2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1999-2017 The OpenLDAP Foundation.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted only as authorized by the OpenLDAP
11 * A copy of this license is available in file LICENSE in the
12 * top-level directory of the distribution or, alternatively, at
13 * <http://www.OpenLDAP.org/license.html>.
16 * This work was initially developed by Howard Chu for inclusion
17 * in OpenLDAP Software.
24 #include "ac/stdlib.h"
29 #include "ac/socket.h"
30 #include "ac/string.h"
31 #include "ac/unistd.h"
40 #include "slapd-common.h"
45 do_bind( char *uri, char *dn, struct berval *pass, int maxloop,
46 int force, int chaserefs, int noinit, LDAP **ldp,
47 int action_type, void *action );
50 do_base( char *uri, char *dn, struct berval *pass, char *base, char *filter, char *pwattr,
51 int maxloop, int force, int chaserefs, int noinit, int delay,
52 int action_type, void *action );
54 /* This program can be invoked two ways: if -D is used to specify a Bind DN,
55 * that DN will be used repeatedly for all of the Binds. If instead -b is used
56 * to specify a base DN, a search will be done for all "person" objects under
57 * that base DN. Then DNs from this list will be randomly selected for each
58 * Bind request. All of the users must have identical passwords. Also it is
59 * assumed that the users are all onelevel children of the base.
62 usage( char *name, char opt )
65 fprintf( stderr, "%s: unable to handle option \'%c\'\n\n",
69 fprintf( stderr, "usage: %s "
70 "[-H uri | -h <host> [-p port]] "
71 "[-D <dn> [-w <passwd>]] "
72 "[-b <baseDN> [-f <searchfilter>] [-a pwattr]] "
86 main( int argc, char **argv )
90 char *host = "localhost";
93 char *filter = "(objectClass=person)";
94 struct berval pass = { 0, NULL };
104 /* extra action to do after bind... */
105 struct berval type[] = {
106 BER_BVC( "tester=" ),
109 BER_BVC( "modify=" ),
110 BER_BVC( "modrdn=" ),
112 BER_BVC( "search=" ),
116 LDAPURLDesc *extra_ludp = NULL;
118 tester_init( "slapd-bind", TESTER_BIND );
120 /* by default, tolerate invalid credentials */
121 tester_ignore_str2errlist( "INVALID_CREDENTIALS" );
123 while ( ( i = getopt( argc, argv, "a:B:b:D:Ff:H:h:Ii:L:l:p:t:w:" ) ) != EOF )
130 case 'b': /* base DN of a tree of user DNs */
138 for ( c = 0; type[c].bv_val; c++ ) {
139 if ( strncasecmp( optarg, type[c].bv_val, type[c].bv_len ) == 0 )
145 if ( type[c].bv_val == NULL ) {
146 usage( argv[0], 'B' );
153 usage( argv[0], 'B' );
157 if ( ldap_url_parse( &optarg[type[c].bv_len], &extra_ludp ) != LDAP_URL_SUCCESS )
159 usage( argv[0], 'B' );
180 case 'H': /* the server uri */
184 case 'h': /* the servers host */
189 tester_ignore_str2errlist( optarg );
192 case 'p': /* the servers port */
193 if ( lutil_atoi( &port, optarg ) != 0 ) {
194 usage( argv[0], 'p' );
203 ber_str2bv( optarg, 0, 1, &pass );
204 memset( optarg, '*', pass.bv_len );
207 case 'l': /* the number of loops */
208 if ( lutil_atoi( &loops, optarg ) != 0 ) {
209 usage( argv[0], 'l' );
213 case 'L': /* the number of outerloops */
214 if ( lutil_atoi( &outerloops, optarg ) != 0 ) {
215 usage( argv[0], 'L' );
228 /* reuse connection */
233 /* sleep between binds */
234 if ( lutil_atoi( &delay, optarg ) != 0 ) {
235 usage( argv[0], 't' );
245 if ( port == -1 && uri == NULL ) {
246 usage( argv[0], '\0' );
249 uri = tester_uri( uri, host, port );
251 for ( i = 0; i < outerloops; i++ ) {
254 if ( base != NULL ) {
255 rc = do_base( uri, dn, &pass, base, filter, pwattr, loops,
256 force, chaserefs, noinit, delay, -1, NULL );
258 rc = do_bind( uri, dn, &pass, loops,
259 force, chaserefs, noinit, NULL, -1, NULL );
261 if ( rc == LDAP_SERVER_DOWN )
265 exit( EXIT_SUCCESS );
270 do_bind( char *uri, char *dn, struct berval *pass, int maxloop,
271 int force, int chaserefs, int noinit, LDAP **ldp,
272 int action_type, void *action )
274 LDAP *ld = ldp ? *ldp : NULL;
277 /* for internal search */
281 switch ( action_type ) {
287 LDAPURLDesc *ludp = (LDAPURLDesc *)action;
289 assert( action != NULL );
291 if ( ludp->lud_exts != NULL ) {
292 for ( i = 0; ludp->lud_exts[ i ] != NULL; i++ ) {
293 char *ext = ludp->lud_exts[ i ];
301 if ( strncasecmp( ext, "x-timelimit=", STRLENOF( "x-timelimit=" ) ) == 0 ) {
302 if ( lutil_atoi( &timelimit, &ext[ STRLENOF( "x-timelimit=" ) ] ) && crit ) {
303 tester_error( "unable to parse critical extension x-timelimit" );
306 } else if ( strncasecmp( ext, "x-sizelimit=", STRLENOF( "x-sizelimit=" ) ) == 0 ) {
307 if ( lutil_atoi( &sizelimit, &ext[ STRLENOF( "x-sizelimit=" ) ] ) && crit ) {
308 tester_error( "unable to parse critical extension x-sizelimit" );
312 tester_error( "unknown critical extension" );
319 /* nothing to do yet */
324 fprintf( stderr, "PID=%ld - Bind(%d): dn=\"%s\".\n",
325 (long) pid, maxloop, dn );
328 for ( i = 0; i < maxloop; i++ ) {
329 if ( !noinit || ld == NULL ) {
330 int version = LDAP_VERSION3;
331 ldap_initialize( &ld, uri );
333 tester_perror( "ldap_initialize", NULL );
338 (void) ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION,
340 (void) ldap_set_option( ld, LDAP_OPT_REFERRALS,
341 chaserefs ? LDAP_OPT_ON: LDAP_OPT_OFF );
344 rc = ldap_sasl_bind_s( ld, dn, LDAP_SASL_SIMPLE, pass, NULL, NULL, NULL );
346 int first = tester_ignore_err( rc );
350 /* only log if first occurrence */
351 if ( ( force < 2 && first > 0 ) || abs(first) == 1 ) {
352 tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
357 tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
361 switch ( action_type ) {
367 LDAPURLDesc *ludp = (LDAPURLDesc *)action;
368 LDAPMessage *res = NULL;
369 struct timeval tv = { 0 }, *tvp = NULL;
372 tv.tv_sec = timelimit;
376 assert( action != NULL );
378 rc = ldap_search_ext_s( ld,
379 ludp->lud_dn, ludp->lud_scope,
380 ludp->lud_filter, ludp->lud_attrs, 0,
381 NULL, NULL, tvp, sizelimit, &res );
386 /* nothing to do yet */
391 ldap_unbind_ext( ld, NULL, NULL );
395 if ( rc != LDAP_SUCCESS ) {
401 fprintf( stderr, " PID=%ld - Bind done (%d).\n", (long) pid, rc );
404 if ( ldp && noinit ) {
407 } else if ( ld != NULL ) {
408 ldap_unbind_ext( ld, NULL, NULL );
416 do_base( char *uri, char *dn, struct berval *pass, char *base, char *filter, char *pwattr,
417 int maxloop, int force, int chaserefs, int noinit, int delay,
418 int action_type, void *action )
422 int rc = LDAP_SUCCESS;
424 LDAPMessage *res, *msg;
426 struct berval *creds = NULL;
427 char *attrs[] = { LDAP_NO_ATTRS, NULL };
432 struct timeval beg, end;
434 int version = LDAP_VERSION3;
