ITS#6684

[openldap] / libraries / libldap / bind.c

diff --git a/libraries/libldap/bind.c b/libraries/libldap/bind.c
index 2e7dd74ada172c8dd583844435bbbb3b9a512bc3..e03d9c76a51110961b0db6ad0db1b6022c43479e 100644 (file)
--- a/libraries/libldap/bind.c
+++ b/libraries/libldap/bind.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2006 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -36,10 +36,8 @@
  *             name            DistinguishedName,       -- who
  *             authentication  CHOICE {
  *                     simple          [0] OCTET STRING -- passwd
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- *                     krbv42ldap      [1] OCTET STRING
- *                     krbv42dsa       [2] OCTET STRING
-#endif
+ *                     krbv42ldap      [1] OCTET STRING -- OBSOLETE
+ *                     krbv42dsa       [2] OCTET STRING -- OBSOLETE
  *                     sasl            [3] SaslCredentials     -- LDAPv3
  *             }
  *     }
@@ -56,8 +54,7 @@
  * ldap_bind - bind to the ldap server (and X.500).  The dn and password
  * of the entry to which to bind are supplied, along with the authentication
  * method to use.  The msgid of the bind request is returned on success,
- * -1 if there's trouble.  Note, the kerberos support assumes the user already
- * has a valid tgt for now.  ldap_result() should be called to find out the
+ * -1 if there's trouble.  ldap_result() should be called to find out the
  * outcome of the bind request.
  *
  * Example:
@@ -74,12 +71,9 @@ ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmetho
        case LDAP_AUTH_SIMPLE:
                return( ldap_simple_bind( ld, dn, passwd ) );
 
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-       case LDAP_AUTH_KRBV41:
-               return( ldap_kerberos_bind1( ld, dn ) );
-
-       case LDAP_AUTH_KRBV42:
-               return( ldap_kerberos_bind2( ld, dn ) );
+#ifdef HAVE_GSSAPI
+       case LDAP_AUTH_NEGOTIATE:
+               return( ldap_gssapi_bind_s( ld, dn, passwd) );
 #endif
 
        case LDAP_AUTH_SASL:
@@ -97,8 +91,7 @@ ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmetho
  * of the entry to which to bind are supplied, along with the authentication
  * method to use.  This routine just calls whichever bind routine is
  * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
- * some other error indication).  Note, the kerberos support assumes the
- * user already has a valid tgt for now.
+ * some other error indication).
  *
  * Examples:
  *     ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
@@ -119,15 +112,9 @@ ldap_bind_s(
        case LDAP_AUTH_SIMPLE:
                return( ldap_simple_bind_s( ld, dn, passwd ) );
 
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-       case LDAP_AUTH_KRBV4:
-               return( ldap_kerberos_bind_s( ld, dn ) );
-
-       case LDAP_AUTH_KRBV41:
-               return( ldap_kerberos_bind1_s( ld, dn ) );
-
-       case LDAP_AUTH_KRBV42:
-               return( ldap_kerberos_bind2_s( ld, dn ) );
+#ifdef HAVE_GSSAPI
+       case LDAP_AUTH_NEGOTIATE:
+               return( ldap_gssapi_bind_s( ld, dn, passwd) );
 #endif
 
        case LDAP_AUTH_SASL: