Back to index

openldap  2.4.31
Defines | Functions
slapd-bind.c File Reference
#include "portable.h"
#include <stdio.h>
#include "ac/stdlib.h"
#include "ac/time.h"
#include "ac/ctype.h"
#include "ac/param.h"
#include "ac/socket.h"
#include "ac/string.h"
#include "ac/unistd.h"
#include "ac/wait.h"
#include "ldap.h"
#include "lutil.h"
#include "lber_pvt.h"
#include "ldap_pvt.h"
#include "slapd-common.h"

Go to the source code of this file.

Defines

#define LOOPS   100

Functions

static int do_bind (char *uri, char *dn, struct berval *pass, int maxloop, int force, int chaserefs, int noinit, LDAP **ldp, int action_type, void *action)
static int do_base (char *uri, char *dn, struct berval *pass, char *base, char *filter, char *pwattr, int maxloop, int force, int chaserefs, int noinit, int delay, int action_type, void *action)
static void usage (char *name, char opt)
int main (int argc, char **argv)

Define Documentation

#define LOOPS   100

Definition at line 42 of file slapd-bind.c.


Function Documentation

static int do_base ( char *  uri,
char *  dn,
struct berval pass,
char *  base,
char *  filter,
char *  pwattr,
int  maxloop,
int  force,
int  chaserefs,
int  noinit,
int  delay,
int  action_type,
void action 
) [static]

Definition at line 416 of file slapd-bind.c.

{
       LDAP   *ld = NULL;
       int    i = 0;
       int     rc = LDAP_SUCCESS;
       ber_int_t msgid;
       LDAPMessage *res, *msg;
       char **dns = NULL;
       struct berval *creds = NULL;
       char *attrs[] = { LDAP_NO_ATTRS, NULL };
       int ndns = 0;
#ifdef _WIN32
       DWORD beg, end;
#else
       struct timeval beg, end;
#endif
       int version = LDAP_VERSION3;
       char *nullstr = "";

       ldap_initialize( &ld, uri );
       if ( ld == NULL ) {
              tester_perror( "ldap_initialize", NULL );
              exit( EXIT_FAILURE );
       }

       (void) ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
       (void) ldap_set_option( ld, LDAP_OPT_REFERRALS,
              chaserefs ? LDAP_OPT_ON: LDAP_OPT_OFF );

       rc = ldap_sasl_bind_s( ld, dn, LDAP_SASL_SIMPLE, pass, NULL, NULL, NULL );
       if ( rc != LDAP_SUCCESS ) {
              tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
              exit( EXIT_FAILURE );
       }

       fprintf( stderr, "PID=%ld - Bind(%d): base=\"%s\", filter=\"%s\" attr=\"%s\".\n",
                     (long) pid, maxloop, base, filter, pwattr );

       if ( pwattr != NULL ) {
              attrs[ 0 ] = pwattr;
       }
       rc = ldap_search_ext( ld, base, LDAP_SCOPE_SUBTREE,
                     filter, attrs, 0, NULL, NULL, 0, 0, &msgid );
       if ( rc != LDAP_SUCCESS ) {
              tester_ldap_error( ld, "ldap_search_ext", NULL );
              exit( EXIT_FAILURE );
       }

       while ( ( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, NULL, &res ) ) > 0 )
       {
              BerElement *ber;
              struct berval bv;
              int done = 0;

              for ( msg = ldap_first_message( ld, res ); msg;
                     msg = ldap_next_message( ld, msg ) )
              {
                     switch ( ldap_msgtype( msg ) ) {
                     case LDAP_RES_SEARCH_ENTRY:
                            rc = ldap_get_dn_ber( ld, msg, &ber, &bv );
                            dns = realloc( dns, (ndns + 1)*sizeof(char *) );
                            dns[ndns] = ber_strdup( bv.bv_val );
                            if ( pwattr != NULL ) {
                                   struct berval **values = ldap_get_values_len( ld, msg, pwattr );

                                   creds = realloc( creds, (ndns + 1)*sizeof(struct berval) );
                                   if ( values == NULL ) {
novals:;
                                          creds[ndns].bv_len = 0;
                                          creds[ndns].bv_val = nullstr;

                                   } else {
                                          static struct berval cleartext = BER_BVC( "{CLEARTEXT} " );
                                          struct berval        value = *values[ 0 ];

