X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Fbind.c;h=e03d9c76a51110961b0db6ad0db1b6022c43479e;hb=fedbb4fb3d9d52ad050d688a1f7bde66db34b836;hp=a2e4a6583035188e200f11e29f91b9ab3ade0294;hpb=d611a4b49a00238ed32ae84c68f27c6a0ef2273a;p=openldap
diff --git a/libraries/libldap/bind.c b/libraries/libldap/bind.c
index a2e4a65830..e03d9c76a5 100644
--- a/libraries/libldap/bind.c
+++ b/libraries/libldap/bind.c
@@ -2,7 +2,7 @@
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software .
*
- * Copyright 1998-2004 The OpenLDAP Foundation.
+ * Copyright 1998-2010 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -16,9 +16,19 @@
/* Portions Copyright (c) 1990 Regents of the University of Michigan.
* All rights reserved.
*/
-/* Portions Copyright (C) The Internet Society (1997)
- * ASN.1 fragments are from RFC 2251; see RFC for full legal notices.
- */
+
+#include "portable.h"
+
+#include
+
+#include
+
+#include
+#include
+#include
+
+#include "ldap-int.h"
+#include "ldap_log.h"
/*
* BindRequest ::= SEQUENCE {
@@ -26,10 +36,8 @@
* name DistinguishedName, -- who
* authentication CHOICE {
* simple [0] OCTET STRING -- passwd
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- * krbv42ldap [1] OCTET STRING
- * krbv42dsa [2] OCTET STRING
-#endif
+ * krbv42ldap [1] OCTET STRING -- OBSOLETE
+ * krbv42dsa [2] OCTET STRING -- OBSOLETE
* sasl [3] SaslCredentials -- LDAPv3
* }
* }
@@ -39,27 +47,14 @@
* serverSaslCreds OCTET STRING OPTIONAL -- LDAPv3
* }
*
+ * (Source: RFC 2251)
*/
-#include "portable.h"
-
-#include
-
-#include
-
-#include
-#include
-#include
-
-#include "ldap-int.h"
-#include "ldap_log.h"
-
/*
* ldap_bind - bind to the ldap server (and X.500). The dn and password
* of the entry to which to bind are supplied, along with the authentication
* method to use. The msgid of the bind request is returned on success,
- * -1 if there's trouble. Note, the kerberos support assumes the user already
- * has a valid tgt for now. ldap_result() should be called to find out the
+ * -1 if there's trouble. ldap_result() should be called to find out the
* outcome of the bind request.
*
* Example:
@@ -76,12 +71,9 @@ ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmetho
case LDAP_AUTH_SIMPLE:
return( ldap_simple_bind( ld, dn, passwd ) );
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- case LDAP_AUTH_KRBV41:
- return( ldap_kerberos_bind1( ld, dn ) );
-
- case LDAP_AUTH_KRBV42:
- return( ldap_kerberos_bind2( ld, dn ) );
+#ifdef HAVE_GSSAPI
+ case LDAP_AUTH_NEGOTIATE:
+ return( ldap_gssapi_bind_s( ld, dn, passwd) );
#endif
case LDAP_AUTH_SASL:
@@ -99,8 +91,7 @@ ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmetho
* of the entry to which to bind are supplied, along with the authentication
* method to use. This routine just calls whichever bind routine is
* appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or
- * some other error indication). Note, the kerberos support assumes the
- * user already has a valid tgt for now.
+ * some other error indication).
*
* Examples:
* ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us",
@@ -121,15 +112,9 @@ ldap_bind_s(
case LDAP_AUTH_SIMPLE:
return( ldap_simple_bind_s( ld, dn, passwd ) );
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- case LDAP_AUTH_KRBV4:
- return( ldap_kerberos_bind_s( ld, dn ) );
-
- case LDAP_AUTH_KRBV41:
- return( ldap_kerberos_bind1_s( ld, dn ) );
-
- case LDAP_AUTH_KRBV42:
- return( ldap_kerberos_bind2_s( ld, dn ) );
+#ifdef HAVE_GSSAPI
+ case LDAP_AUTH_NEGOTIATE:
+ return( ldap_gssapi_bind_s( ld, dn, passwd) );
#endif
case LDAP_AUTH_SASL: