mirror of
https://github.com/samba-team/samba.git
synced 2025-03-09 08:58:35 +03:00
r1793: try to bind multiple times as anonimous and user
added -D parameter to torture to be able to specify: - user dn - base dn - user secret
This commit is contained in:
Simo Sorce
Gerald (Jerry) Carter
parent
d9f8f97c9e
commit
0eaec28f5c
@ -1,6 +1,28 @@
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
BOOL test_multibind(struct ldap_connection *conn, TALLOC_CTX *mem_ctx, const char *userdn, const char *password)
|
||||
{
|
||||
NTSTATUS status;
|
||||
BOOL ret = True;
|
||||
|
||||
printf("\nTesting multiple binds on a single connnection as anonymous and user\n");
|
||||
|
||||
status = torture_ldap_bind(conn, userdn, password);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("1st bind as user over an anonymous bind failed\n");
|
||||
return False;
|
||||
}
|
||||
|
||||
status = torture_ldap_bind(conn, NULL, NULL);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("2nd bind as anonymous over an authenticated bind failed\n");
|
||||
return False;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
BOOL torture_ldap_basic(int dummy)
|
||||
{
|
||||
NTSTATUS status;
|
||||
@ -8,20 +30,25 @@ BOOL torture_ldap_basic(int dummy)
|
||||
TALLOC_CTX *mem_ctx;
|
||||
BOOL ret = True;
|
||||
const char *host = lp_parm_string(-1, "torture", "host");
|
||||
const char *userdn = lp_parm_string(-1, "torture", "ldap_userdn");
|
||||
const char *basedn = lp_parm_string(-1, "torture", "ldap_basedn");
|
||||
const char *secret = lp_parm_string(-1, "torture", "ldap_secret");
|
||||
char *url;
|
||||
|
||||
mem_ctx = talloc_init("torture_ldap_basic");
|
||||
|
||||
url = talloc_asprintf(mem_ctx, "ldap://%s/", host);
|
||||
|
||||
status = torture_ldap_connection(&conn, url);
|
||||
status = torture_ldap_connection(&conn, url, NULL, NULL);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return False;
|
||||
}
|
||||
|
||||
/* other basic tests here */
|
||||
|
||||
/* --- nothing yet :-) --- */
|
||||
if (!test_multibind(conn, mem_ctx, userdn, secret)) {
|
||||
ret = False;
|
||||
}
|
||||
|
||||
/* no more test we are closing */
|
||||
|
||||
|
||||
@ -1,9 +1,30 @@
|
||||
#include "includes.h"
|
||||
|
||||
NTSTATUS torture_ldap_bind(struct ldap_connection *conn, const char *userdn, const char *password)
|
||||
{
|
||||
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
|
||||
struct ldap_message *response;
|
||||
|
||||
if (!conn) {
|
||||
printf("We need a valid ldap_connection structure and be connected\n");
|
||||
return status;
|
||||
}
|
||||
|
||||
response = ldap_bind_simple(conn, userdn, password);
|
||||
if (!response || (response->r.BindResponse.response.resultcode != 0)) {
|
||||
printf("Failed to bind with provided credentials\n");
|
||||
/* FIXME: what abut actually implementing an ldap_connection_free() function ?
|
||||
:-) sss */
|
||||
destroy_ldap_message(response);
|
||||
return status;
|
||||
}
|
||||
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
/* open a ldap connection to a server */
|
||||
/* TODO: Add support to pass over credentials */
|
||||
NTSTATUS torture_ldap_connection(struct ldap_connection **conn,
|
||||
const char *url)
|
||||
const char *url, const char *userdn, const char *password)
|
||||
{
|
||||
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
|
||||
BOOL ret;
|
||||
@ -19,9 +40,9 @@ NTSTATUS torture_ldap_connection(struct ldap_connection **conn,
|
||||
return status;
|
||||
}
|
||||
|
||||
ret = ldap_setup_connection(*conn, url);
|
||||
ret = ldap_setup_connection(*conn, url, userdn, password);
|
||||
if (!ret) {
|
||||
printf("Failed to connect with url [%s]", url);
|
||||
printf("Failed to connect with url [%s]\n", url);
|
||||
/* FIXME: what abut actually implementing an ldap_connection_free() function ?
|
||||
:-) sss */
|
||||
return status;
|
||||
|
||||
@ -4300,6 +4300,46 @@ static void parse_user(const char *user)
|
||||
}
|
||||
}
|
||||
|
||||
static void parse_dns(const char *dns)
|
||||
{
|
||||
char *userdn, *basedn, *secret;
|
||||
char *p, *d;
|
||||
|
||||
/* retrievieng the userdn */
|
||||
p = strchr_m(dns, '#');
|
||||
if (!p) {
|
||||
lp_set_cmdline("torture:ldap_userdn", "");
|
||||
lp_set_cmdline("torture:ldap_basedn", "");
|
||||
lp_set_cmdline("torture:ldap_secret", "");
|
||||
return;
|
||||
}
|
||||
userdn = strndup(dns, p - dns);
|
||||
lp_set_cmdline("torture:ldap_userdn", userdn);
|
||||
|
||||
/* retrieve the basedn */
|
||||
d = p + 1;
|
||||
p = strchr_m(d, '#');
|
||||
if (!p) {
|
||||
lp_set_cmdline("torture:ldap_basedn", "");
|
||||
lp_set_cmdline("torture:ldap_secret", "");
|
||||
return;
|
||||
}
|
||||
basedn = strndup(d, p - d);
|
||||
lp_set_cmdline("torture:ldap_basedn", basedn);
|
||||
|
||||
/* retrieve the secret */
|
||||
p = p + 1;
|
||||
if (!p) {
|
||||
lp_set_cmdline("torture:ldap_secret", "");
|
||||
return;
|
||||
}
|
||||
secret = strdup(p);
|
||||
lp_set_cmdline("torture:ldap_secret", secret);
|
||||
|
||||
printf ("%s - %s - %s\n", userdn, basedn, secret);
|
||||
|
||||
}
|
||||
|
||||
static void usage(void)
|
||||
{
|
||||
int i;
|
||||
@ -4393,7 +4433,7 @@ static void usage(void)
|
||||
|
||||
srandom(time(NULL));
|
||||
|
||||
while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:e:m:Ld:Ac:ks:f:s:t:C:X")) != EOF) {
|
||||
while ((opt = getopt(argc, argv, "p:hW:D:U:n:N:O:o:e:m:Ld:Ac:ks:f:s:t:C:X")) != EOF) {
|
||||
switch (opt) {
|
||||
case 'p':
|
||||
lp_set_cmdline("smb ports", optarg);
|
||||
@ -4452,6 +4492,9 @@ static void usage(void)
|
||||
case 'U':
|
||||
parse_user(optarg);
|
||||
break;
|
||||
case 'D':
|
||||
parse_dns(optarg);
|
||||
break;
|
||||
case 'f':
|
||||
torture_failures = atoi(optarg);
|
||||
break;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user