--- tests/progs/slapd-bind.c 2006/04/04 19:07:53 1.18
+++ tests/progs/slapd-bind.c 2010/04/13 20:23:58 1.18.2.12
@@ -1,7 +1,7 @@
-/* $OpenLDAP: pkg/ldap/tests/progs/slapd-bind.c,v 1.17 2006/03/25 09:13:30 ando Exp $ */
+/* $OpenLDAP: pkg/ldap/tests/progs/slapd-bind.c,v 1.18.2.11 2009/03/09 23:16:48 quanah Exp $ */
/* This work is part of OpenLDAP Software .
*
- * Copyright 1999-2006 The OpenLDAP Foundation.
+ * Copyright 1999-2010 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -21,19 +21,21 @@
#include
-#include
-#include
+#include "ac/stdlib.h"
+#include "ac/time.h"
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-
-#include
-#include
+#include "ac/ctype.h"
+#include "ac/param.h"
+#include "ac/socket.h"
+#include "ac/string.h"
+#include "ac/unistd.h"
+#include "ac/wait.h"
+#include "ac/time.h"
+
+#include "ldap.h"
+#include "lutil.h"
+#include "lber_pvt.h"
+#include "ldap_pvt.h"
#include "slapd-common.h"
@@ -41,11 +43,13 @@
static int
do_bind( char *uri, char *dn, struct berval *pass, int maxloop,
- int force, int chaserefs, int noinit, LDAP **ldp );
+ int force, int chaserefs, int noinit, LDAP **ldp,
+ int action_type, void *action );
static int
-do_base( char *uri, struct berval *base, struct berval *pass, int maxloop,
- int force, int chaserefs, int noinit, int delay );
+do_base( char *uri, char *dn, struct berval *pass, char *base, char *filter, char *pwattr,
+ int maxloop, int force, int chaserefs, int noinit, int delay,
+ int action_type, void *action );
/* This program can be invoked two ways: if -D is used to specify a Bind DN,
* that DN will be used repeatedly for all of the Binds. If instead -b is used
@@ -55,25 +59,29 @@ do_base( char *uri, struct berval *base,
* assumed that the users are all onelevel children of the base.
*/
static void
-usage( char *name )
+usage( char *name, char opt )
{
+ if ( opt ) {
+ fprintf( stderr, "%s: unable to handle option \'%c\'\n\n",
+ name, opt );
+ }
+
fprintf( stderr, "usage: %s "
- "[-h ] "
- "-p port "
- "(-D |-b [-f ]) "
- "-w "
+ "[-H uri | -h [-p port]] "
+ "[-D [-w ]] "
+ "[-b [-f ] [-a pwattr]] "
"[-l ] "
"[-L ] "
+ "[-B [,...]] "
"[-F] "
"[-C] "
"[-I] "
+ "[-i ] "
"[-t delay]\n",
name );
exit( EXIT_FAILURE );
}
-static char *filter = "(objectClass=person)";
-
int
main( int argc, char **argv )
{
@@ -81,60 +89,130 @@ main( int argc, char **argv )
char *uri = NULL;
char *host = "localhost";
char *dn = NULL;
- struct berval base = { 0, NULL };
+ char *base = NULL;
+ char *filter = "(objectClass=person)";
struct berval pass = { 0, NULL };
+ char *pwattr = NULL;
int port = -1;
int loops = LOOPS;
int outerloops = 1;
int force = 0;
int chaserefs = 0;
- int noinit = 0;
+ int noinit = 1;
int delay = 0;
- tester_init( "slapd-bind" );
+ /* extra action to do after bind... */
+ struct berval type[] = {
+ BER_BVC( "tester=" ),
+ BER_BVC( "add=" ),
+ BER_BVC( "bind=" ),
+ BER_BVC( "modify=" ),
+ BER_BVC( "modrdn=" ),
+ BER_BVC( "read=" ),
+ BER_BVC( "search=" ),
+ BER_BVNULL
+ };
+
+ LDAPURLDesc *extra_ludp = NULL;
+
+ tester_init( "slapd-bind", TESTER_BIND );
+
+ /* by default, tolerate invalid credentials */
+ tester_ignore_str2errlist( "INVALID_CREDENTIALS" );
+
+ while ( ( i = getopt( argc, argv, "a:B:b:D:Ff:H:h:Ii:L:l:p:t:w:" ) ) != EOF )
+ {
+ switch ( i ) {
+ case 'a':
+ pwattr = optarg;
+ break;
- while ( (i = getopt( argc, argv, "b:H:h:p:D:w:l:L:f:FIt:" )) != EOF ) {
- switch( i ) {
case 'b': /* base DN of a tree of user DNs */
- ber_str2bv( optarg, 0, 0, &base );
+ base = optarg;
break;
+ case 'B':
+ {
+ int c;
+
+ for ( c = 0; type[c].bv_val; c++ ) {
+ if ( strncasecmp( optarg, type[c].bv_val, type[c].bv_len ) == 0 )
+ {
+ break;
+ }
+ }
+
+ if ( type[c].bv_val == NULL ) {
+ usage( argv[0], 'B' );
+ }
+
+ switch ( c ) {
+ case TESTER_TESTER:
+ case TESTER_BIND:
+ /* invalid */
+ usage( argv[0], 'B' );
+
+ case TESTER_SEARCH:
+ {
+ if ( ldap_url_parse( &optarg[type[c].bv_len], &extra_ludp ) != LDAP_URL_SUCCESS )
+ {
+ usage( argv[0], 'B' );
+ }
+ } break;
+
+ case TESTER_ADDEL:
+ case TESTER_MODIFY:
+ case TESTER_MODRDN:
+ case TESTER_READ:
+ /* nothing to do */
+ break;
+
+ default:
+ assert( 0 );
+ }
+
+ } break;
+
case 'C':
chaserefs++;
break;
case 'H': /* the server uri */
- uri = strdup( optarg );
+ uri = optarg;
break;
case 'h': /* the servers host */
- host = strdup( optarg );
+ host = optarg;
+ break;
+
+ case 'i':
+ tester_ignore_str2errlist( optarg );
break;
case 'p': /* the servers port */
if ( lutil_atoi( &port, optarg ) != 0 ) {
- usage( argv[0] );
+ usage( argv[0], 'p' );
}
break;
case 'D':
- dn = strdup( optarg );
+ dn = optarg;
break;
case 'w':
- pass.bv_val = strdup( optarg );
- pass.bv_len = strlen( optarg );
+ ber_str2bv( optarg, 0, 1, &pass );
+ memset( optarg, '*', pass.bv_len );
break;
case 'l': /* the number of loops */
if ( lutil_atoi( &loops, optarg ) != 0 ) {
- usage( argv[0] );
+ usage( argv[0], 'l' );
}
break;
case 'L': /* the number of outerloops */
if ( lutil_atoi( &outerloops, optarg ) != 0 ) {
- usage( argv[0] );
+ usage( argv[0], 'L' );
}
break;
@@ -148,36 +226,40 @@ main( int argc, char **argv )
case 'I':
/* reuse connection */
- noinit++;
+ noinit = 0;
break;
case 't':
/* sleep between binds */
if ( lutil_atoi( &delay, optarg ) != 0 ) {
- usage( argv[0] );
+ usage( argv[0], 't' );
}
break;
default:
- usage( argv[0] );
+ usage( argv[0], i );
break;
}
}
if ( port == -1 && uri == NULL ) {
- usage( argv[0] );
+ usage( argv[0], '\0' );
}
uri = tester_uri( uri, host, port );
for ( i = 0; i < outerloops; i++ ) {
- if ( base.bv_val != NULL ) {
- do_base( uri, &base, &pass, loops,
- force, chaserefs, noinit, delay );
+ int rc;
+
+ if ( base != NULL ) {
+ rc = do_base( uri, dn, &pass, base, filter, pwattr, loops,
+ force, chaserefs, noinit, delay, -1, NULL );
} else {
- do_bind( uri, dn, &pass, loops,
- force, chaserefs, noinit, NULL );
+ rc = do_bind( uri, dn, &pass, loops,
+ force, chaserefs, noinit, NULL, -1, NULL );
}
+ if ( rc == LDAP_SERVER_DOWN )
+ break;
}
exit( EXIT_SUCCESS );
@@ -186,22 +268,69 @@ main( int argc, char **argv )
static int
do_bind( char *uri, char *dn, struct berval *pass, int maxloop,
