#include "common.h"
+#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
#if !LDAP_DEPRECATED
-/*
- * NOTE: we declare it here only because we want to keep supporting
- * (how long?) ancient, deprecated LDAP_AUTH_KRB* auth methods
- */
+/* Necessary for old LDAPv2 Kerberos Bind methods */
LDAP_F( int )
ldap_bind LDAP_P(( /* deprecated */
LDAP *ld,
LDAP_CONST char *passwd,
int authmethod ));
#endif
+#endif
int authmethod = -1;
char *binddn = NULL;
exit( EXIT_FAILURE );
}
}
+
if( protocol == LDAP_VERSION2 ) {
if( assertctl || authzid || manageDIT || manageDSAit ||
#ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
exit( EXIT_FAILURE );
}
#endif
- } else {
+
#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
+ } else {
if ( authmethod == LDAP_AUTH_KRBV4 || authmethod == LDAP_AUTH_KRBV41 ) {
fprintf( stderr, "%s: -k/-K incompatible with LDAPv%d\n",
prog, protocol );
msgbuf[0] = 0;
- msgid = ldap_bind( ld, binddn, passwd.bv_val, authmethod );
- if ( msgid == -1 ) {
- tool_perror( "ldap_bind", -1, NULL, NULL, NULL, NULL );
- exit( EXIT_FAILURE );
+#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
+ if ( authmethod == LDAP_AUTH_KRBV4 || authmethod == LDAP_AUTH_KRBV41 ) {
+ msgid = ldap_bind( ld, binddn, passwd.bv_val, authmethod );
+ if ( msgid == -1 ) {
+ tool_perror( "ldap_bind", -1, NULL, NULL, NULL, NULL );
+ exit( EXIT_FAILURE );
+ }
+ } else
+#endif
+ {
+ /* simple bind */
+ rc = ldap_sasl_bind( ld, binddn, LDAP_SASL_SIMPLE,
+ &passwd, NULL, NULL, &msgid );
+ if ( msgid == -1 ) {
+ tool_perror( "ldap_sasl_bind(SIMPLE)", rc,
+ NULL, NULL, NULL, NULL );
+ exit( EXIT_FAILURE );
+ }
}
if ( ldap_result( ld, msgid, 1, NULL, &result ) == -1 ) {
projects / openldap / commitdiff