2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2006 The OpenLDAP Foundation.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted only as authorized by the OpenLDAP
11 * A copy of this license is available in file LICENSE in the
12 * top-level directory of the distribution or, alternatively, at
13 * <http://www.OpenLDAP.org/license.html>.
16 * This work was initially developed by Howard Chu for inclusion
17 * in OpenLDAP Software.
24 #include <ac/stdlib.h>
29 #include <ac/socket.h>
30 #include <ac/string.h>
31 #include <ac/unistd.h>
39 #include "slapd-common.h"
44 do_bind( char *uri, char *dn, struct berval *pass, int maxloop,
45 int force, int chaserefs, int noinit, LDAP **ldp );
48 do_base( char *uri, char *dn, struct berval *pass, char *base, char *filter, char *pwattr,
49 int maxloop, int force, int chaserefs, int noinit, int delay );
51 /* This program can be invoked two ways: if -D is used to specify a Bind DN,
52 * that DN will be used repeatedly for all of the Binds. If instead -b is used
53 * to specify a base DN, a search will be done for all "person" objects under
54 * that base DN. Then DNs from this list will be randomly selected for each
55 * Bind request. All of the users must have identical passwords. Also it is
56 * assumed that the users are all onelevel children of the base.
61 fprintf( stderr, "usage: %s "
62 "[-H uri | -h <host> [-p port]] "
63 "[-D <dn> [-w <passwd>]] "
64 "[-b <baseDN> [-f <searchfilter>] [-a pwattr]] "
77 main( int argc, char **argv )
81 char *host = "localhost";
84 char *filter = "(objectClass=person)";
85 struct berval pass = { 0, NULL };
95 tester_init( "slapd-bind", TESTER_BIND );
97 /* by default, tolerate invalid credentials */
98 tester_ignore_str2errlist( "INVALID_CREDENTIALS" );
100 while ( (i = getopt( argc, argv, "a:b:H:h:i:p:D:w:l:L:f:FIt:" )) != EOF ) {
106 case 'b': /* base DN of a tree of user DNs */
114 case 'H': /* the server uri */
118 case 'h': /* the servers host */
123 tester_ignore_str2errlist( optarg );
126 case 'p': /* the servers port */
127 if ( lutil_atoi( &port, optarg ) != 0 ) {
137 ber_str2bv( optarg, 0, 0, &pass );
140 case 'l': /* the number of loops */
141 if ( lutil_atoi( &loops, optarg ) != 0 ) {
146 case 'L': /* the number of outerloops */
147 if ( lutil_atoi( &outerloops, optarg ) != 0 ) {
161 /* reuse connection */
166 /* sleep between binds */
167 if ( lutil_atoi( &delay, optarg ) != 0 ) {
178 if ( port == -1 && uri == NULL ) {
182 uri = tester_uri( uri, host, port );
184 for ( i = 0; i < outerloops; i++ ) {
185 if ( base != NULL ) {
186 do_base( uri, dn, &pass, base, filter, pwattr, loops,
187 force, chaserefs, noinit, delay );
189 do_bind( uri, dn, &pass, loops,
190 force, chaserefs, noinit, NULL );
194 exit( EXIT_SUCCESS );
199 do_bind( char *uri, char *dn, struct berval *pass, int maxloop,
200 int force, int chaserefs, int noinit, LDAP **ldp )
202 LDAP *ld = ldp ? *ldp : NULL;
204 pid_t pid = getpid();
207 fprintf( stderr, "PID=%ld - Bind(%d): dn=\"%s\".\n",
208 (long) pid, maxloop, dn );
210 for ( i = 0; i < maxloop; i++ ) {
211 if ( !noinit || ld == NULL ) {
212 int version = LDAP_VERSION3;
213 ldap_initialize( &ld, uri );
215 tester_perror( "ldap_initialize", NULL );
220 (void) ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION,
222 (void) ldap_set_option( ld, LDAP_OPT_REFERRALS,
223 chaserefs ? LDAP_OPT_ON: LDAP_OPT_OFF );
226 rc = ldap_sasl_bind_s( ld, dn, LDAP_SASL_SIMPLE, pass, NULL, NULL, NULL );
228 unsigned first = tester_ignore_err( rc );
232 /* only log if first occurrence */
233 if ( force < 2 || first == 1 ) {
234 tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
239 tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