- int force, int chaserefs, int noinit, LDAP **ldp )
+ int force, int chaserefs, int noinit, LDAP **ldp,
+ int action_type, void *action )
{
LDAP *ld = ldp ? *ldp : NULL;
- int i, first = 1, rc = -1;
- pid_t pid = getpid();
+ int i, rc = -1;
+
+ /* for internal search */
+ int timelimit = 0;
+ int sizelimit = 0;
+
+ switch ( action_type ) {
+ case -1:
+ break;
+
+ case TESTER_SEARCH:
+ {
+ LDAPURLDesc *ludp = (LDAPURLDesc *)action;
- if ( maxloop > 1 )
+ assert( action != NULL );
+
+ if ( ludp->lud_exts != NULL ) {
+ for ( i = 0; ludp->lud_exts[ i ] != NULL; i++ ) {
+ char *ext = ludp->lud_exts[ i ];
+ int crit = 0;
+
+ if (ext[0] == '!') {
+ crit++;
+ ext++;
+ }
+
+ if ( strncasecmp( ext, "x-timelimit=", STRLENOF( "x-timelimit=" ) ) == 0 ) {
+ if ( lutil_atoi( &timelimit, &ext[ STRLENOF( "x-timelimit=" ) ] ) && crit ) {
+ tester_error( "unable to parse critical extension x-timelimit" );
+ }
+
+ } else if ( strncasecmp( ext, "x-sizelimit=", STRLENOF( "x-sizelimit=" ) ) == 0 ) {
+ if ( lutil_atoi( &sizelimit, &ext[ STRLENOF( "x-sizelimit=" ) ] ) && crit ) {
+ tester_error( "unable to parse critical extension x-sizelimit" );
+ }
+
+ } else if ( crit ) {
+ tester_error( "unknown critical extension" );
+ }
+ }
+ }
+ } break;
+
+ default:
+ /* nothing to do yet */
+ break;
+ }
+
+ if ( maxloop > 1 ) {
fprintf( stderr, "PID=%ld - Bind(%d): dn=\"%s\".\n",
(long) pid, maxloop, dn );
+ }
for ( i = 0; i < maxloop; i++ ) {
if ( !noinit || ld == NULL ) {
int version = LDAP_VERSION3;
ldap_initialize( &ld, uri );
if ( ld == NULL ) {
- tester_perror( "ldap_initialize" );
+ tester_perror( "ldap_initialize", NULL );
rc = -1;
break;
}
@@ -213,38 +342,66 @@ do_bind( char *uri, char *dn, struct ber
}
rc = ldap_sasl_bind_s( ld, dn, LDAP_SASL_SIMPLE, pass, NULL, NULL, NULL );
- switch ( rc ) {
- case LDAP_SUCCESS:
- break;
+ if ( rc ) {
+ int first = tester_ignore_err( rc );
- case LDAP_INVALID_CREDENTIALS:
- /* don't log: it's intended */
- if ( force >= 2 ) {
- if ( !first ) {
- break;
+ /* if ignore.. */
+ if ( first ) {
+ /* only log if first occurrence */
+ if ( ( force < 2 && first > 0 ) || abs(first) == 1 ) {
+ tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
}
- first = 0;
+ rc = LDAP_SUCCESS;
+
+ } else {
+ tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
+ }
+ }
+
+ switch ( action_type ) {
+ case -1:
+ break;
+
+ case TESTER_SEARCH:
+ {
+ LDAPURLDesc *ludp = (LDAPURLDesc *)action;
+ LDAPMessage *res = NULL;
+ struct timeval tv = { 0 }, *tvp = NULL;
+
+ if ( timelimit ) {
+ tv.tv_sec = timelimit;
+ tvp = &tv;
}
- /* fallthru */
+
+ assert( action != NULL );
+
+ rc = ldap_search_ext_s( ld,
+ ludp->lud_dn, ludp->lud_scope,
+ ludp->lud_filter, ludp->lud_attrs, 0,
+ NULL, NULL, tvp, sizelimit, &res );
+ ldap_msgfree( res );
+ } break;
default:
- tester_ldap_error( ld, "ldap_sasl_bind_s" );
+ /* nothing to do yet */
+ break;
}
-
+
if ( !noinit ) {
ldap_unbind_ext( ld, NULL, NULL );
ld = NULL;
}
- if ( rc != LDAP_SUCCESS && !force ) {
+
+ if ( rc != LDAP_SUCCESS ) {
break;
}
}
