r15530: added testing of generic CLDAP requests, looking at the rootDSE. Jerry

has found that w2k3 does respond to rootDSE cldap requests. This test
shows that it does indeed work, but the expression handling is not
what you would expect
(This used to be commit 388e98e77cfd1603156ea431877e40ac886d9c08)

1 files changed, 91 insertions, 5 deletions

diff --git a/source4/torture/ldap/cldap.c b/source4/torture/ldap/cldap.c
index 86c261a3b0..78bc6063a5 100644
--- a/source4/torture/ldap/cldap.c
+++ b/source4/torture/ldap/cldap.c
@@ -23,8 +23,10 @@
 
 #include "includes.h"
 #include "libcli/cldap/cldap.h"
+#include "libcli/ldap/ldap.h"
 #include "librpc/gen_ndr/ndr_nbt.h"
 #include "torture/torture.h"
+#include "lib/ldb/include/ldb.h"
 
 #define CHECK_STATUS(status, correct) do { \
 	if (!NT_STATUS_EQUAL(status, correct)) { \
@@ -33,11 +35,6 @@
 		ret = False; \
 		goto done; \
 	} \
-	if (DEBUGLVL(10)) { \
-		NDR_PRINT_UNION_DEBUG(nbt_cldap_netlogon, \
-				      search.in.version & 0xF, \
-				      &search.out.netlogon); \
-	} \
 } while (0)
 
 /*
@@ -165,6 +162,92 @@ done:
 	return ret;	
 }
 
+/*
+  convert a ldap result message to a ldb message. This allows us to
+  use the convenient ldif dump routines in ldb to print out cldap
+  search results
+*/
+static struct ldb_message *ldap_msg_to_ldb(TALLOC_CTX *mem_ctx, struct ldap_SearchResEntry *res)
+{
+	struct ldb_message *msg;
+
+	msg = ldb_msg_new(mem_ctx);
+	msg->dn = ldb_dn_explode_or_special(msg, res->dn);
+	msg->num_elements = res->num_attributes;
+	msg->elements = talloc_steal(msg, res->attributes);
+	return msg;
+}
+
+/*
+  dump a set of cldap results
+*/
+static void cldap_dump_results(struct cldap_search *search)
+{
+	struct ldb_ldif ldif;
+	struct ldb_context *ldb;
+
+	/* we need a ldb context to use ldb_ldif_write_file() */
+	ldb = ldb_init(NULL);
+
+	ZERO_STRUCT(ldif);
+	ldif.msg = ldap_msg_to_ldb(ldb, search->out.response);
+
+	ldb_ldif_write_file(ldb, stdout, &ldif);
+
+	talloc_free(ldb);
+}
+
+/*
+  test generic cldap operations
+*/
+static BOOL test_cldap_generic(TALLOC_CTX *mem_ctx, const char *dest)
+{
+	struct cldap_socket *cldap = cldap_socket_init(mem_ctx, NULL);
+	NTSTATUS status;
+	struct cldap_search search;
+	BOOL ret = True;
+	const char *attrs[] = { "currentTime", "highestCommittedUSN", NULL };
+
+	ZERO_STRUCT(search);
+	search.in.dest_address = dest;
+	search.in.timeout = 10;
+	search.in.retries = 3;
+
+	status = cldap_search(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_OK);
+
+	printf("fetching whole rootDSE\n");
+	search.in.filter = "(objectclass=*)";
+	search.in.attributes = NULL;
+
+	status = cldap_search(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_OK);
+
+	if (DEBUGLVL(3)) cldap_dump_results(&search);
+
+	printf("fetching currentTime and USN\n");
+	search.in.filter = "(objectclass=*)";
+	search.in.attributes = attrs;
+
+	status = cldap_search(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_OK);
+	
+	if (DEBUGLVL(3)) cldap_dump_results(&search);
+
+	printf("Testing a false expression\n");
+	search.in.filter = "(&(objectclass=*)(highestCommittedUSN=2))";
+	search.in.attributes = attrs;
+
+	status = cldap_search(cldap, mem_ctx, &search);
+	CHECK_STATUS(status, NT_STATUS_OK);
+	
+	if (DEBUGLVL(3)) cldap_dump_results(&search);
+	
+
+done:
+	return ret;	
+}
+
 BOOL torture_cldap(struct torture_context *torture)
 {
 	TALLOC_CTX *mem_ctx;
@@ -175,6 +258,9 @@ BOOL torture_cldap(struct torture_context *torture)
 
 	ret &= test_cldap_netlogon(mem_ctx, host);
 
+	/* at the moment don't consider this failing to be a failure */
+	test_cldap_generic(mem_ctx, host);
+
 	talloc_free(mem_ctx);
 
 	return ret;