send_ldap_result( op, rs );
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, DETAIL1,
- "do_bind: conn %d v%d anonymous bind\n",
- op->o_connid, version , 0 );
+ "do_bind: conn %d v%d anonymous bind\n",
+ op->o_connid, version , 0 );
#else
Debug( LDAP_DEBUG_TRACE, "do_bind: v%d anonymous bind\n",
version, 0, 0 );
}
#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- } else if ( op->orb_method == LDAP_AUTH_KRBV41 ||
- op->orb_method == LDAP_AUTH_KRBV42 )
- {
+ } else if ( op->orb_method == LDAP_AUTH_KRBV41 ) {
if ( global_disallows & SLAP_DISALLOW_BIND_KRBV4 ) {
- /* disallow simple authentication */
+ /* disallow krbv4 authentication */
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
rs->sr_text = "unwilling to perform Kerberos V4 bind";
send_ldap_result( op, rs );
+
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, DETAIL1,
- "do_bind: conn %d v%d Kerberos V4 bind\n",
+ "do_bind: conn %d v%d Kerberos V4 (step 1) bind refused\n",
op->o_connid, version , 0 );
#else
- Debug( LDAP_DEBUG_TRACE, "do_bind: v%d Kerberos V4 bind\n",
+ Debug( LDAP_DEBUG_TRACE,
+ "do_bind: v%d Kerberos V4 (step 1) bind refused\n",
version, 0, 0 );
#endif
goto cleanup;
}
ber_str2bv( "KRBV4", sizeof("KRBV4")-1, 0, &mech );
+
+ } else if ( op->orb_method == LDAP_AUTH_KRBV42 ) {
+ rs->sr_err = LDAP_AUTH_METHOD_NOT_SUPPORTED;
+ rs->sr_text = "Kerberos V4 (step 2) bind not supported";
+ send_ldap_result( op, rs );
+
+#ifdef NEW_LOGGING
+ LDAP_LOG( OPERATION, DETAIL1,
+ "do_bind: conn %d v%d Kerberos V4 (step 2) bind refused\n",
+ op->o_connid, version , 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "do_bind: v%d Kerberos V4 (step 2) bind refused\n",
+ version, 0, 0 );
+#endif
+ goto cleanup;
#endif
} else {
goto cleanup;
}
-#if defined( LDAP_SLAPI )
+#ifdef LDAP_SLAPI
if ( pb ) {
int rc;
slapi_int_pblock_set_operation( pb, op );
op->orb_edn.bv_len = 0;
if ( rs->sr_err == LDAP_SUCCESS ) {
- slapi_pblock_get( pb, SLAPI_CONN_DN, (void *)&op->orb_edn.bv_val );
+ slapi_pblock_get( pb, SLAPI_CONN_DN,
+ (void *)&op->orb_edn.bv_val );
if ( op->orb_edn.bv_val == NULL ) {
if ( rc == 1 ) {
/* No plugins were called; continue. */
break;
}
}
-#endif /* defined( LDAP_SLAPI ) */
+#endif /* LDAP_SLAPI */
if( op->o_bd->be_bind ) {
rs->sr_err = (op->o_bd->be_bind)( op, rs );
"operation not supported within naming context" );
}
-#if defined( LDAP_SLAPI )
- if ( pb != NULL && slapi_int_call_plugins( op->o_bd, SLAPI_PLUGIN_POST_BIND_FN, pb ) < 0 ) {
+#ifdef LDAP_SLAPI
+ if ( pb != NULL &&
+ slapi_int_call_plugins( op->o_bd, SLAPI_PLUGIN_POST_BIND_FN, pb ) < 0 )
+ {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO,
"do_bind: Bind postoperation plugins failed\n",
0, 0, 0);
#endif
}
-#endif /* defined( LDAP_SLAPI ) */
+#endif /* LDAP_SLAPI */
cleanup:
if ( rs->sr_err == LDAP_SUCCESS ) {
projects / openldap / commitdiff