2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2017 The OpenLDAP Foundation.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted only as authorized by the OpenLDAP
11 * A copy of this license is available in file LICENSE in the
12 * top-level directory of the distribution or, alternatively, at
13 * <http://www.OpenLDAP.org/license.html>.
16 * This work was initially developed by Howard Chu for inclusion
17 * in OpenLDAP Software.
24 #include "ac/stdlib.h"
29 #include "ac/socket.h"
30 #include "ac/string.h"
31 #include "ac/unistd.h"
40 #include "slapd-common.h"
43 do_bind( struct tester_conn_args *config, char *dn, int maxloop,
44 int force, int noinit, LDAP **ldp, int action_type, void *action );
47 do_base( struct tester_conn_args *config, char *dn, char *base, char *filter, char *pwattr,
48 int force, int noinit, int action_type, void *action );
50 /* This program can be invoked two ways: if -D is used to specify a Bind DN,
51 * that DN will be used repeatedly for all of the Binds. If instead -b is used
52 * to specify a base DN, a search will be done for all "person" objects under
53 * that base DN. Then DNs from this list will be randomly selected for each
54 * Bind request. All of the users must have identical passwords. Also it is
55 * assumed that the users are all onelevel children of the base.
58 usage( char *name, char opt )
61 fprintf( stderr, "%s: unable to handle option \'%c\'\n\n",
65 fprintf( stderr, "usage: %s " TESTER_COMMON_HELP
66 "[-b <baseDN> [-f <searchfilter>] [-a pwattr]] "
75 main( int argc, char **argv )
79 char *filter = "(objectClass=person)";
83 struct tester_conn_args *config;
85 /* extra action to do after bind... */
86 struct berval type[] = {
97 LDAPURLDesc *extra_ludp = NULL;
99 config = tester_init( "slapd-bind", TESTER_BIND );
101 /* by default, tolerate invalid credentials */
102 tester_ignore_str2errlist( "INVALID_CREDENTIALS" );
104 while ( ( i = getopt( argc, argv, TESTER_COMMON_OPTS "a:B:b:Ff:I" ) ) != EOF )
111 case 'b': /* base DN of a tree of user DNs */
119 for ( c = 0; type[c].bv_val; c++ ) {
120 if ( strncasecmp( optarg, type[c].bv_val, type[c].bv_len ) == 0 )
126 if ( type[c].bv_val == NULL ) {
127 usage( argv[0], 'B' );
134 usage( argv[0], 'B' );
138 if ( ldap_url_parse( &optarg[type[c].bv_len], &extra_ludp ) != LDAP_URL_SUCCESS )
140 usage( argv[0], 'B' );
166 /* reuse connection */
171 if ( tester_config_opt( config, i, optarg ) == LDAP_SUCCESS ) {
179 tester_config_finish( config );
181 for ( i = 0; i < config->outerloops; i++ ) {
184 if ( base != NULL ) {
185 rc = do_base( config, config->binddn, base,
186 filter, pwattr, force, noinit, -1, NULL );
188 rc = do_bind( config, config->binddn,
189 config->loops, force, noinit, NULL, -1, NULL );
191 if ( rc == LDAP_SERVER_DOWN )
195 exit( EXIT_SUCCESS );
200 do_bind( struct tester_conn_args *config, char *dn, int maxloop,
201 int force, int noinit, LDAP **ldp, int action_type, void *action )
203 LDAP *ld = ldp ? *ldp : NULL;
206 /* for internal search */
210 switch ( action_type ) {
216 LDAPURLDesc *ludp = (LDAPURLDesc *)action;
218 assert( action != NULL );
220 if ( ludp->lud_exts != NULL ) {
221 for ( i = 0; ludp->lud_exts[ i ] != NULL; i++ ) {
222 char *ext = ludp->lud_exts[ i ];
230 if ( strncasecmp( ext, "x-timelimit=", STRLENOF( "x-timelimit=" ) ) == 0 ) {
231 if ( lutil_atoi( &timelimit, &ext[ STRLENOF( "x-timelimit=" ) ] ) && crit ) {
232 tester_error( "unable to parse critical extension x-timelimit" );
235 } else if ( strncasecmp( ext, "x-sizelimit=", STRLENOF( "x-sizelimit=" ) ) == 0 ) {
236 if ( lutil_atoi( &sizelimit, &ext[ STRLENOF( "x-sizelimit=" ) ] ) && crit ) {
237 tester_error( "unable to parse critical extension x-sizelimit" );
241 tester_error( "unknown critical extension" );
248 /* nothing to do yet */
253 fprintf( stderr, "PID=%ld - Bind(%d): dn=\"%s\".\n",
254 (long) pid, maxloop, dn );
257 for ( i = 0; i < maxloop; i++ ) {
258 if ( !noinit || ld == NULL ) {
259 tester_init_ld( &ld, config, TESTER_INIT_ONLY );
262 rc = ldap_sasl_bind_s( ld, dn, LDAP_SASL_SIMPLE, &config->pass, NULL, NULL, NULL );