if ( maxloop > 1 ) {
- fprintf( stderr, " PID=%ld - Bind done (%d).\n", (long) pid, rc );
+ fprintf( stderr, " PID=%ld - Bind done (%d).\n", (long) pid, rc );
}
- if ( ldp ) {
+ if ( ldp && noinit ) {
*ldp = ld;
} else if ( ld != NULL ) {
@@ -256,31 +413,30 @@ do_bind( char *uri, char *dn, struct ber
static int
-do_base( char *uri, struct berval *base, struct berval *pass, int maxloop,
- int force, int chaserefs, int noinit, int delay )
+do_base( char *uri, char *dn, struct berval *pass, char *base, char *filter, char *pwattr,
+ int maxloop, int force, int chaserefs, int noinit, int delay,
+ int action_type, void *action )
{
LDAP *ld = NULL;
int i = 0;
- pid_t pid = getpid();
int rc = LDAP_SUCCESS;
ber_int_t msgid;
LDAPMessage *res, *msg;
- struct berval *rdns = NULL;
+ char **dns = NULL;
+ struct berval *creds = NULL;
char *attrs[] = { LDAP_NO_ATTRS, NULL };
- int nrdns = 0;
+ int ndns = 0;
#ifdef _WIN32
DWORD beg, end;
#else
struct timeval beg, end;
#endif
int version = LDAP_VERSION3;
- struct berval pw = { 0, NULL };
-
- srand(pid);
+ char *nullstr = "";
ldap_initialize( &ld, uri );
if ( ld == NULL ) {
- tester_perror( "ldap_initialize" );
+ tester_perror( "ldap_initialize", NULL );
exit( EXIT_FAILURE );
}
@@ -288,38 +444,76 @@ do_base( char *uri, struct berval *base,
(void) ldap_set_option( ld, LDAP_OPT_REFERRALS,
chaserefs ? LDAP_OPT_ON: LDAP_OPT_OFF );
- rc = ldap_sasl_bind_s( ld, NULL, LDAP_SASL_SIMPLE, &pw, NULL, NULL, NULL );
+ rc = ldap_sasl_bind_s( ld, dn, LDAP_SASL_SIMPLE, pass, NULL, NULL, NULL );
if ( rc != LDAP_SUCCESS ) {
- tester_ldap_error( ld, "ldap_sasl_bind_s" );
+ tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
exit( EXIT_FAILURE );
}
- rc = ldap_search_ext( ld, base->bv_val, LDAP_SCOPE_ONE,
+ fprintf( stderr, "PID=%ld - Bind(%d): base=\"%s\", filter=\"%s\" attr=\"%s\".\n",
+ (long) pid, maxloop, base, filter, pwattr );
+
+ if ( pwattr != NULL ) {
+ attrs[ 0 ] = pwattr;
+ }
+ rc = ldap_search_ext( ld, base, LDAP_SCOPE_SUBTREE,
filter, attrs, 0, NULL, NULL, 0, 0, &msgid );
if ( rc != LDAP_SUCCESS ) {
- tester_ldap_error( ld, "ldap_search_ext" );
+ tester_ldap_error( ld, "ldap_search_ext", NULL );
exit( EXIT_FAILURE );
}
- while (( rc=ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, NULL, &res )) >0){
+ while ( ( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, NULL, &res ) ) > 0 )
+ {
BerElement *ber;
struct berval bv;
- char *ptr;
int done = 0;
- for (msg = ldap_first_message( ld, res ); msg;
- msg = ldap_next_message( ld, msg )) {
- switch ( ldap_msgtype( msg )) {
+ for ( msg = ldap_first_message( ld, res ); msg;
+ msg = ldap_next_message( ld, msg ) )
+ {
+ switch ( ldap_msgtype( msg ) ) {
case LDAP_RES_SEARCH_ENTRY:
rc = ldap_get_dn_ber( ld, msg, &ber, &bv );
- ptr = strchr( bv.bv_val, ',');
- assert( ptr != NULL );
- bv.bv_len = ptr - bv.bv_val + 1;
- rdns = realloc( rdns, (nrdns+1)*sizeof(struct berval));
- ber_dupbv( &rdns[nrdns], &bv );
- nrdns++;
+ dns = realloc( dns, (ndns + 1)*sizeof(char *) );
+ dns[ndns] = ber_strdup( bv.bv_val );
+ if ( pwattr != NULL ) {
