r7771: - added ldaps and NTLMSSP testing to ldap tests

- added testing of extended search operations
(This used to be commit 2dc511b09cf1c912de140c07db64c9b151c3d23f)

2 files changed, 31 insertions, 9 deletions

diff --git a/source4/script/tests/selftest.sh b/source4/script/tests/selftest.sh
index 3b8c685de9..ca38eee320 100755
--- a/source4/script/tests/selftest.sh
+++ b/source4/script/tests/selftest.sh
@@ -87,7 +87,7 @@ START=`date`
  sleep 4
 
  failed=0
- $SRCDIR/script/tests/test_ldap.sh localhost || failed=`expr $failed + $?`
+ $SRCDIR/script/tests/test_ldap.sh localhost $USERNAME $PASSWORD || failed=`expr $failed + $?`
  $SRCDIR/script/tests/test_rpc.sh localhost $USERNAME $PASSWORD $DOMAIN $ADDARG || failed=`expr $failed + $?`
  $SRCDIR/script/tests/test_session_key.sh localhost $USERNAME $PASSWORD $DOMAIN $ADDARG || failed=`expr $failed + $?`
  $SRCDIR/script/tests/test_binding_string.sh localhost $USERNAME $PASSWORD $DOMAIN $ADDARG || failed=`expr $failed + $?`
diff --git a/source4/script/tests/test_ldap.sh b/source4/script/tests/test_ldap.sh
index 1c79335b57..119c551acf 100755
--- a/source4/script/tests/test_ldap.sh
+++ b/source4/script/tests/test_ldap.sh
@@ -1,28 +1,50 @@
 #!/bin/sh
 # test some simple LDAP and CLDAP operations
 
-if [ $# -lt 1 ]; then
+if [ $# -lt 3 ]; then
 cat <<EOF
-Usage: test_ldap.sh SERVER
+Usage: test_ldap.sh SERVER USERNAME PASSWORD
 EOF
 exit 1;
 fi
 
+# see if we support ldaps
+if grep HAVE_LIBGNUTLS.1 include/config.h > /dev/null; then
+    PROTOCOLS="ldap ldaps"
+else
+    PROTOCOLS="ldap"
+fi
+
 SERVER="$1"
+USERNAME="$2"
+PASSWORD="$3"
 
 incdir=`dirname $0`
 . $incdir/test_functions.sh
 
-testit "RootDSE" bin/ldbsearch $CONFIGURATION --basedn='' -H ldap://$SERVER -s base DUMMY=x dnsHostName highestCommittedUSN || failed=`expr $failed + 1`
+for p in $PROTOCOLS; do
+ for options in "" "-U$USERNAME%$PASSWORD"; do
+    echo "TESTING PROTOCOL $p with options $options"
 
-echo "Getting defaultNamingContext"
-BASEDN=`bin/ldbsearch -b '' -H ldap://$SERVER -s base DUMMY=x defaultNamingContext | grep ^defaultNamingContext | awk '{print $2}'`
-echo "BASEDN is $BASEDN"
+    testit "RootDSE" bin/ldbsearch $CONFIGURATION --basedn='' -H $p://$SERVER -s base DUMMY=x dnsHostName highestCommittedUSN || failed=`expr $failed + 1`
 
+    echo "Getting defaultNamingContext"
+    BASEDN=`bin/ldbsearch -b '' -H $p://$SERVER -s base DUMMY=x defaultNamingContext | grep ^defaultNamingContext | awk '{print $2}'`
+    echo "BASEDN is $BASEDN"
 
-testit "Listing Users" bin/ldbsearch $CONFIGURATION -H ldap://$SERVER -b "$BASEDN" '(objectclass=user)' sAMAccountName || failed=`expr $failed + 1`
+    testit "Listing Users" bin/ldbsearch $CONFIGURATION -H $p://$SERVER '(objectclass=user)' sAMAccountName || failed=`expr $failed + 1`
 
-testit "Listing Groups" bin/ldbsearch $CONFIGURATION -H ldap://$SERVER -b "$BASEDN" '(objectclass=group)' sAMAccountName || failed=`expr $failed + 1`
+    testit "Listing Groups" bin/ldbsearch $CONFIGURATION -H $p://$SERVER '(objectclass=group)' sAMAccountName || failed=`expr $failed + 1`
+
+    nusers=`bin/ldbsearch -H $p://$SERVER $CONFIGURATION '(|(|(&(!(groupType:1.2.840.113556.1.4.803:=1))(groupType:1.2.840.113556.1.4.803:=2147483648)(groupType:1.2.840.113556.1.4.804:=10))(samAccountType=805306368))(samAccountType=805306369))' sAMAccountName | grep ^sAMAccountName | wc -l`
+    echo "Found $nusers users"
+    if [ $nusers -lt 10 ]; then
+	echo "Should have found at least 10 users"
+	failed=`expr $failed + 1`
+    fi
+done
+done
 
 testit "CLDAP" bin/smbtorture $TORTURE_OPTIONS //$SERVER/_none_ LDAP-CLDAP || failed=`expr $failed + 1`
 
+