|
|
|
|
@ -38,6 +38,7 @@
|
|
|
|
|
#include <krfcdate.h>
|
|
|
|
|
|
|
|
|
|
#include <ldap.h>
|
|
|
|
|
#include <sasl/sasl.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <sys/time.h>
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
@ -161,9 +162,11 @@ TQString ldapLikelyErrorCause(int errcode, int location) {
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int sasl_bind_interact_callback(LDAP* ld, unsigned flags, void* defaults, void* sasl_interact) {
|
|
|
|
|
int sasl_bind_interact_callback(LDAP* ld, unsigned flags, void* defaults, void* sasl_interaction_struct) {
|
|
|
|
|
// FIXME
|
|
|
|
|
// This currently does nothing and hopes for the best!
|
|
|
|
|
// sasl_interact* sasl_struct = (sasl_interact*)sasl_interaction_struct;
|
|
|
|
|
|
|
|
|
|
return LDAP_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -310,7 +313,36 @@ int LDAPManager::bind(TQString* errstr) {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (m_creds->use_gssapi) {
|
|
|
|
|
retcode = ldap_sasl_interactive_bind_s(m_ldap, "", "GSSAPI", NULL, NULL, LDAP_SASL_AUTOMATIC, sasl_bind_interact_callback, NULL);
|
|
|
|
|
//retcode = ldap_sasl_interactive_bind_s(m_ldap, "", "GSSAPI", NULL, NULL, LDAP_SASL_AUTOMATIC, sasl_bind_interact_callback, NULL);
|
|
|
|
|
const char* rmech = NULL;
|
|
|
|
|
LDAPMessage* result = NULL;
|
|
|
|
|
int msgid;
|
|
|
|
|
retcode = LDAP_SASL_BIND_IN_PROGRESS;
|
|
|
|
|
while (retcode == LDAP_SASL_BIND_IN_PROGRESS) {
|
|
|
|
|
retcode = ldap_sasl_interactive_bind(m_ldap, "", "GSSAPI", NULL, NULL, LDAP_SASL_AUTOMATIC, sasl_bind_interact_callback, NULL, result, &rmech, &msgid);
|
|
|
|
|
ldap_msgfree(result);
|
|
|
|
|
|
|
|
|
|
if (retcode != LDAP_SASL_BIND_IN_PROGRESS) {
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((ldap_result(m_ldap, msgid, LDAP_MSG_ALL, NULL, &result) == -1) || (!result)) {
|
|
|
|
|
retcode = LDAP_INVALID_CREDENTIALS;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (retcode == LDAP_SUCCESS) {
|
|
|
|
|
if (m_creds->username == "") {
|
|
|
|
|
char* sasluser;
|
|
|
|
|
ldap_get_option(m_ldap, LDAP_OPT_X_SASL_USERNAME, &sasluser);
|
|
|
|
|
if (sasluser) {
|
|
|
|
|
TQStringList principalParts = TQStringList::split("@", TQString(sasluser), false);
|
|
|
|
|
m_creds->username = principalParts[0];
|
|
|
|
|
m_creds->realm = principalParts[1];
|
|
|
|
|
ldap_memfree(sasluser);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
retcode = ldap_sasl_bind_s(m_ldap, ldap_dn.ascii(), mechanism, &cred, NULL, NULL, NULL);
|
|
|
|
|
|
Timothy Pearson
11 years ago