summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/torture/ldap/basic.c31
-rw-r--r--source4/torture/ldap/common.c29
-rw-r--r--source4/torture/torture.c45
3 files changed, 98 insertions, 7 deletions
diff --git a/source4/torture/ldap/basic.c b/source4/torture/ldap/basic.c
index 2227d70421..a9ab023d9d 100644
--- a/source4/torture/ldap/basic.c
+++ b/source4/torture/ldap/basic.c
@@ -1,6 +1,28 @@
#include "includes.h"
+BOOL test_multibind(struct ldap_connection *conn, TALLOC_CTX *mem_ctx, const char *userdn, const char *password)
+{
+ NTSTATUS status;
+ BOOL ret = True;
+
+ printf("\nTesting multiple binds on a single connnection as anonymous and user\n");
+
+ status = torture_ldap_bind(conn, userdn, password);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("1st bind as user over an anonymous bind failed\n");
+ return False;
+ }
+
+ status = torture_ldap_bind(conn, NULL, NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("2nd bind as anonymous over an authenticated bind failed\n");
+ return False;
+ }
+
+ return ret;
+}
+
BOOL torture_ldap_basic(int dummy)
{
NTSTATUS status;
@@ -8,20 +30,25 @@ BOOL torture_ldap_basic(int dummy)
TALLOC_CTX *mem_ctx;
BOOL ret = True;
const char *host = lp_parm_string(-1, "torture", "host");
+ const char *userdn = lp_parm_string(-1, "torture", "ldap_userdn");
+ const char *basedn = lp_parm_string(-1, "torture", "ldap_basedn");
+ const char *secret = lp_parm_string(-1, "torture", "ldap_secret");
char *url;
mem_ctx = talloc_init("torture_ldap_basic");
url = talloc_asprintf(mem_ctx, "ldap://%s/", host);
- status = torture_ldap_connection(&conn, url);
+ status = torture_ldap_connection(&conn, url, NULL, NULL);
if (!NT_STATUS_IS_OK(status)) {
return False;
}
/* other basic tests here */
- /* --- nothing yet :-) --- */
+ if (!test_multibind(conn, mem_ctx, userdn, secret)) {
+ ret = False;
+ }
/* no more test we are closing */
diff --git a/source4/torture/ldap/common.c b/source4/torture/ldap/common.c
index 7d8dcbe4da..7a3d8e48be 100644
--- a/source4/torture/ldap/common.c
+++ b/source4/torture/ldap/common.c
@@ -1,9 +1,30 @@
#include "includes.h"
+NTSTATUS torture_ldap_bind(struct ldap_connection *conn, const char *userdn, const char *password)
+{
+ NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+ struct ldap_message *response;
+
+ if (!conn) {
+ printf("We need a valid ldap_connection structure and be connected\n");
+ return status;
+ }
+
+ response = ldap_bind_simple(conn, userdn, password);
+ if (!response || (response->r.BindResponse.response.resultcode != 0)) {
+ printf("Failed to bind with provided credentials\n");
+ /* FIXME: what abut actually implementing an ldap_connection_free() function ?
+ :-) sss */
+ destroy_ldap_message(response);
+ return status;
+ }
+
+ return NT_STATUS_OK;
+}
+
/* open a ldap connection to a server */
-/* TODO: Add support to pass over credentials */
NTSTATUS torture_ldap_connection(struct ldap_connection **conn,
- const char *url)
+ const char *url, const char *userdn, const char *password)
{
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
BOOL ret;
@@ -19,9 +40,9 @@ NTSTATUS torture_ldap_connection(struct ldap_connection **conn,
return status;
}
- ret = ldap_setup_connection(*conn, url);
+ ret = ldap_setup_connection(*conn, url, userdn, password);
if (!ret) {
- printf("Failed to connect with url [%s]", url);
+ printf("Failed to connect with url [%s]\n", url);
/* FIXME: what abut actually implementing an ldap_connection_free() function ?
:-) sss */
return status;
diff --git a/source4/torture/torture.c b/source4/torture/torture.c
index 6048d7c76d..c36ebde3cc 100644
--- a/source4/torture/torture.c
+++ b/source4/torture/torture.c
@@ -4300,6 +4300,46 @@ static void parse_user(const char *user)
}
}
+static void parse_dns(const char *dns)
+{
+ char *userdn, *basedn, *secret;
+ char *p, *d;
+
+ /* retrievieng the userdn */
+ p = strchr_m(dns, '#');
+ if (!p) {
+ lp_set_cmdline("torture:ldap_userdn", "");
+ lp_set_cmdline("torture:ldap_basedn", "");
+ lp_set_cmdline("torture:ldap_secret", "");
+ return;
+ }
+ userdn = strndup(dns, p - dns);
+ lp_set_cmdline("torture:ldap_userdn", userdn);
+
+ /* retrieve the basedn */
+ d = p + 1;
+ p = strchr_m(d, '#');
+ if (!p) {
+ lp_set_cmdline("torture:ldap_basedn", "");
+ lp_set_cmdline("torture:ldap_secret", "");
+ return;
+ }
+ basedn = strndup(d, p - d);
+ lp_set_cmdline("torture:ldap_basedn", basedn);
+
+ /* retrieve the secret */
+ p = p + 1;
+ if (!p) {
+ lp_set_cmdline("torture:ldap_secret", "");
+ return;
+ }
+ secret = strdup(p);
+ lp_set_cmdline("torture:ldap_secret", secret);
+
+ printf ("%s - %s - %s\n", userdn, basedn, secret);
+
+}
+
static void usage(void)
{
int i;
@@ -4393,7 +4433,7 @@ static void usage(void)
srandom(time(NULL));
- while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:e:m:Ld:Ac:ks:f:s:t:C:X")) != EOF) {
+ while ((opt = getopt(argc, argv, "p:hW:D:U:n:N:O:o:e:m:Ld:Ac:ks:f:s:t:C:X")) != EOF) {
switch (opt) {
case 'p':
lp_set_cmdline("smb ports", optarg);
@@ -4452,6 +4492,9 @@ static void usage(void)
case 'U':
parse_user(optarg);
break;
+ case 'D':
+ parse_dns(optarg);
+ break;
case 'f':
torture_failures = atoi(optarg);
break;