diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2013-06-22 16:55:08 +1000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2013-06-24 23:55:07 +0200 |
| commit | 7bf8fc7ca2321c25b9194a0a13df6a8b4e783c9e (patch) | |
| tree | 10d45a6d3263363c718c70952a40ebc52910d2ac /source4 | |
| parent | 70cb7fd214041e8ffacc98de4dbde3ecd77bba85 (diff) | |
| download | samba-7bf8fc7ca2321c25b9194a0a13df6a8b4e783c9e.tar.gz samba-7bf8fc7ca2321c25b9194a0a13df6a8b4e783c9e.tar.bz2 samba-7bf8fc7ca2321c25b9194a0a13df6a8b4e783c9e.zip | |
torture: Add tests for LDAP substring search with no strings provided
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 24 23:55:07 CEST 2013 on sn-devel-104
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/torture/ldap/basic.c | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/source4/torture/ldap/basic.c b/source4/torture/ldap/basic.c index 2d65948e42..8d964ac80e 100644 --- a/source4/torture/ldap/basic.c +++ b/source4/torture/ldap/basic.c @@ -156,6 +156,108 @@ static bool test_search_rootDSE(struct ldap_connection *conn, const char **based return ret; } +static bool test_search_rootDSE_empty_substring(struct ldap_connection *conn) +{ + bool ret = true; + struct ldap_message *msg, *result; + struct ldap_request *req; + NTSTATUS status; + + printf("Testing RootDSE Search with objectclass= substring filter\n"); + + msg = new_ldap_message(conn); + if (!msg) { + return false; + } + + msg->type = LDAP_TAG_SearchRequest; + msg->r.SearchRequest.basedn = ""; + msg->r.SearchRequest.scope = LDAP_SEARCH_SCOPE_BASE; + msg->r.SearchRequest.deref = LDAP_DEREFERENCE_NEVER; + msg->r.SearchRequest.timelimit = 0; + msg->r.SearchRequest.sizelimit = 0; + msg->r.SearchRequest.attributesonly = false; + msg->r.SearchRequest.tree = ldb_parse_tree(msg, "(objectclass=*)"); + msg->r.SearchRequest.tree->operation = LDB_OP_SUBSTRING; + msg->r.SearchRequest.tree->u.substring.attr = "objectclass"; + msg->r.SearchRequest.tree->u.substring.start_with_wildcard = 1; + msg->r.SearchRequest.tree->u.substring.end_with_wildcard = 1; + msg->r.SearchRequest.tree->u.substring.chunks = NULL; + msg->r.SearchRequest.num_attributes = 0; + msg->r.SearchRequest.attributes = NULL; + + req = ldap_request_send(conn, msg); + if (req == NULL) { + printf("Could not setup ldap search\n"); + return false; + } + + status = ldap_result_one(req, &result, LDAP_TAG_SearchResultEntry); + if (!NT_STATUS_IS_OK(status)) { + printf("looking for search result reply failed - %s\n", nt_errstr(status)); + return false; + } + + printf("received %d replies\n", req->num_replies); + + return ret; +} + +static bool test_search_auth_empty_substring(struct ldap_connection *conn, const char *basedn) +{ + bool ret = true; + struct ldap_message *msg, *result; + struct ldap_request *req; + NTSTATUS status; + struct ldap_Result *r; + + printf("Testing authenticated base Search with objectclass= substring filter\n"); + + msg = new_ldap_message(conn); + if (!msg) { + return false; + } + + msg->type = LDAP_TAG_SearchRequest; + msg->r.SearchRequest.basedn = basedn; + msg->r.SearchRequest.scope = LDAP_SEARCH_SCOPE_BASE; + msg->r.SearchRequest.deref = LDAP_DEREFERENCE_NEVER; + msg->r.SearchRequest.timelimit = 0; + msg->r.SearchRequest.sizelimit = 0; + msg->r.SearchRequest.attributesonly = false; + msg->r.SearchRequest.tree = ldb_parse_tree(msg, "(objectclass=*)"); + msg->r.SearchRequest.tree->operation = LDB_OP_SUBSTRING; + msg->r.SearchRequest.tree->u.substring.attr = "objectclass"; + msg->r.SearchRequest.tree->u.substring.start_with_wildcard = 1; + msg->r.SearchRequest.tree->u.substring.end_with_wildcard = 1; + msg->r.SearchRequest.tree->u.substring.chunks = NULL; + msg->r.SearchRequest.num_attributes = 0; + msg->r.SearchRequest.attributes = NULL; + + req = ldap_request_send(conn, msg); + if (req == NULL) { + printf("Could not setup ldap search\n"); + return false; + } + + status = ldap_result_one(req, &result, LDAP_TAG_SearchResultDone); + if (!NT_STATUS_IS_OK(status)) { + printf("looking for search result done failed - %s\n", nt_errstr(status)); + return false; + } + + printf("received %d replies\n", req->num_replies); + + r = &result->r.SearchResultDone; + + if (r->resultcode != LDAP_SUCCESS) { + printf("search result done gave error - %s\n", ldb_strerror(r->resultcode)); + return false; + } + + return ret; +} + static bool test_compare_sasl(struct ldap_connection *conn, const char *basedn) { struct ldap_message *msg, *rep; @@ -856,6 +958,10 @@ bool torture_ldap_basic(struct torture_context *torture) ret = false; } + if (!test_search_rootDSE_empty_substring(conn)) { + ret = false; + } + /* other bind tests here */ if (!test_multibind(conn, userdn, secret)) { @@ -866,6 +972,10 @@ bool torture_ldap_basic(struct torture_context *torture) ret = false; } + if (!test_search_auth_empty_substring(conn, basedn)) { + ret = false; + } + if (!test_compare_sasl(conn, basedn)) { ret = false; } |