/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2006 The OpenLDAP Foundation.
+ * Copyright 1998-2007 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* name DistinguishedName, -- dn
* authentication CHOICE {
* simple [0] OCTET STRING -- passwd
- * krbv42ldap [1] OCTET STRING
- * krbv42dsa [2] OCTET STRING
+ * krbv42ldap [1] OCTET STRING -- OBSOLETE
+ * krbv42dsa [2] OCTET STRING -- OBSOLETE
* SASL [3] SaslCredentials
* }
* }
goto cleanup;
}
- /* Set the bindop for the benefit of in-directory SASL lookups */
- op->o_conn->c_sasl_bindop = op;
-
if ( op->orb_method == LDAP_AUTH_SASL ) {
if ( op->o_protocol < LDAP_VERSION3 ) {
Debug( LDAP_DEBUG_ANY, "do_bind: sasl with LDAPv%ld\n",
} else {
ber_dupbv(&op->o_conn->c_sasl_bind_mech, &op->orb_tmp_mech);
}
+
+ /* Set the bindop for the benefit of in-directory SASL lookups */
+ op->o_conn->c_sasl_bindop = op;
+
ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
rs->sr_err = slap_sasl_bind( op, rs );
goto cleanup;
}
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- } else if ( op->orb_method == LDAP_AUTH_KRBV41 ) {
- if ( global_disallows & SLAP_DISALLOW_BIND_KRBV4 ) {
- /* disallow krbv4 authentication */
- rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
- rs->sr_text = "unwilling to perform Kerberos V4 bind";
-
- send_ldap_result( op, rs );
-
- Debug( LDAP_DEBUG_TRACE,
- "do_bind: v%d Kerberos V4 (step 1) bind refused\n",
- op->o_protocol, 0, 0 );
- goto cleanup;
- }
- BER_BVSTR( &op->orb_tmp_mech, "KRBV4" );
-
- } else if ( op->orb_method == LDAP_AUTH_KRBV42 ) {
- rs->sr_err = LDAP_AUTH_METHOD_NOT_SUPPORTED;
- rs->sr_text = "Kerberos V4 (step 2) bind not supported";
- send_ldap_result( op, rs );
-
- Debug( LDAP_DEBUG_TRACE,
- "do_bind: v%d Kerberos V4 (step 2) bind refused\n",
- op->o_protocol, 0, 0 );
- goto cleanup;
-#endif
-
} else {
rs->sr_err = LDAP_AUTH_METHOD_NOT_SUPPORTED;
rs->sr_text = "unknown authentication method";