path: root/lib/ldaputil/utest
diff options
Diffstat (limited to 'lib/ldaputil/utest')
11 files changed, 0 insertions, 2138 deletions
diff --git a/lib/ldaputil/utest/Makefile b/lib/ldaputil/utest/Makefile
deleted file mode 100644
index 2f976af8..00000000
--- a/lib/ldaputil/utest/Makefile
+++ /dev/null
@@ -1,149 +0,0 @@
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception.
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# Makefile for ldaputil unit test.
-include $(BUILD_ROOT)/
-CSRC = stubs.c
-CPPSRC = auth.cpp
-TSRC = authtest
-XSRC = ../ldapauth.c ../ldapdb.c ../errors.c ../dbconf.c ../certmap.c ../ldapauth.c ../init.c ../encode.c
-COBJ = $(CPPSRC:%.cpp=%.o) $(CSRC:%.c=%.o)
-XOBJ = $(XSRC:../%.c=../utest/%.o)
-ifeq ($(ARCH), WINNT)
- BINS=./auth.exe
- LDAP_LIBLINK = $(addprefix $(LDAP_LIBPATH)/, $(addsuffix .lib, $(LDAP_LIBNAMES)))
- BINS = auth
-ifeq ($(ARCH), SOLARIS)
- XLIBS = -R$(LDAP_LIBPATH) ${LDAP_LIBLINK} $(LIBNSPR) $(LIBSEC) -lthread -lposix4 -lsocket -lnsl -ldl
- ifeq ($(ARCH), IRIX)
- else
- ifeq ($(ARCH), WINNT)
- echo "XLIBS = ${XLIBS}"
- else
- #Other UNIX platforms
- XLIBS = -R$(LDAP_LIBPATH) ${LDAP_LIBLINK} $(LIBNSPR) $(LIBSEC) -lthread -lposix4 -lsocket -lnsl -ldl
- endif
- endif
-all: $(LIBLDAP) $(COBJ) $(TSRC) ${BINS} $(PLUGIN)
- ./authtest 2> test.out
- diff test.out test.ref
- @echo
- @echo "The unit test is passed if there is no diff output, and the"
- @echo "Purify window shows no errors and 0 bytes leaked."
- @echo
- @echo "Run - gmake coverage - manually to get code coverage analysis."
- @echo
-auth: $(XOBJ) $(COBJ)
- $(PURIFY) $(CC) $(XLIBS) $^ -o $@
-auth.exe: $(XOBJ) $(COBJ)
-testcert: testcert.o $(XOBJ) ../utest/cert.o
- $(PURIFY) $(CC) $(XLIBS) $^ -o $@
- $(PURIFY) $(CC) -c $(CFLAGS) $(TESTFLAGS) $(MCC_INCLUDE) $< -o $@
- $(PURIFY) $(CC) -c $(CFLAGS) $(TESTFLAGS) $(MCC_INCLUDE) -I.. $< -o $(OBJDEST)/$*.o
- $(PURIFY) $(CC) -c $(CFLAGS) $(TESTFLAGS) $(MCC_INCLUDE) -I.. $< -o $(OBJDEST)/$*.o
-PLUGIN_INC = ./include
- mkdir -p include
-certmap.h: $(BUILD_ROOT)/include/ldaputil/extcmap.h
- \rm -rf $(PLUGIN_INC)/$@
- cp $^ $(PLUGIN_INC)/$@
-ldap.h: $(LDAP_INCLUDE)/ldap.h
- \rm -rf $(PLUGIN_INC)/$@
- cp $^ $(PLUGIN_INC)/$@
-lber.h: $(LDAP_INCLUDE)/lber.h
- \rm -rf $(PLUGIN_INC)/$@
- cp $^ $(PLUGIN_INC)/$@
-example.o: example.c $(PLUGIN_INC) certmap.h ldap.h lber.h
- $(CC) -c -I$(PLUGIN_INC) $*.c -o $(OBJDEST)/$*.o
-plugin.o: plugin.c $(PLUGIN_INC) certmap.h ldap.h lber.h
- $(PURIFY) $(CC) -c -I. -I$(PLUGIN_INC) $*.c -o $(OBJDEST)/$*.o
-$(PLUGIN): plugin.o
- $(LINK_DLL) $^
diff --git a/lib/ldaputil/utest/auth.cpp b/lib/ldaputil/utest/auth.cpp
deleted file mode 100644
index 46be3a2b..00000000
--- a/lib/ldaputil/utest/auth.cpp
+++ /dev/null
@@ -1,611 +0,0 @@
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- *
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- *
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception.