244 ldap_unbind_ext( ld, NULL, NULL );
248 if ( rc != LDAP_SUCCESS ) {
254 fprintf( stderr, " PID=%ld - Bind done (%d).\n", (long) pid, rc );
257 if ( ldp && noinit ) {
260 } else if ( ld != NULL ) {
261 ldap_unbind_ext( ld, NULL, NULL );
269 do_base( char *uri, char *dn, struct berval *pass, char *base, char *filter, char *pwattr,
270 int maxloop, int force, int chaserefs, int noinit, int delay )
274 pid_t pid = getpid();
275 int rc = LDAP_SUCCESS;
277 LDAPMessage *res, *msg;
279 struct berval *creds = NULL;
280 char *attrs[] = { LDAP_NO_ATTRS, NULL };
285 struct timeval beg, end;
287 int version = LDAP_VERSION3;
292 ldap_initialize( &ld, uri );
294 tester_perror( "ldap_initialize", NULL );
295 exit( EXIT_FAILURE );
298 (void) ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
299 (void) ldap_set_option( ld, LDAP_OPT_REFERRALS,
300 chaserefs ? LDAP_OPT_ON: LDAP_OPT_OFF );
302 rc = ldap_sasl_bind_s( ld, dn, LDAP_SASL_SIMPLE, pass, NULL, NULL, NULL );
303 if ( rc != LDAP_SUCCESS ) {
304 tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
305 exit( EXIT_FAILURE );
308 fprintf( stderr, "PID=%ld - Bind(%d): base=\"%s\", filter=\"%s\" attr=\"%s\".\n",
309 (long) pid, maxloop, base, filter, pwattr );
311 if ( pwattr != NULL ) {
314 rc = ldap_search_ext( ld, base, LDAP_SCOPE_SUBTREE,
315 filter, attrs, 0, NULL, NULL, 0, 0, &msgid );
316 if ( rc != LDAP_SUCCESS ) {
317 tester_ldap_error( ld, "ldap_search_ext", NULL );
318 exit( EXIT_FAILURE );
321 while ( ( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, NULL, &res ) ) > 0 )
327 for ( msg = ldap_first_message( ld, res ); msg;
328 msg = ldap_next_message( ld, msg ) )
330 switch ( ldap_msgtype( msg ) ) {
331 case LDAP_RES_SEARCH_ENTRY:
332 rc = ldap_get_dn_ber( ld, msg, &ber, &bv );
333 dns = realloc( dns, (ndns + 1)*sizeof(char *) );
334 dns[ndns] = ber_strdup( bv.bv_val );
335 if ( pwattr != NULL ) {
336 struct berval **values = ldap_get_values_len( ld, msg, pwattr );
338 creds = realloc( creds, (ndns + 1)*sizeof(struct berval) );
339 if ( values == NULL ) {
341 creds[ndns].bv_len = 0;
342 creds[ndns].bv_val = nullstr;
345 static struct berval cleartext = BER_BVC( "{CLEARTEXT} " );
346 struct berval value = *values[ 0 ];
348 if ( value.bv_val[ 0 ] == '{' ) {
349 char *end = ber_bvchr( &value, '}' );
352 if ( ber_bvcmp( &value, &cleartext ) == 0 ) {
353 value.bv_val += cleartext.bv_len;
354 value.bv_len -= cleartext.bv_len;
357 ldap_value_free_len( values );
364 ber_dupbv( &creds[ndns], &value );
365 ldap_value_free_len( values );
372 case LDAP_RES_SEARCH_RESULT:
384 beg = GetTickCount();
386 gettimeofday( &beg, NULL );
390 tester_error( "No DNs" );
394 fprintf( stderr, " PID=%ld - Bind base=\"%s\" filter=\"%s\" got %d values.\n",
395 (long) pid, base, filter, ndns );
397 /* Ok, got list of DNs, now start binding to each */
398 for ( i = 0; i < maxloop; i++ ) {
400 struct berval cred = { 0, NULL };
402 for ( j = 0, k = 0; k < ndns; k++) {
406 if ( creds && !BER_BVISEMPTY( &creds[j] ) ) {
409 if ( do_bind( uri, dns[j], &cred, 1, force, chaserefs, noinit, &ld )
421 ldap_unbind_ext( ld, NULL, NULL );
426 end = GetTickCount();
429 fprintf( stderr, " PID=%ld - Bind done %d in %d.%03d seconds.\n",
430 (long) pid, i, end / 1000, end % 1000 );
432 gettimeofday( &end, NULL );
433 end.tv_usec -= beg.tv_usec;
434 if (end.tv_usec < 0 ) {
435 end.tv_usec += 1000000;
438 end.tv_sec -= beg.tv_sec;
440 fprintf( stderr, " PID=%ld - Bind done %d in %ld.%06ld seconds.\n",
441 (long) pid, i, (long) end.tv_sec, (long) end.tv_usec );
445 for ( i = 0; i < ndns; i++ ) {
452 for ( i = 0; i < ndns; i++ ) {
453 if ( creds[i].bv_val != nullstr ) {
454 free( creds[i].bv_val );