437 ldap_initialize( &ld, uri );
439 tester_perror( "ldap_initialize", NULL );
440 exit( EXIT_FAILURE );
443 (void) ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
444 (void) ldap_set_option( ld, LDAP_OPT_REFERRALS,
445 chaserefs ? LDAP_OPT_ON: LDAP_OPT_OFF );
447 rc = ldap_sasl_bind_s( ld, dn, LDAP_SASL_SIMPLE, pass, NULL, NULL, NULL );
448 if ( rc != LDAP_SUCCESS ) {
449 tester_ldap_error( ld, "ldap_sasl_bind_s", NULL );
450 exit( EXIT_FAILURE );
453 fprintf( stderr, "PID=%ld - Bind(%d): base=\"%s\", filter=\"%s\" attr=\"%s\".\n",
454 (long) pid, maxloop, base, filter, pwattr );
456 if ( pwattr != NULL ) {
459 rc = ldap_search_ext( ld, base, LDAP_SCOPE_SUBTREE,
460 filter, attrs, 0, NULL, NULL, 0, 0, &msgid );
461 if ( rc != LDAP_SUCCESS ) {
462 tester_ldap_error( ld, "ldap_search_ext", NULL );
463 exit( EXIT_FAILURE );
466 while ( ( rc = ldap_result( ld, LDAP_RES_ANY, LDAP_MSG_ONE, NULL, &res ) ) > 0 )
472 for ( msg = ldap_first_message( ld, res ); msg;
473 msg = ldap_next_message( ld, msg ) )
475 switch ( ldap_msgtype( msg ) ) {
476 case LDAP_RES_SEARCH_ENTRY:
477 rc = ldap_get_dn_ber( ld, msg, &ber, &bv );
478 dns = realloc( dns, (ndns + 1)*sizeof(char *) );
479 dns[ndns] = ber_strdup( bv.bv_val );
480 if ( pwattr != NULL ) {
481 struct berval **values = ldap_get_values_len( ld, msg, pwattr );
483 creds = realloc( creds, (ndns + 1)*sizeof(struct berval) );
484 if ( values == NULL ) {
486 creds[ndns].bv_len = 0;
487 creds[ndns].bv_val = nullstr;
490 static struct berval cleartext = BER_BVC( "{CLEARTEXT} " );
491 struct berval value = *values[ 0 ];
493 if ( value.bv_val[ 0 ] == '{' ) {
494 char *end = ber_bvchr( &value, '}' );
497 if ( ber_bvcmp( &value, &cleartext ) == 0 ) {
498 value.bv_val += cleartext.bv_len;
499 value.bv_len -= cleartext.bv_len;
502 ldap_value_free_len( values );
509 ber_dupbv( &creds[ndns], &value );
510 ldap_value_free_len( values );
517 case LDAP_RES_SEARCH_RESULT:
529 beg = GetTickCount();
531 gettimeofday( &beg, NULL );
535 tester_error( "No DNs" );
539 fprintf( stderr, " PID=%ld - Bind base=\"%s\" filter=\"%s\" got %d values.\n",
540 (long) pid, base, filter, ndns );
542 /* Ok, got list of DNs, now start binding to each */
543 for ( i = 0; i < maxloop; i++ ) {
545 struct berval cred = { 0, NULL };
548 #if 0 /* use high-order bits for better randomness (Numerical Recipes in "C") */
551 j = ((double)ndns)*rand()/(RAND_MAX + 1.0);
553 if ( creds && !BER_BVISEMPTY( &creds[j] ) ) {
557 if ( do_bind( uri, dns[j], &cred, 1, force, chaserefs, noinit, &ld,
558 action_type, action ) && !force )
569 ldap_unbind_ext( ld, NULL, NULL );
574 end = GetTickCount();
577 fprintf( stderr, " PID=%ld - Bind done %d in %d.%03d seconds.\n",
578 (long) pid, i, end / 1000, end % 1000 );
580 gettimeofday( &end, NULL );
581 end.tv_usec -= beg.tv_usec;
582 if (end.tv_usec < 0 ) {
583 end.tv_usec += 1000000;
586 end.tv_sec -= beg.tv_sec;
588 fprintf( stderr, " PID=%ld - Bind done %d in %ld.%06ld seconds.\n",
589 (long) pid, i, (long) end.tv_sec, (long) end.tv_usec );
593 for ( i = 0; i < ndns; i++ ) {
594 ber_memfree( dns[i] );
600 for ( i = 0; i < ndns; i++ ) {
601 if ( creds[i].bv_val != nullstr ) {
602 ber_memfree( creds[i].bv_val );
projects / openldap / blob