summaryrefslogtreecommitdiff
path: root/source4/torture/ldap
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2004-08-13 05:26:38 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:57:58 -0500
commit01b58ebf83eca8b3909f3ba5becd6615bb89039f (patch)
treeae9bd43ee93b58fc001257fecbafb560fe6c15c1 /source4/torture/ldap
parent74a66a13ade376114ef308c643d49d5503f02c3b (diff)
downloadsamba-01b58ebf83eca8b3909f3ba5becd6615bb89039f.tar.gz
samba-01b58ebf83eca8b3909f3ba5becd6615bb89039f.tar.bz2
samba-01b58ebf83eca8b3909f3ba5becd6615bb89039f.zip
r1802: start to support SASL in our ldap libraries
does not work yet but we are close currently we send the right data on wire and fail to decode the answer (This used to be commit 10baf585821bf1f10a3786045a0965000cdffd12)
Diffstat (limited to 'source4/torture/ldap')
-rw-r--r--source4/torture/ldap/basic.c51
-rw-r--r--source4/torture/ldap/common.c28
2 files changed, 65 insertions, 14 deletions
diff --git a/source4/torture/ldap/basic.c b/source4/torture/ldap/basic.c
index a9ab023d9d..ac11a3342a 100644
--- a/source4/torture/ldap/basic.c
+++ b/source4/torture/ldap/basic.c
@@ -1,23 +1,47 @@
#include "includes.h"
-BOOL test_multibind(struct ldap_connection *conn, TALLOC_CTX *mem_ctx, const char *userdn, const char *password)
+BOOL test_bind_simple(struct ldap_connection *conn, const char *userdn, const char *password)
{
NTSTATUS status;
BOOL ret = True;
- printf("\nTesting multiple binds on a single connnection as anonymous and user\n");
-
status = torture_ldap_bind(conn, userdn, password);
if (!NT_STATUS_IS_OK(status)) {
- printf("1st bind as user over an anonymous bind failed\n");
- return False;
+ ret = False;
}
- status = torture_ldap_bind(conn, NULL, NULL);
+ return ret;
+}
+
+BOOL test_bind_sasl(struct ldap_connection *conn, const char *username, const char *domain, const char *password)
+{
+ NTSTATUS status;
+ BOOL ret = True;
+
+ status = torture_ldap_bind_sasl(conn, username, domain, password);
if (!NT_STATUS_IS_OK(status)) {
- printf("2nd bind as anonymous over an authenticated bind failed\n");
- return False;
+ ret = False;
+ }
+
+ return ret;
+}
+
+BOOL test_multibind(struct ldap_connection *conn, const char *userdn, const char *password)
+{
+ BOOL ret = True;
+
+ printf("\nTesting multiple binds on a single connnection as anonymous and user\n");
+
+ ret = test_bind_simple(conn, NULL, NULL);
+ if (!ret) {
+ printf("1st bind as anonymous failed\n");
+ return ret;
+ }
+
+ ret = test_bind_simple(conn, userdn, password);
+ if (!ret) {
+ printf("2nd bind as authenticated user failed\n");
}
return ret;
@@ -30,6 +54,9 @@ BOOL torture_ldap_basic(int dummy)
TALLOC_CTX *mem_ctx;
BOOL ret = True;
const char *host = lp_parm_string(-1, "torture", "host");
+ const char *username = lp_parm_string(-1, "torture", "username");
+ const char *domain = lp_workgroup();
+ const char *password = lp_parm_string(-1, "torture", "password");
const char *userdn = lp_parm_string(-1, "torture", "ldap_userdn");
const char *basedn = lp_parm_string(-1, "torture", "ldap_basedn");
const char *secret = lp_parm_string(-1, "torture", "ldap_secret");
@@ -39,14 +66,18 @@ BOOL torture_ldap_basic(int dummy)
url = talloc_asprintf(mem_ctx, "ldap://%s/", host);
- status = torture_ldap_connection(&conn, url, NULL, NULL);
+ status = torture_ldap_connection(&conn, url, userdn, secret);
if (!NT_STATUS_IS_OK(status)) {
return False;
}
/* other basic tests here */
- if (!test_multibind(conn, mem_ctx, userdn, secret)) {
+ if (!test_multibind(conn, userdn, secret)) {
+ ret = False;
+ }
+
+ if (!test_bind_sasl(conn, username, domain, password)) {
ret = False;
}
diff --git a/source4/torture/ldap/common.c b/source4/torture/ldap/common.c
index 7a3d8e48be..ee3199bccd 100644
--- a/source4/torture/ldap/common.c
+++ b/source4/torture/ldap/common.c
@@ -3,19 +3,39 @@
NTSTATUS torture_ldap_bind(struct ldap_connection *conn, const char *userdn, const char *password)
{
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
- struct ldap_message *response;
+ int result;
if (!conn) {
printf("We need a valid ldap_connection structure and be connected\n");
return status;
}
- response = ldap_bind_simple(conn, userdn, password);
- if (!response || (response->r.BindResponse.response.resultcode != 0)) {
+ result = ldap_bind_simple(conn, userdn, password);
+ if (result != LDAP_SUCCESS) {
printf("Failed to bind with provided credentials\n");
/* FIXME: what abut actually implementing an ldap_connection_free() function ?
:-) sss */
- destroy_ldap_message(response);
+ return status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS torture_ldap_bind_sasl(struct ldap_connection *conn, const char *username, const char *domain, const char *password)
+{
+ NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+ int result;
+
+ if (!conn) {
+ printf("We need a valid ldap_connection structure and be connected\n");
+ return status;
+ }
+
+ result = ldap_bind_sasl(conn, username, domain, password);
+ if (result != LDAP_SUCCESS) {
+ printf("Failed to bind with provided credentialsi and SASL mechanism\n");
+ /* FIXME: what abut actually implementing an ldap_connection_free() function ?
+ :-) sss */
return status;
}