                                          if ( value.bv_val[ 0 ] == '{' ) {
                                                 char *end = ber_bvchr( &value, '}' );

                                                 if ( end ) {
                                                        if ( ber_bvcmp( &value, &cleartext ) == 0 ) {
                                                               value.bv_val += cleartext.bv_len;
                                                               value.bv_len -= cleartext.bv_len;

                                                        } else {
                                                               ldap_value_free_len( values );
                                                               goto novals;
                                                        }
                                                 }

                                          }

                                          ber_dupbv( &creds[ndns], &value );
                                          ldap_value_free_len( values );
                                   }
                            }
                            ndns++;
                            ber_free( ber, 0 );
                            break;

                     case LDAP_RES_SEARCH_RESULT:
                            done = 1;
                            break;
                     }
                     if ( done )
                            break;
              }
              ldap_msgfree( res );
              if ( done ) break;
       }

#ifdef _WIN32
       beg = GetTickCount();
#else
       gettimeofday( &beg, NULL );
#endif

       if ( ndns == 0 ) {
              tester_error( "No DNs" );
              return 1;
       }

       fprintf( stderr, "  PID=%ld - Bind base=\"%s\" filter=\"%s\" got %d values.\n",
              (long) pid, base, filter, ndns );

       /* Ok, got list of DNs, now start binding to each */
       for ( i = 0; i < maxloop; i++ ) {
              int           j;
              struct berval cred = { 0, NULL };


#if 0  /* use high-order bits for better randomness (Numerical Recipes in "C") */
              j = rand() % ndns;
#endif
              j = ((double)ndns)*rand()/(RAND_MAX + 1.0);

              if ( creds && !BER_BVISEMPTY( &creds[j] ) ) {
                     cred = creds[j];
              }

              if ( do_bind( uri, dns[j], &cred, 1, force, chaserefs, noinit, &ld,
                     action_type, action ) && !force )
              {
                     break;
              }

              if ( delay ) {
                     sleep( delay );
              }
       }

       if ( ld != NULL ) {
              ldap_unbind_ext( ld, NULL, NULL );
              ld = NULL;
       }

#ifdef _WIN32
       end = GetTickCount();
       end -= beg;

       fprintf( stderr, "  PID=%ld - Bind done %d in %d.%03d seconds.\n",
              (long) pid, i, end / 1000, end % 1000 );
#else
       gettimeofday( &end, NULL );
       end.tv_usec -= beg.tv_usec;
       if (end.tv_usec < 0 ) {
              end.tv_usec += 1000000;
              end.tv_sec -= 1;
       }
       end.tv_sec -= beg.tv_sec;

       fprintf( stderr, "  PID=%ld - Bind done %d in %ld.%06ld seconds.\n",
              (long) pid, i, (long) end.tv_sec, (long) end.tv_usec );
#endif

       if ( dns ) {
              for ( i = 0; i < ndns; i++ ) {
                     ber_memfree( dns[i] );
              }
              free( dns );
       }

       if ( creds ) {
              for ( i = 0; i < ndns; i++ ) {
                     if ( creds[i].bv_val != nullstr ) {
                            ber_memfree( creds[i].bv_val );
                     }
              }
              free( creds );
       }

       return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static int do_bind ( char *  uri,
char *  dn,
struct berval pass,
int  maxloop,
int  force,
int  chaserefs,
int  noinit,
LDAP **  ldp,
int  action_type,
void action 
) [static]

Definition at line 270 of file slapd-bind.c.

{
       LDAP   *ld = ldp ? *ldp : NULL;
       int    i, rc = -1;

       /* for internal search */
       int    timelimit = 0;
       int    sizelimit = 0;

       switch ( action_type ) {
       case -1:
              break;

       case TESTER_SEARCH:
              {
              LDAPURLDesc   *ludp = (LDAPURLDesc *)action;

              assert( action != NULL );

              if ( ludp->lud_exts != NULL ) {
                     for ( i = 0; ludp->lud_exts[ i ] != NULL; i++ ) {
                            char   *ext = ludp->lud_exts[ i ];
                            int    crit = 0;

                            if (ext[0] == '!') {
                                   crit++;
                                   ext++;
                            }

                            if ( strncasecmp( ext, "x-timelimit=", STRLENOF( "x-timelimit=" ) ) == 0 ) {
                                   if ( lutil_atoi( &timelimit, &ext[ STRLENOF( "x-timelimit=" ) ] ) && crit ) {
                                          tester_error( "unable to parse critical extension x-timelimit" );
                                   }

