#include "LDAPCheck.h" int LDAPCheck( char *host, char *port, char *bind_dn, char *bind_pw, bool TLS) { int requested_version = LDAP_VERSION3; LDAP *ld; int rc; int portnumber = atoi( port ); //Get a handle to an LDAP connection. if( ( ld = ldap_init(host, portnumber ) ) == NULL ) { return( -1 ); } ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &requested_version ); // If appropriate, switch to a secure connection if (TLS == true) { #ifdef WIN32 rc = ldap_start_tls_s( ld, NULL, NULL, NULL, NULL); #else rc = ldap_start_tls_s( ld, NULL, NULL); #endif // TODO: test this if ( rc != LDAP_SUCCESS ) { //Bad credentials error returned from both bad passwd and bad dn return 1; } } /* bind */ rc = ldap_simple_bind_s( ld, bind_dn, bind_pw); /* check result, report errors */ if ( rc != LDAP_SUCCESS ) { //Bad credentials error returned from both bad passwd and bad dn return 1; } /* bind worked - user password verified */ ldap_unbind_s( ld ); return 0; }
# | Change | User | Description | Committed | |
---|---|---|---|---|---|
#1 | 7332 | Nick Poole |
Preliminary version of AuthCheck A multi-stage authentication application for use as an authentication trigger. Currently only tested against an LDAP server without TLS and against a flat file with plain-text passwords. (Under Windows XP). ToDo: Test against TLS enabled LDAP. Test against AD's LDAP interface. Test build on *nix. Add MD5 hashed flat file mode. Add DB modes (SQLite, MySQL, etc). |