Line data Source code
1 : /*
2 : * Unix SMB/CIFS implementation.
3 : *
4 : * Test LDB attribute functions
5 : *
6 : * Copyright (C) Andrew Bartlet <abartlet@samba.org> 2008-2009
7 : * Copyright (C) Matthieu Patou <mat@matws.net> 2009
8 : *
9 : * This program is free software; you can redistribute it and/or modify
10 : * it under the terms of the GNU General Public License as published by
11 : * the Free Software Foundation; either version 3 of the License, or
12 : * (at your option) any later version.
13 : *
14 : * This program is distributed in the hope that it will be useful,
15 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 : * GNU General Public License for more details.
18 : *
19 : * You should have received a copy of the GNU General Public License
20 : * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 : */
22 :
23 : #include "includes.h"
24 : #include "lib/events/events.h"
25 : #include <ldb.h>
26 : #include <ldb_errors.h>
27 : #include "ldb_wrap.h"
28 : #include "param/param.h"
29 : #include "lib/cmdline/cmdline.h"
30 : #include "auth/credentials/credentials.h"
31 : #include "libcli/ldap/ldap_client.h"
32 : #include "torture/smbtorture.h"
33 : #include "torture/ldap/proto.h"
34 :
35 1 : bool torture_ldap_session_expiry(struct torture_context *torture)
36 : {
37 1 : const char *host = torture_setting_string(torture, "host", NULL);
38 1 : struct cli_credentials *credentials = samba_cmdline_get_creds();
39 1 : struct ldb_context *ldb = NULL;
40 1 : const char *url = NULL;
41 1 : bool ret = false;
42 : bool ok;
43 1 : struct ldb_dn *rootdn = NULL;
44 1 : struct ldb_result *result = NULL;
45 1 : int rc = LDB_SUCCESS;
46 :
47 : /*
48 : * Further down we request a ticket lifetime of 4
49 : * seconds. Give the server 10 seconds for this to kick in
50 : */
51 1 : const struct timeval endtime = timeval_current_ofs(10, 0);
52 :
53 1 : url = talloc_asprintf(torture, "ldap://%s/", host);
54 1 : torture_assert_goto(
55 : torture, url!=NULL, ret, fail, "talloc_asprintf failed");
56 :
57 1 : cli_credentials_set_kerberos_state(credentials,
58 : CRED_USE_KERBEROS_REQUIRED,
59 : CRED_SPECIFIED);
60 :
61 1 : ok = lpcfg_set_option(
62 : torture->lp_ctx, "gensec_gssapi:requested_life_time=4");
63 1 : torture_assert_goto(
64 : torture, ok, ret, fail, "lpcfg_set_option failed");
65 :
66 1 : ldb = ldb_wrap_connect(
67 : torture,
68 : torture->ev,
69 : torture->lp_ctx,
70 : url,
71 : NULL,
72 : credentials,
73 : 0);
74 1 : torture_assert_goto(
75 : torture, ldb!=NULL, ret, fail, "ldb_wrap_connect failed");
76 :
77 1 : rootdn = ldb_dn_new(ldb, ldb, NULL);
78 1 : torture_assert_goto(
79 : torture, rootdn!=NULL, ret, fail, "ldb_dn_new failed");
80 :
81 1 : rc = ldb_search(
82 : ldb, /* ldb */
83 : ldb, /* mem_ctx */
84 : &result, /* result */
85 : rootdn, /* base */
86 : LDB_SCOPE_BASE, /* scope */
87 : NULL, /* attrs */
88 : "(objectclass=*)"); /* exp_fmt */
89 1 : torture_assert_goto(
90 : torture, rc==LDB_SUCCESS, ret, fail, "1st ldb_search failed");
91 :
92 : do {
93 4 : smb_msleep(1000);
94 :
95 4 : rc = ldb_search(
96 : ldb, /* ldb */
97 : ldb, /* mem_ctx */
98 : &result, /* result */
99 : rootdn, /* base */
100 : LDB_SCOPE_BASE, /* scope */
101 : NULL, /* attrs */
102 : "(objectclass=*)"); /* exp_fmt */
103 4 : printf("ldb_search returned %s\n", ldb_strerror(rc));
104 4 : TALLOC_FREE(result);
105 :
106 4 : if (rc != LDB_SUCCESS) {
107 1 : break;
108 : }
109 3 : } while (!timeval_expired(&endtime));
110 :
111 1 : torture_assert_goto(
112 : torture,
113 : rc==LDB_ERR_PROTOCOL_ERROR,
114 : ret,
115 : fail,
116 : "expected LDB_ERR_PROTOCOL_ERROR after 4 seconds");
117 :
118 1 : ret = true;
119 1 : fail:
120 1 : TALLOC_FREE(ldb);
121 1 : return ret;
122 : }
|