This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
-#include "asn_1.h"
+#include "libcli/ldap/ldap_client.h"
+#include "torture/smbtorture.h"
+#include "torture/ldap/proto.h"
NTSTATUS torture_ldap_bind(struct ldap_connection *conn, const char *userdn, const char *password)
{
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
- int result;
+ NTSTATUS status;
- if (!conn) {
- printf("We need a valid ldap_connection structure and be connected\n");
- return status;
+ status = ldap_bind_simple(conn, userdn, password);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Failed to bind with provided credentials - %s\n",
+ nt_errstr(status));
}
- result = ldap_bind_simple(conn, userdn, password);
- if (result != LDAP_SUCCESS) {
- printf("Failed to bind with provided credentials\n");
- /* FIXME: what abut actually implementing an ldap_connection_free() function ?
- :-) sss */
- return status;
- }
-
- return NT_STATUS_OK;
+ return status;
}
-NTSTATUS torture_ldap_bind_sasl(struct ldap_connection *conn, const char *username, const char *domain, const char *password)
+NTSTATUS torture_ldap_bind_sasl(struct ldap_connection *conn,
+ struct cli_credentials *creds,
+ struct loadparm_context *lp_ctx)
{
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
- int result;
+ NTSTATUS status;
- if (!conn) {
- printf("We need a valid ldap_connection structure and be connected\n");
- return status;
- }
-
- result = ldap_bind_sasl(conn, username, domain, password);
- if (result != LDAP_SUCCESS) {
- printf("Failed to bind with provided credentialsi and SASL mechanism\n");
- /* FIXME: what abut actually implementing an ldap_connection_free() function ?
- :-) sss */
- return status;
+ status = ldap_bind_sasl(conn, creds, lp_ctx);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Failed sasl bind with provided credentials - %s\n",
+ nt_errstr(status));
}
- return NT_STATUS_OK;
+ return status;
}
/* open a ldap connection to a server */
-NTSTATUS torture_ldap_connection(struct ldap_connection **conn,
- const char *url, const char *userdn, const char *password)
+NTSTATUS torture_ldap_connection(struct torture_context *tctx,
+ struct ldap_connection **conn,
+ const char *url)
{
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
- BOOL ret;
+ NTSTATUS status;
if (!url) {
printf("You must specify a url string\n");
return NT_STATUS_INVALID_PARAMETER;
}
- *conn = new_ldap_connection();
- if (!*conn) {
- printf("Failed to initialize ldap_connection structure\n");
- return status;
+ *conn = ldap4_new_connection(tctx, tctx->lp_ctx, tctx->ev);
+
+ status = ldap_connect(*conn, url);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Failed to connect to ldap server '%s' - %s\n",
+ url, nt_errstr(status));
}
- ret = ldap_setup_connection(*conn, url, userdn, password);
- if (!ret) {
- printf("Failed to connect with url [%s]\n", url);
- /* FIXME: what abut actually implementing an ldap_connection_free() function ?
- :-) sss */
- return status;
+ return status;
+}
+
+/* open a ldap connection to a server */
+NTSTATUS torture_ldap_connection2(struct torture_context *tctx, struct ldap_connection **conn,
+ const char *url, const char *userdn, const char *password)
+{
+ NTSTATUS status;
+
+ status = torture_ldap_connection(tctx, conn, url);
+ NT_STATUS_NOT_OK_RETURN(status);
+
+ status = ldap_bind_simple(*conn, userdn, password);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Failed a simple ldap bind - %s\n", ldap_errstr(*conn, tctx, status));
}
- return NT_STATUS_OK;
+ return status;
}
/* close an ldap connection to a server */
NTSTATUS torture_ldap_close(struct ldap_connection *conn)
{
- /* FIXME: what about actually implementing ldap_close() ?
- :-) sss */
+ talloc_free(conn);
return NT_STATUS_OK;
}
-BOOL ldap_sasl_send_msg(struct ldap_connection *conn, struct ldap_message *msg,
- const struct timeval *endtime)
+NTSTATUS torture_ldap_init(void)
{
- NTSTATUS status;
- DATA_BLOB request;
- BOOL result;
- DATA_BLOB creds;
- DATA_BLOB pdu;
- int len;
- struct asn1_data asn1;
- TALLOC_CTX *mem_ctx;
-
- msg->messageid = conn->next_msgid++;
-
- if (!ldap_encode(msg, &request))
- return False;
-
- status = gensec_seal_packet(conn->gensec,
- msg->mem_ctx,
- request.data, request.length,
- request.data, request.length,
- &creds);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("gensec_seal_packet: %s\n",nt_errstr(status)));
- return False;
- }
-
- len = 4 + creds.length + request.length;
- pdu = data_blob_talloc(msg->mem_ctx, NULL, len);
- RSIVAL(pdu.data, 0, len-4);
- memcpy(pdu.data + 4, creds.data, creds.length);
- memcpy(pdu.data + 4 + creds.length, request.data, request.length);
-
- result = (write_data_until(conn->sock, pdu.data, pdu.length,
- endtime) == pdu.length);
- if (!result)
- return result;
-
- pdu = data_blob(NULL, 0x4000);
- data_blob_clear(&pdu);
-
- result = (read_data_until(conn->sock, pdu.data, 4, NULL) == 4);
- if (!result)
- return result;
-
- len = RIVAL(pdu.data,0);
+ struct torture_suite *suite = torture_suite_create(talloc_autofree_context(), "LDAP");
+ torture_suite_add_simple_test(suite, "BENCH-CLDAP", torture_bench_cldap);
+ torture_suite_add_simple_test(suite, "BASIC", torture_ldap_basic);
+ torture_suite_add_simple_test(suite, "SORT", torture_ldap_sort);
+ torture_suite_add_simple_test(suite, "CLDAP", torture_cldap);
+ torture_suite_add_simple_test(suite, "SCHEMA", torture_ldap_schema);
+ torture_suite_add_simple_test(suite, "UPTODATEVECTOR", torture_ldap_uptodatevector);
- result = (read_data_until(conn->sock, pdu.data + 4, MIN(0x4000,len), NULL) == len);
- if (!result)
- return result;
+ suite->description = talloc_strdup(suite, "LDAP and CLDAP tests");
- pdu.length = 4+len;
+ torture_register_suite(suite);
- creds = data_blob(pdu.data + 4 , gensec_sig_size(conn->gensec));
-
- request = data_blob(pdu.data + (4 + creds.length), pdu.length - (4 + creds.length));
-
- status = gensec_unseal_packet(conn->gensec,
- msg->mem_ctx,
- request.data, request.length,
- request.data, request.length,
- &creds);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("gensec_unseal_packet: %s\n",nt_errstr(status)));
- return False;
- }
-
- mem_ctx = msg->mem_ctx;
- ZERO_STRUCTP(msg);
- msg->mem_ctx = mem_ctx;
-
- asn1_load(&asn1, request);
- if (!ldap_decode(&asn1, msg)) {
- return False;
- }
-
- result = True;
-
- return result;
+ return NT_STATUS_OK;
}
git.samba.org / ira / wip.git / blobdiff