                            } else if ( strncasecmp( ext, "x-sizelimit=", STRLENOF( "x-sizelimit=" ) ) == 0 ) {
                                   if ( lutil_atoi( &sizelimit, &ext[ STRLENOF( "x-sizelimit=" ) ] ) && crit ) {
                                          tester_error( "unable to parse critical extension x-sizelimit" );
                                   }

                            } else if ( crit ) {
                                   tester_error( "unknown critical extension" );
                            }
                     }
              }
              } break;

       default:
              /* nothing to do yet */
              break;
       }
                     
       if ( maxloop > 1 ) {
              fprintf( stderr, "PID=%ld - Bind(%d): dn=\"%s\".\n",
                      (long) pid, maxloop, dn );
       }

       for ( i = 0; i < maxloop; i++ ) {
              if ( !noinit || ld == NULL ) {
                     int version = LDAP_VERSION3;
                     ldap_initialize( &ld, uri );
                     if ( ld == NULL ) {
                            tester_perror( "ldap_initialize", NULL );
                            rc = -1;
                            break;
                     }

                     (void) ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION,
                            &version ); 
                     (void) ldap_set_option( ld, LDAP_OPT_REFERRALS,
                            chaserefs ? LDAP_OPT_ON: LDAP_OPT_OFF );
              }

              rc = ldap_sasl_bind_s( ld, dn, LDAP_SASL_SIMPLE, pass, NULL, NULL, NULL );
              if ( rc ) {
                     int first = tester_ignore_err( rc );

                     /* if ignore.. */
                     if ( first ) {
                            /* only log if first occurrence */
                            if ( ( force < 2 && first > 0 ) || abs(first) == 1 ) {
                                   tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
                            }
                            rc = LDAP_SUCCESS;

                     } else {
                            tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
                     }
              }

              switch ( action_type ) {
              case -1:
                     break;

              case TESTER_SEARCH:
                     {
                     LDAPURLDesc   *ludp = (LDAPURLDesc *)action;
                     LDAPMessage   *res = NULL;
                     struct timeval       tv = { 0 }, *tvp = NULL;

                     if ( timelimit ) {
                            tv.tv_sec = timelimit;
                            tvp = &tv;
                     }

                     assert( action != NULL );

                     rc = ldap_search_ext_s( ld,
                            ludp->lud_dn, ludp->lud_scope,
                            ludp->lud_filter, ludp->lud_attrs, 0,
                            NULL, NULL, tvp, sizelimit, &res );
                     ldap_msgfree( res );
                     } break;

              default:
                     /* nothing to do yet */
                     break;
              }
                     
              if ( !noinit ) {
                     ldap_unbind_ext( ld, NULL, NULL );
                     ld = NULL;
              }

              if ( rc != LDAP_SUCCESS ) {
                     break;
              }
       }

       if ( maxloop > 1 ) {
              fprintf( stderr, "  PID=%ld - Bind done (%d).\n", (long) pid, rc );
       }

       if ( ldp && noinit ) {
              *ldp = ld;

       } else if ( ld != NULL ) {
              ldap_unbind_ext( ld, NULL, NULL );
       }

       return rc;
}

Here is the call graph for this function:

int main ( int  argc,
char **  argv 
)

Definition at line 86 of file slapd-bind.c.

{
       int           i;
       char          *uri = NULL;
       char          *host = "localhost";
       char          *dn = NULL;
       char          *base = NULL;
       char          *filter = "(objectClass=person)";
       struct berval pass = { 0, NULL };
       char          *pwattr = NULL;
       int           port = -1;
       int           loops = LOOPS;
       int           outerloops = 1;
       int           force = 0;
       int           chaserefs = 0;
       int           noinit = 1;
       int           delay = 0;

       /* extra action to do after bind... */
       struct berval type[] = {
              BER_BVC( "tester=" ),
              BER_BVC( "add=" ),
              BER_BVC( "bind=" ),
              BER_BVC( "modify=" ),
              BER_BVC( "modrdn=" ),
              BER_BVC( "read=" ),
              BER_BVC( "search=" ),
              BER_BVNULL
       };

       LDAPURLDesc   *extra_ludp = NULL;

       tester_init( "slapd-bind", TESTER_BIND );