+ struct berval **values = ldap_get_values_len( ld, msg, pwattr );
+
+ creds = realloc( creds, (ndns + 1)*sizeof(struct berval) );
+ if ( values == NULL ) {
+novals:;
+ creds[ndns].bv_len = 0;
+ creds[ndns].bv_val = nullstr;
+
+ } else {
+ static struct berval cleartext = BER_BVC( "{CLEARTEXT} " );
+ struct berval value = *values[ 0 ];
+
+ if ( value.bv_val[ 0 ] == '{' ) {
+ char *end = ber_bvchr( &value, '}' );
+
+ if ( end ) {
+ if ( ber_bvcmp( &value, &cleartext ) == 0 ) {
+ value.bv_val += cleartext.bv_len;
+ value.bv_len -= cleartext.bv_len;
+
+ } else {
+ ldap_value_free_len( values );
+ goto novals;
+ }
+ }
+
+ }
+
+ ber_dupbv( &creds[ndns], &value );
+ ldap_value_free_len( values );
+ }
+ }
+ ndns++;
ber_free( ber, 0 );
break;
+
case LDAP_RES_SEARCH_RESULT:
done = 1;
break;
@@ -337,31 +531,31 @@ do_base( char *uri, struct berval *base,
gettimeofday( &beg, NULL );
#endif
- if ( nrdns == 0 ) {
- tester_error( "No RDNs" );
+ if ( ndns == 0 ) {
+ tester_error( "No DNs" );
return 1;
}
- /* Ok, got list of RDNs, now start binding to each */
+ fprintf( stderr, " PID=%ld - Bind base=\"%s\" filter=\"%s\" got %d values.\n",
+ (long) pid, base, filter, ndns );
+
+ /* Ok, got list of DNs, now start binding to each */
for ( i = 0; i < maxloop; i++ ) {
- char dn[BUFSIZ], *ptr;
- int j, k;
+ int j;
+ struct berval cred = { 0, NULL };
- for ( j = 0, k = 0; k < nrdns; k++) {
- j = rand() % nrdns;
- if ( base->bv_len + rdns[j].bv_len < sizeof( dn ) ) {
- break;
- }
- }
- if ( k == nrdns ) {
-
+#if 0 /* use high-order bits for better randomness (Numerical Recipes in "C") */
+ j = rand() % ndns;
+#endif
+ j = ((double)ndns)*rand()/(RAND_MAX + 1.0);
+
+ if ( creds && !BER_BVISEMPTY( &creds[j] ) ) {
+ cred = creds[j];
}
-
- ptr = lutil_strcopy(dn, rdns[j].bv_val);
- strcpy(ptr, base->bv_val);
- if ( do_bind( uri, dn, pass, 1, force, chaserefs, noinit, &ld )
- && !force )
+
+ if ( do_bind( uri, dns[j], &cred, 1, force, chaserefs, noinit, &ld,
+ action_type, action ) && !force )
{
break;
}
@@ -380,8 +574,8 @@ do_base( char *uri, struct berval *base,
end = GetTickCount();
end -= beg;
- fprintf( stderr, "Done %d Binds in %d.%03d seconds.\n", i,
- end / 1000, end % 1000 );
+ fprintf( stderr, " PID=%ld - Bind done %d in %d.%03d seconds.\n",
+ (long) pid, i, end / 1000, end % 1000 );
#else
gettimeofday( &end, NULL );
end.tv_usec -= beg.tv_usec;
@@ -391,15 +585,24 @@ do_base( char *uri, struct berval *base,
}
end.tv_sec -= beg.tv_sec;
- fprintf( stderr, "Done %d Binds in %ld.%06ld seconds.\n", i,
- (long) end.tv_sec, (long) end.tv_usec );
+ fprintf( stderr, " PID=%ld - Bind done %d in %ld.%06ld seconds.\n",
+ (long) pid, i, (long) end.tv_sec, (long) end.tv_usec );
#endif
- if ( rdns ) {
- for ( i = 0; i < nrdns; i++ ) {
- free( rdns[i].bv_val );
+ if ( dns ) {
+ for ( i = 0; i < ndns; i++ ) {
+ ber_memfree( dns[i] );
+ }
+ free( dns );
+ }
+
+ if ( creds ) {
+ for ( i = 0; i < ndns; i++ ) {
+ if ( creds[i].bv_val != nullstr ) {
+ ber_memfree( creds[i].bv_val );
+ }
}
- free( rdns );
+ free( creds );
}
return 0;