p4authenticate.c #1 

/* This is an example of an 'auth-check' trigger used by Perforce (2005.2) 
** to authenticate a user against an LDAP server.
**
** This example uses TLS to encrypt the password verification and
** has been tested against openldap (open directory) on Mac OSX Tiger.
**
** The password is sent to this triggers <stdin> with an argument list of
** host (hostname of ldap server), port (port of ldap server), dn 
**
** e.g. ldap.mycompany.com 389 uid=joeb,cn=users,dc=mycompany,dc=com
**
** The Perforce trigger definition would looks something like this:-
**
** example auth-check auth /scripts/checkpass localhost 389 uid=%user%,cn
** =users,dc=wombat,dc=perforce,dc=com"
*/

#include <stdio.h>
#include "ldap.h"

#define AUTH_METHOD LDAP_AUTH_SIMPLE
int requested_version = LDAP_VERSION3;

int main(int argc, char **argv);

main(int argc, char **argv)
{
char oldPassword[128];

    if( argc != 4 )
    {
        printf( "wrong number of arguments!\n" );
        exit( -1 );
    }

    /* read the password from <stdin> and truncate the newline */

    if( fgets( oldPassword, 128, stdin ) == NULL )
    {
        printf( "Didn't receive old password!\n" );
        exit( -1 );
    }

    oldPassword[ strlen(oldPassword) - 1 ] = '\0';

    return( authCheck( argv[1], argv[2], argv[3], oldPassword ) );
}

int 
authCheck( char *host, char *port, char *bind_dn, char *bind_pw )
{
LDAP *ld;
int rc;
int portnumber = atoi( port );

    /* Get a handle to an LDAP connection. */

    if( ( ld = ldap_init( host, portnumber ) ) == NULL ) 
    {
        printf( "Can't initialize %s : %d\n" , host, portnumber );
        return( -1 );
    }

    ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &requested_version );

    /* Switch to a secure connection */

    rc = ldap_start_tls_s( ld, NULL, NULL ); 

    if ( rc != LDAP_SUCCESS ) 
    {
        printf( "can't initialize tls\n" );
        return( -1 );
    }

    /* bind */

    rc = ldap_bind_s( ld, bind_dn, bind_pw, AUTH_METHOD );

    /* check result, report errors */

    if ( rc != LDAP_SUCCESS ) 
    {
        printf( "password incorrect\n" );
        return( -1 );
    }

    /* bind worked - user password verified */

    ldap_unbind( ld );
    return( 0 );
}
# Change User Description Committed
#1 5974 Ashish Melanta Pulling in the Perforce utils into my guest branch
//guest/perforce_software/triggers/p4authenticate.c
#1 5202 michael Authentication trigger examples for 2005.2.
Updated index page to follow.