diff options
-rw-r--r-- | source4/torture/ldap/basic.c | 31 | ||||
-rw-r--r-- | source4/torture/ldap/common.c | 29 | ||||
-rw-r--r-- | source4/torture/torture.c | 45 |
3 files changed, 98 insertions, 7 deletions
diff --git a/source4/torture/ldap/basic.c b/source4/torture/ldap/basic.c index 2227d70421..a9ab023d9d 100644 --- a/source4/torture/ldap/basic.c +++ b/source4/torture/ldap/basic.c @@ -1,6 +1,28 @@ #include "includes.h" +BOOL test_multibind(struct ldap_connection *conn, TALLOC_CTX *mem_ctx, const char *userdn, const char *password) +{ + NTSTATUS status; + BOOL ret = True; + + printf("\nTesting multiple binds on a single connnection as anonymous and user\n"); + + status = torture_ldap_bind(conn, userdn, password); + if (!NT_STATUS_IS_OK(status)) { + printf("1st bind as user over an anonymous bind failed\n"); + return False; + } + + status = torture_ldap_bind(conn, NULL, NULL); + if (!NT_STATUS_IS_OK(status)) { + printf("2nd bind as anonymous over an authenticated bind failed\n"); + return False; + } + + return ret; +} + BOOL torture_ldap_basic(int dummy) { NTSTATUS status; @@ -8,20 +30,25 @@ BOOL torture_ldap_basic(int dummy) TALLOC_CTX *mem_ctx; BOOL ret = True; const char *host = lp_parm_string(-1, "torture", "host"); + const char *userdn = lp_parm_string(-1, "torture", "ldap_userdn"); + const char *basedn = lp_parm_string(-1, "torture", "ldap_basedn"); + const char *secret = lp_parm_string(-1, "torture", "ldap_secret"); char *url; mem_ctx = talloc_init("torture_ldap_basic"); url = talloc_asprintf(mem_ctx, "ldap://%s/", host); - status = torture_ldap_connection(&conn, url); + status = torture_ldap_connection(&conn, url, NULL, NULL); if (!NT_STATUS_IS_OK(status)) { return False; } /* other basic tests here */ - /* --- nothing yet :-) --- */ + if (!test_multibind(conn, mem_ctx, userdn, secret)) { + ret = False; + } /* no more test we are closing */ diff --git a/source4/torture/ldap/common.c b/source4/torture/ldap/common.c index 7d8dcbe4da..7a3d8e48be 100644 --- a/source4/torture/ldap/common.c +++ b/source4/torture/ldap/common.c @@ -1,9 +1,30 @@ #include "includes.h" +NTSTATUS torture_ldap_bind(struct ldap_connection *conn, const char *userdn, const char *password) +{ + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + struct ldap_message *response; + + if (!conn) { + printf("We need a valid ldap_connection structure and be connected\n"); + return status; + } + + response = ldap_bind_simple(conn, userdn, password); + if (!response || (response->r.BindResponse.response.resultcode != 0)) { + printf("Failed to bind with provided credentials\n"); + /* FIXME: what abut actually implementing an ldap_connection_free() function ? + :-) sss */ + destroy_ldap_message(response); + return status; + } + + return NT_STATUS_OK; +} + /* open a ldap connection to a server */ -/* TODO: Add support to pass over credentials */ NTSTATUS torture_ldap_connection(struct ldap_connection **conn, - const char *url) + const char *url, const char *userdn, const char *password) { NTSTATUS status = NT_STATUS_UNSUCCESSFUL; BOOL ret; @@ -19,9 +40,9 @@ NTSTATUS torture_ldap_connection(struct ldap_connection **conn, return status; } - ret = ldap_setup_connection(*conn, url); + ret = ldap_setup_connection(*conn, url, userdn, password); if (!ret) { - printf("Failed to connect with url [%s]", url); + printf("Failed to connect with url [%s]\n", url); /* FIXME: what abut actually implementing an ldap_connection_free() function ? :-) sss */ return status; diff --git a/source4/torture/torture.c b/source4/torture/torture.c index 6048d7c76d..c36ebde3cc 100644 --- a/source4/torture/torture.c +++ b/source4/torture/torture.c @@ -4300,6 +4300,46 @@ static void parse_user(const char *user) } } +static void parse_dns(const char *dns) +{ + char *userdn, *basedn, *secret; + char *p, *d; + + /* retrievieng the userdn */ + p = strchr_m(dns, '#'); + if (!p) { + lp_set_cmdline("torture:ldap_userdn", ""); + lp_set_cmdline("torture:ldap_basedn", ""); + lp_set_cmdline("torture:ldap_secret", ""); + return; + } + userdn = strndup(dns, p - dns); + lp_set_cmdline("torture:ldap_userdn", userdn); + + /* retrieve the basedn */ + d = p + 1; + p = strchr_m(d, '#'); + if (!p) { + lp_set_cmdline("torture:ldap_basedn", ""); + lp_set_cmdline("torture:ldap_secret", ""); + return; + } + basedn = strndup(d, p - d); + lp_set_cmdline("torture:ldap_basedn", basedn); + + /* retrieve the secret */ + p = p + 1; + if (!p) { + lp_set_cmdline("torture:ldap_secret", ""); + return; + } + secret = strdup(p); + lp_set_cmdline("torture:ldap_secret", secret); + + printf ("%s - %s - %s\n", userdn, basedn, secret); + +} + static void usage(void) { int i; @@ -4393,7 +4433,7 @@ static void usage(void) srandom(time(NULL)); - while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:e:m:Ld:Ac:ks:f:s:t:C:X")) != EOF) { + while ((opt = getopt(argc, argv, "p:hW:D:U:n:N:O:o:e:m:Ld:Ac:ks:f:s:t:C:X")) != EOF) { switch (opt) { case 'p': lp_set_cmdline("smb ports", optarg); @@ -4452,6 +4492,9 @@ static void usage(void) case 'U': parse_user(optarg); break; + case 'D': + parse_dns(optarg); + break; case 'f': torture_failures = atoi(optarg); break; |