       /* by default, tolerate invalid credentials */
       tester_ignore_str2errlist( "INVALID_CREDENTIALS" );

       while ( ( i = getopt( argc, argv, "a:B:b:D:Ff:H:h:Ii:L:l:p:t:w:" ) ) != EOF )
       {
              switch ( i ) {
              case 'a':
                     pwattr = optarg;
                     break;

              case 'b':            /* base DN of a tree of user DNs */
                     base = optarg;
                     break;

              case 'B':
                     {
                     int    c;

                     for ( c = 0; type[c].bv_val; c++ ) {
                            if ( strncasecmp( optarg, type[c].bv_val, type[c].bv_len ) == 0 )
                            {
                                   break;
                            }
                     }

                     if ( type[c].bv_val == NULL ) {
                            usage( argv[0], 'B' );
                     }

                     switch ( c ) {
                     case TESTER_TESTER:
                     case TESTER_BIND:
                            /* invalid */
                            usage( argv[0], 'B' );

                     case TESTER_SEARCH:
                            {
                            if ( ldap_url_parse( &optarg[type[c].bv_len], &extra_ludp ) != LDAP_URL_SUCCESS )
                            {
                                   usage( argv[0], 'B' );
                            }
                            } break;

                     case TESTER_ADDEL:
                     case TESTER_MODIFY:
                     case TESTER_MODRDN:
                     case TESTER_READ:
                            /* nothing to do */
                            break;

                     default:
                            assert( 0 );
                     }

                     } break;

              case 'C':
                     chaserefs++;
                     break;

              case 'H':            /* the server uri */
                     uri = optarg;
                     break;

              case 'h':            /* the servers host */
                     host = optarg;
                     break;

              case 'i':
                     tester_ignore_str2errlist( optarg );
                     break;

              case 'p':            /* the servers port */
                     if ( lutil_atoi( &port, optarg ) != 0 ) {
                            usage( argv[0], 'p' );
                     }
                     break;

              case 'D':
                     dn = optarg;
                     break;

              case 'w':
                     ber_str2bv( optarg, 0, 1, &pass );
                     memset( optarg, '*', pass.bv_len );
                     break;

              case 'l':            /* the number of loops */
                     if ( lutil_atoi( &loops, optarg ) != 0 ) {
                            usage( argv[0], 'l' );
                     }
                     break;

              case 'L':            /* the number of outerloops */
                     if ( lutil_atoi( &outerloops, optarg ) != 0 ) {
                            usage( argv[0], 'L' );
                     }
                     break;

              case 'f':
                     filter = optarg;
                     break;

              case 'F':
                     force++;
                     break;

              case 'I':
                     /* reuse connection */
                     noinit = 0;
                     break;

              case 't':
                     /* sleep between binds */
                     if ( lutil_atoi( &delay, optarg ) != 0 ) {
                            usage( argv[0], 't' );
                     }
                     break;

              default:
                     usage( argv[0], i );
                     break;
              }
       }

       if ( port == -1 && uri == NULL ) {
              usage( argv[0], '\0' );
       }

       uri = tester_uri( uri, host, port );

       for ( i = 0; i < outerloops; i++ ) {
              int rc;

              if ( base != NULL ) {
                     rc = do_base( uri, dn, &pass, base, filter, pwattr, loops,
                            force, chaserefs, noinit, delay, -1, NULL );
              } else {
                     rc = do_bind( uri, dn, &pass, loops,
                            force, chaserefs, noinit, NULL, -1, NULL );
              }
              if ( rc == LDAP_SERVER_DOWN )
                     break;
       }

       exit( EXIT_SUCCESS );
}

Here is the call graph for this function:

static void usage ( char *  name,
char  opt 
) [static]

Definition at line 62 of file slapd-bind.c.

{
       if ( opt ) {
              fprintf( stderr, "%s: unable to handle option \'%c\'\n\n",
                     name, opt );
       }

       fprintf( stderr, "usage: %s "
              "[-H uri | -h <host> [-p port]] "
              "[-D <dn> [-w <passwd>]] "
              "[-b <baseDN> [-f <searchfilter>] [-a pwattr]] "
              "[-l <loops>] "
              "[-L <outerloops>] "
              "[-B <extra>[,...]] "
              "[-F] "
              "[-C] "
              "[-I] "
              "[-i <ignore>] "
              "[-t delay]\n",
              name );
       exit( EXIT_FAILURE );
}