attr_find( e->e_attrs, password )) == NULL ) {
- send_ldap_result( conn, op, rc = LDAP_INAPPROPRIATE_AUTH,
- NULL, NULL, NULL, NULL );
- goto done;
- }
-
- if ( slap_passwd_check( conn, a, cred ) != 0 ) {
- send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );
- goto done;
- }
-
- rc = 0;
- break;
-
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- case LDAP_AUTH_KRBV41:
- if ( krbv4_ldap_auth( be, cred, &ad ) != LDAP_SUCCESS ) {
- send_ldap_result( conn, op, rc = LDAP_INVALID_CREDENTIALS,
- NULL, NULL, NULL, NULL );