264 int first = tester_ignore_err( rc );
268 /* only log if first occurrence */
269 if ( ( force < 2 && first > 0 ) || abs(first) == 1 ) {
270 tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
275 tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
279 switch ( action_type ) {
285 LDAPURLDesc *ludp = (LDAPURLDesc *)action;
286 LDAPMessage *res = NULL;
287 struct timeval tv = { 0 }, *tvp = NULL;
290 tv.tv_sec = timelimit;
294 assert( action != NULL );
296 rc = ldap_search_ext_s( ld,
297 ludp->lud_dn, ludp->lud_scope,
298 ludp->lud_filter, ludp->lud_attrs, 0,
299 NULL, NULL, tvp, sizelimit, &res );
304 /* nothing to do yet */
309 ldap_unbind_ext( ld, NULL, NULL );
313 if ( rc != LDAP_SUCCESS ) {
319 fprintf( stderr, " PID=%ld - Bind done (%d).\n", (long) pid, rc );
322 if ( ldp && noinit ) {
325 } else if ( ld != NULL ) {
326 ldap_unbind_ext( ld, NULL, NULL );
334 do_base( struct tester_conn_args *config, char *dn, char *base, char *filter, char *pwattr,
335 int force, int noinit, int action_type, void *action )
339 int rc = LDAP_SUCCESS;
341 LDAPMessage *res, *msg;
343 struct berval *creds = NULL;
344 char *attrs[] = { LDAP_NO_ATTRS, NULL };
349 struct timeval beg, end;
353 tester_init_ld( &ld, config, 0 );
355 fprintf( stderr, "PID=%ld - Bind(%d): base=\"%s\", filter=\"%s\" attr=\"%s\".\n",
356 (long) pid, config->loops, base, filter, pwattr );
358 if ( pwattr != NULL ) {
361 rc = ldap_search_ext( ld, base, LDAP_SCOPE_SUBTREE,
362 filter, attrs, 0, NULL, NULL, 0, 0, &msgid );
363 if ( rc != LDAP_SUCCESS ) {
364 tester_ldap_error( ld, "ldap_search_ext", NULL );
365 exit( EXIT_FAILURE );
368 while ( ( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, NULL, &res ) ) > 0 )
374 for ( msg = ldap_first_message( ld, res ); msg;
375 msg = ldap_next_message( ld, msg ) )
377 switch ( ldap_msgtype( msg ) ) {
378 case LDAP_RES_SEARCH_ENTRY:
379 rc = ldap_get_dn_ber( ld, msg, &ber, &bv );
380 dns = realloc( dns, (ndns + 1)*sizeof(char *) );
381 dns[ndns] = ber_strdup( bv.bv_val );
382 if ( pwattr != NULL ) {
383 struct berval **values = ldap_get_values_len( ld, msg, pwattr );
385 creds = realloc( creds, (ndns + 1)*sizeof(struct berval) );
386 if ( values == NULL ) {
388 creds[ndns].bv_len = 0;
389 creds[ndns].bv_val = nullstr;
392 static struct berval cleartext = BER_BVC( "{CLEARTEXT} " );
393 struct berval value = *values[ 0 ];
395 if ( value.bv_val[ 0 ] == '{' ) {
396 char *end = ber_bvchr( &value, '}' );
399 if ( ber_bvcmp( &value, &cleartext ) == 0 ) {
400 value.bv_val += cleartext.bv_len;
401 value.bv_len -= cleartext.bv_len;
404 ldap_value_free_len( values );
411 ber_dupbv( &creds[ndns], &value );
412 ldap_value_free_len( values );
419 case LDAP_RES_SEARCH_RESULT:
431 beg = GetTickCount();
433 gettimeofday( &beg, NULL );
437 tester_error( "No DNs" );
441 fprintf( stderr, " PID=%ld - Bind base=\"%s\" filter=\"%s\" got %d values.\n",
442 (long) pid, base, filter, ndns );
444 /* Ok, got list of DNs, now start binding to each */
445 for ( i = 0; i < config->loops; i++ ) {
448 #if 0 /* use high-order bits for better randomness (Numerical Recipes in "C") */
451 j = ((double)ndns)*rand()/(RAND_MAX + 1.0);
453 if ( creds && !BER_BVISEMPTY( &creds[j] ) ) {
454 config->pass = creds[j];
457 if ( do_bind( config, dns[j], 1, force, noinit, &ld,
458 action_type, action ) && !force )
463 if ( config->delay ) {
464 sleep( config->delay );
469 ldap_unbind_ext( ld, NULL, NULL );
474 end = GetTickCount();
477 fprintf( stderr, " PID=%ld - Bind done %d in %d.%03d seconds.\n",
478 (long) pid, i, end / 1000, end % 1000 );
480 gettimeofday( &end, NULL );
481 end.tv_usec -= beg.tv_usec;
482 if (end.tv_usec < 0 ) {
483 end.tv_usec += 1000000;
486 end.tv_sec -= beg.tv_sec;
488 fprintf( stderr, " PID=%ld - Bind done %d in %ld.%06ld seconds.\n",
489 (long) pid, i, (long) end.tv_sec, (long) end.tv_usec );
493 for ( i = 0; i < ndns; i++ ) {
494 ber_memfree( dns[i] );
500 for ( i = 0; i < ndns; i++ ) {
501 if ( creds[i].bv_val != nullstr ) {
502 ber_memfree( creds[i].bv_val );