X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Fbind.c;h=4305d313d42d66ea11627e734d29fe4a6449602d;hb=3d39ff68a94e4455074707d763138f01aaa1c5b1;hp=be796f192013fefcbabef5115aa3132dd4446cef;hpb=30eb9ed76f5b1cdc834ff531f449e1d9ee3badf3;p=openldap

diff --git a/libraries/libldap/bind.c b/libraries/libldap/bind.c
index be796f1920..4305d313d4 100644
--- a/libraries/libldap/bind.c
+++ b/libraries/libldap/bind.c
@@ -1,33 +1,60 @@
-/*
- *  Copyright (c) 1990 Regents of the University of Michigan.
- *  All rights reserved.
+/* bind.c */
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2007 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
  *
- *  bind.c
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* Portions Copyright (c) 1990 Regents of the University of Michigan.
+ * All rights reserved.
  */
 
 #include "portable.h"
 
-#ifndef lint 
-static char copyright[] = "@(#) Copyright (c) 1990 Regents of the University of Michigan.\nAll rights reserved.\n";
-#endif
-
 #include <stdio.h>
-#include <stdlib.h>
+
+#include <ac/stdlib.h>
 
 #include <ac/socket.h>
 #include <ac/string.h>
 #include <ac/time.h>
 
-#include "lber.h"
-#include "ldap.h"
+#include "ldap-int.h"
+#include "ldap_log.h"
 
+/*
+ *	BindRequest ::= SEQUENCE {
+ *		version		INTEGER,
+ *		name		DistinguishedName,	 -- who
+ *		authentication	CHOICE {
+ *			simple		[0] OCTET STRING -- passwd
+ *			krbv42ldap	[1] OCTET STRING -- OBSOLETE
+ *			krbv42dsa	[2] OCTET STRING -- OBSOLETE
+ *			sasl		[3] SaslCredentials	-- LDAPv3
+ *		}
+ *	}
+ *
+ *	BindResponse ::= SEQUENCE {
+ *		COMPONENTS OF LDAPResult,
+ *		serverSaslCreds		OCTET STRING OPTIONAL -- LDAPv3
+ *	}
+ *
+ * (Source: RFC 2251)
+ */
 
 /*
  * ldap_bind - bind to the ldap server (and X.500).  The dn and password
  * of the entry to which to bind are supplied, along with the authentication
  * method to use.  The msgid of the bind request is returned on success,
- * -1 if there's trouble.  Note, the kerberos support assumes the user already
- * has a valid tgt for now.  ldap_result() should be called to find out the
+ * -1 if there's trouble.  ldap_result() should be called to find out the
  * outcome of the bind request.
  *
  * Example:
@@ -36,37 +63,17 @@ static char copyright[] = "@(#) Copyright (c) 1990 Regents of the University of
  */
 
 int
-ldap_bind( LDAP *ld, char *dn, char *passwd, int authmethod )
+ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmethod )
 {
-	/*
-	 * The bind request looks like this:
-	 *	BindRequest ::= SEQUENCE {
-	 *		version		INTEGER,
-	 *		name		DistinguishedName,	 -- who
-	 *		authentication	CHOICE {
-	 *			simple		[0] OCTET STRING -- passwd
-#ifdef KERBEROS
-	 *			krbv42ldap	[1] OCTET STRING
-	 *			krbv42dsa	[2] OCTET STRING
-#endif
-	 *		}
-	 *	}
-	 * all wrapped up in an LDAPMessage sequence.
-	 */
-
 	Debug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 );
 
 	switch ( authmethod ) {
 	case LDAP_AUTH_SIMPLE:
 		return( ldap_simple_bind( ld, dn, passwd ) );
 
-#ifdef KERBEROS
-	case LDAP_AUTH_KRBV41:
-		return( ldap_kerberos_bind1( ld, dn ) );
-
-	case LDAP_AUTH_KRBV42:
-		return( ldap_kerberos_bind2( ld, dn ) );
-#endif
+	case LDAP_AUTH_SASL:
+		/* user must use ldap_sasl_bind */
+		/* FALL-THRU */
 
 	default:
 		ld->ld_errno = LDAP_AUTH_UNKNOWN;
@@ -79,8 +86,7 @@ ldap_bind( LDAP *ld, char *dn, char *passwd, int authmethod )
  * of the entry to which to bind are supplied, along with the authentication
  * method to use.  This routine just calls whichever bind routine is
  * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
- * some other error indication).  Note, the kerberos support assumes the
- * user already has a valid tgt for now.
+ * some other error indication).
  *
  * Examples:
  *	ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
@@ -89,7 +95,11 @@ ldap_bind( LDAP *ld, char *dn, char *passwd, int authmethod )
  *	    NULL, LDAP_AUTH_KRBV4 )
  */
 int
-ldap_bind_s( LDAP *ld, char *dn, char *passwd, int authmethod )
+ldap_bind_s(
+	LDAP *ld,
+	LDAP_CONST char *dn,
+	LDAP_CONST char *passwd,
+	int authmethod )
 {
 	Debug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 );
 
@@ -97,28 +107,11 @@ ldap_bind_s( LDAP *ld, char *dn, char *passwd, int authmethod )
 	case LDAP_AUTH_SIMPLE:
 		return( ldap_simple_bind_s( ld, dn, passwd ) );
 
-#ifdef KERBEROS
-	case LDAP_AUTH_KRBV4:
-		return( ldap_kerberos_bind_s( ld, dn ) );
-
-	case LDAP_AUTH_KRBV41:
-		return( ldap_kerberos_bind1_s( ld, dn ) );
-
-	case LDAP_AUTH_KRBV42:
-		return( ldap_kerberos_bind2_s( ld, dn ) );
-#endif
+	case LDAP_AUTH_SASL:
+		/* user must use ldap_sasl_bind */
+		/* FALL-THRU */
 
 	default:
 		return( ld->ld_errno = LDAP_AUTH_UNKNOWN );
 	}
 }
-
-
-#ifdef LDAP_REFERRALS
-void
-ldap_set_rebind_proc( LDAP *ld, int (*rebindproc)( LDAP *ld, char **dnp,
-	char **passwdp, int *authmethodp, int freeit ))
-{
-	ld->ld_rebindproc = rebindproc;
-}
-#endif /* LDAP_REFERRALS */