From bab977dad76e9204278c7afe0bb905cda064f488 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 16 Jun 2005 05:39:40 +0000 Subject: r7626: a new ldap client library. Main features are: - hooked into events system, so requests can be truly async and won't interfere with other processing happening at the same time - uses NTSTATUS codes for errors (previously errors were mostly ignored). In a similar fashion to the DOS error handling, I have reserved a range of the NTSTATUS code 32 bit space for LDAP error codes, so a function can return a LDAP error code in a NTSTATUS - much cleaner packet handling (This used to be commit 2e3c660b2fc20e046d82bf1cc296422b6e7dfad0) --- source4/torture/ldap/basic.c | 103 ++++++++++++++++++++++-------------------- source4/torture/ldap/common.c | 71 +++++++++++------------------ 2 files changed, 81 insertions(+), 93 deletions(-) (limited to 'source4/torture/ldap') diff --git a/source4/torture/ldap/basic.c b/source4/torture/ldap/basic.c index 97837d9ba8..69b9017d8a 100644 --- a/source4/torture/ldap/basic.c +++ b/source4/torture/ldap/basic.c @@ -24,6 +24,7 @@ #include "includes.h" #include "lib/ldb/include/ldb.h" #include "libcli/ldap/ldap.h" +#include "libcli/ldap/ldap_client.h" #include "lib/cmdline/popt_common.h" static BOOL test_bind_simple(struct ldap_connection *conn, const char *userdn, const char *password) @@ -78,12 +79,14 @@ static BOOL test_search_rootDSE(struct ldap_connection *conn, char **basedn) { BOOL ret = True; struct ldap_message *msg, *result; + struct ldap_request *req; + int i; + struct ldap_SearchResEntry *r; + NTSTATUS status; printf("Testing RootDSE Search\n"); *basedn = NULL; - conn->searchid = 0; - conn->next_msgid = 30; msg = new_ldap_message(conn); if (!msg) { @@ -101,45 +104,50 @@ static BOOL test_search_rootDSE(struct ldap_connection *conn, char **basedn) msg->r.SearchRequest.num_attributes = 0; msg->r.SearchRequest.attributes = NULL; - if (!ldap_setsearchent(conn, msg, NULL)) { - printf("Could not setsearchent\n"); + req = ldap_request_send(conn, msg); + if (req == NULL) { + printf("Could not setup ldap search\n"); + return False; + } + + status = ldap_result_one(req, &result, LDAP_TAG_SearchResultEntry); + if (!NT_STATUS_IS_OK(status)) { + printf("search failed - %s\n", nt_errstr(status)); return False; } - result = ldap_getsearchent(conn, NULL); - if (result) { - int i; - struct ldap_SearchResEntry *r = &result->r.SearchResultEntry; + printf("received %d replies\n", req->num_replies); + + r = &result->r.SearchResultEntry; - DEBUG(1,("\tdn: %s\n", r->dn)); - for (i=0; inum_attributes; i++) { - int j; - for (j=0; jattributes[i].num_values; j++) { - DEBUG(1,("\t%s: %d %.*s\n", r->attributes[i].name, - r->attributes[i].values[j].length, - r->attributes[i].values[j].length, - (char *)r->attributes[i].values[j].data)); - if (!(*basedn) && - strcasecmp("defaultNamingContext",r->attributes[i].name)==0) { - *basedn = talloc_asprintf(conn, "%.*s", - r->attributes[i].values[j].length, - (char *)r->attributes[i].values[j].data); - } + DEBUG(1,("\tdn: %s\n", r->dn)); + for (i=0; inum_attributes; i++) { + int j; + for (j=0; jattributes[i].num_values; j++) { + DEBUG(1,("\t%s: %d %.*s\n", r->attributes[i].name, + r->attributes[i].values[j].length, + r->attributes[i].values[j].length, + (char *)r->attributes[i].values[j].data)); + if (!(*basedn) && + strcasecmp("defaultNamingContext",r->attributes[i].name)==0) { + *basedn = talloc_asprintf(conn, "%.*s", + r->attributes[i].values[j].length, + (char *)r->attributes[i].values[j].data); } } - } else { - ret = False; } - ldap_endsearchent(conn, NULL); + talloc_free(req); return ret; } static BOOL test_compare_sasl(struct ldap_connection *conn, const char *basedn) { - struct ldap_message *req, *rep; + struct ldap_message *msg, *rep; + struct ldap_request *req; const char *val; + NTSTATUS status; printf("Testing SASL Compare: %s\n", basedn); @@ -147,21 +155,25 @@ static BOOL test_compare_sasl(struct ldap_connection *conn, const char *basedn) return False; } - conn->next_msgid = 55; - - req = new_ldap_message(conn); - if (!req) { + msg = new_ldap_message(conn); + if (!msg) { return False; } - req->type = LDAP_TAG_CompareRequest; - req->r.CompareRequest.dn = basedn; - req->r.CompareRequest.attribute = talloc_strdup(req, "objectClass"); + msg->type = LDAP_TAG_CompareRequest; + msg->r.CompareRequest.dn = basedn; + msg->r.CompareRequest.attribute = talloc_strdup(msg, "objectClass"); val = "domain"; - req->r.CompareRequest.value = data_blob_talloc(req, val, strlen(val)); + msg->r.CompareRequest.value = data_blob_talloc(msg, val, strlen(val)); + + req = ldap_request_send(conn, msg); + if (!req) { + return False; + } - rep = ldap_transaction(conn, req); - if (!rep) { + status = ldap_result_one(req, &rep, LDAP_TAG_CompareResponse); + if (!NT_STATUS_IS_OK(status)) { + printf("error in ldap compare request - %s\n", nt_errstr(status)); return False; } @@ -171,13 +183,10 @@ static BOOL test_compare_sasl(struct ldap_connection *conn, const char *basedn) rep->r.CompareResponse.errormessage, rep->r.CompareResponse.referral)); - if (rep->type != LDAP_TAG_CompareResponse) { - return False; - } - return True; } + BOOL torture_ldap_basic(void) { NTSTATUS status; @@ -186,7 +195,6 @@ BOOL torture_ldap_basic(void) BOOL ret = True; const char *host = lp_parm_string(-1, "torture", "host"); const char *userdn = lp_parm_string(-1, "torture", "ldap_userdn"); - /*const char *basedn = lp_parm_string(-1, "torture", "ldap_basedn");*/ const char *secret = lp_parm_string(-1, "torture", "ldap_secret"); char *url; char *basedn; @@ -195,18 +203,18 @@ BOOL torture_ldap_basic(void) url = talloc_asprintf(mem_ctx, "ldap://%s/", host); - status = torture_ldap_connection2(mem_ctx, &conn, url, userdn, secret); + status = torture_ldap_connection(mem_ctx, &conn, url); if (!NT_STATUS_IS_OK(status)) { return False; } - /* other basic tests here */ - - if (!test_multibind(conn, userdn, secret)) { + if (!test_search_rootDSE(conn, &basedn)) { ret = False; } - if (!test_search_rootDSE(conn, &basedn)) { + /* other basic tests here */ + + if (!test_multibind(conn, userdn, secret)) { ret = False; } @@ -219,10 +227,9 @@ BOOL torture_ldap_basic(void) } /* no more test we are closing */ - + torture_ldap_close(conn); talloc_free(mem_ctx); - torture_ldap_close(conn); return ret; } diff --git a/source4/torture/ldap/common.c b/source4/torture/ldap/common.c index a65d24804c..f5b2a1254d 100644 --- a/source4/torture/ldap/common.c +++ b/source4/torture/ldap/common.c @@ -28,92 +28,73 @@ NTSTATUS torture_ldap_bind(struct ldap_connection *conn, const char *userdn, const char *password) { - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - int result; + NTSTATUS status; - if (!conn) { - printf("We need a valid ldap_connection structure and be connected\n"); - return status; + status = ldap_bind_simple(conn, userdn, password); + if (!NT_STATUS_IS_OK(status)) { + printf("Failed to bind with provided credentials - %s\n", + nt_errstr(status)); } - result = ldap_bind_simple(conn, userdn, password); - if (result != LDAP_SUCCESS) { - printf("Failed to bind with provided credentials\n"); - /* FIXME: what abut actually implementing an ldap_connection_free() function ? - :-) sss */ - return status; - } - - return NT_STATUS_OK; + return status; } NTSTATUS torture_ldap_bind_sasl(struct ldap_connection *conn, struct cli_credentials *creds) { - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - int result; - - if (!conn) { - printf("We need a valid ldap_connection structure and be connected\n"); - return status; - } + NTSTATUS status; - result = ldap_bind_sasl(conn, creds); - if (result != LDAP_SUCCESS) { - printf("Failed to bind with provided credentials and SASL mechanism\n"); - /* FIXME: what abut actually implementing an ldap_connection_free() function ? - :-) sss */ - return status; + status = ldap_bind_sasl(conn, creds); + if (!NT_STATUS_IS_OK(status)) { + printf("Failed sasl bind with provided credentials - %s\n", + nt_errstr(status)); } - return NT_STATUS_OK; + return status; } /* open a ldap connection to a server */ NTSTATUS torture_ldap_connection(TALLOC_CTX *mem_ctx, struct ldap_connection **conn, const char *url) { - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + NTSTATUS status; if (!url) { printf("You must specify a url string\n"); return NT_STATUS_INVALID_PARAMETER; } - *conn = ldap_connect(mem_ctx, url); - if (!*conn) { - printf("Failed to initialize ldap_connection structure\n"); - return status; + *conn = ldap_new_connection(mem_ctx, NULL); + + status = ldap_connect(*conn, url); + if (!NT_STATUS_IS_OK(status)) { + printf("Failed to connect to ldap server '%s' - %s\n", + url, nt_errstr(status)); } - return NT_STATUS_OK; + return status; } /* open a ldap connection to a server */ NTSTATUS torture_ldap_connection2(TALLOC_CTX *mem_ctx, struct ldap_connection **conn, const char *url, const char *userdn, const char *password) { - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - int ret; + NTSTATUS status; status = torture_ldap_connection(mem_ctx, conn, url); NT_STATUS_NOT_OK_RETURN(status); - ret = ldap_bind_simple(*conn, userdn, password); - if (ret != LDAP_SUCCESS) { - printf("Failed to connect with url [%s]\n", url); - /* FIXME: what abut actually implementing an ldap_connection_free() function ? - :-) sss */ - return status; + status = ldap_bind_simple(*conn, userdn, password); + if (!NT_STATUS_IS_OK(status)) { + printf("Failed a simple ldap bind - %s\n", ldap_errstr(*conn, status)); } - return NT_STATUS_OK; + return status; } /* close an ldap connection to a server */ NTSTATUS torture_ldap_close(struct ldap_connection *conn) { - /* FIXME: what about actually implementing ldap_close() ? - :-) sss */ + talloc_free(conn); return NT_STATUS_OK; } -- cgit