- *
- *
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
-# include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <string.h>
-#include <prinit.h> // for PR_Init
-#include <prpriv.h> // for PR_Exit
-#include <ldaputil/certmap.h>
-#include <ldaputil/init.h>
-#include <ldaputil/ldapdb.h>
-#include <ldaputil/ldapauth.h>
-#include <ldaputil/dbconf.h>
-#include <ldaputil/ldaputil.h>
-#include <ldap.h>
-static const char* dllname = "";
-char *global_issuer_dn = "o=" VENDOR ", c=US";
-static int ldapu_certinfo_save_test (const char *fname, const char *old_fname)
- int rv;
- /* Read the original certmap config file first */
- rv = ldaputil_init(old_fname, dllname, NULL, NULL, NULL);
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "ldapu_certinfo_save_test failed. Reason: %s\n",
- ldapu_err2string(rv));
- return rv;
- }
- rv = ldapu_certinfo_save(fname, old_fname, "certmap.tmp");
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "ldapu_certinfo_save_test failed. Reason: %s\n",
- ldapu_err2string(rv));
- }
- return rv;
-static int ldapu_certinfo_delete_test (const char *fname, const char *old_fname)
- int rv;
- /* Read the original certmap config file first */
- rv = ldaputil_init(old_fname, dllname, NULL, NULL, NULL);
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "ldapu_certinfo_delete_test failed. Reason: %s\n",
- ldapu_err2string(rv));
- return rv;
- }
- /* rv = ldapu_certinfo_delete("o=Ace Industry, c=US"); */
- rv = ldapu_certinfo_delete("o=" VENDOR ", c=US");
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "ldapu_certinfo_delete failed. Reason: %s\n",
- ldapu_err2string(rv));
- return rv;
- }
- rv = ldapu_certinfo_save(fname, old_fname, "certmap.tmp");
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "ldapu_certinfo_delete_test failed. Reason: %s\n",
- ldapu_err2string(rv));
- }
- return rv;
-static int ldapu_certinfo_new_test (const char *fname, const char *old_fname)
- int rv;
- LDAPUPropValList_t *propval_list;
- LDAPUPropVal_t *propval;
- /* Read the original certmap config file first */
- rv = ldaputil_init(old_fname, dllname, NULL, NULL, NULL);
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "ldapu_certinfo_new_test failed. Reason: %s\n",
- ldapu_err2string(rv));
- return rv;
- }
- /* Setup propval_list */
- rv = ldapu_list_alloc(&propval_list);
- if (rv != LDAPU_SUCCESS) return rv;
- rv = ldapu_propval_alloc("prop1", "val1", &propval);
- if (rv != LDAPU_SUCCESS) return rv;
- rv = ldapu_list_add_info(propval_list, propval);
- if (rv != LDAPU_SUCCESS) return rv;
- rv = ldapu_propval_alloc("prop2", "val2", &propval);
- if (rv != LDAPU_SUCCESS) return rv;
- rv = ldapu_list_add_info(propval_list, propval);
- if (rv != LDAPU_SUCCESS) return rv;
- rv = ldapu_propval_alloc("prop3", 0, &propval);
- if (rv != LDAPU_SUCCESS) return rv;
- rv = ldapu_list_add_info(propval_list, propval);
- if (rv != LDAPU_SUCCESS) return rv;
- rv = ldapu_certinfo_modify("newmap", "o=Mcom Communications, c=US",
- propval_list);
- ldapu_propval_list_free(propval_list);
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "ldapu_certinfo_delete failed. Reason: %s\n",
- ldapu_err2string(rv));
- return rv;
- }
- rv = ldapu_certinfo_save(fname, old_fname, "certmap.tmp");
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "ldapu_certinfo_new_test failed. Reason: %s\n",
- ldapu_err2string(rv));
- }
- return rv;
-static int get_dbnames_test (const char *mapfile)
- char **names;
- int cnt;
- int rv;
- int i;
- rv = dbconf_get_dbnames(mapfile, &names, &cnt);
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "get_dbnames_test failed. Reason: %s\n",
- ldapu_err2string(rv));
- }
- else {
- for(i = 0; i < cnt; i++) {
- fprintf(stderr, "\tdbname[%d] = \"%s\"\n",
- i, names[i]);
- }
- }
- dbconf_free_dbnames(names);
- return rv;
-static int case_ignore_strcmp (const char *s1, const char *s2)
- int ls1, ls2; /* tolower values of chars in s1 & s2 resp. */
- if (!s1) return !s2 ? 0 : 0-tolower(*s2);
- else if (!s2) return tolower(*s1);
- while(*s1 && *s2 && (ls1 = tolower(*s1)) == (ls2 = tolower(*s2))) { s1++; s2++; }
- if (!*s1)
- return *s2 ? 0-tolower(*s2) : 0;
- else if (!*s2)
- return tolower(*s1);
- else
- return ls1 - ls2;
-#define STRCASECMP3(s1, s2, rv) \
-{ \
- int i = case_ignore_strcmp(s1, s2); \
- fprintf(stderr, "strcasecmp(\"%s\", \"%s\")\t=\t%d\t%s\tExpected: %d\n", \
- s1 ? s1 : "<NULL>", s2 ? s2 : "<NULL>", \
- i, i == rv ? "SUCCESS" : "FAILED", rv); \
-#ifndef XP_WIN32
-#define STRCASECMP(s1, s2) STRCASECMP3(s1, s2, strcasecmp(s1, s2))
-#define STRCASECMP(s1, s2) STRCASECMP3(s1, s2, case_ignore_strcmp(s1, s2))
-static void strcasecmp_test ()
- STRCASECMP3(0, "aBcD", 0-tolower('a'));
- STRCASECMP3(0, 0, 0);
- STRCASECMP3("aBcD", 0, tolower('a'));
- STRCASECMP("AbCd", "aBcD");
- STRCASECMP("AbCd", "abcd");
- STRCASECMP("abcd", "abcd");
- STRCASECMP("AbCd", "aBcD3");
- STRCASECMP("AbCd", "abcd3");
- STRCASECMP("abcd", "abcd3");
- STRCASECMP("AbCd1", "aBcD");
- STRCASECMP("AbCd2", "abcd");
- STRCASECMP("abcdY", "abcd");
- STRCASECMP("AbCd5", "aBcD1");
- STRCASECMP("AbCd5", "abcd1");
- STRCASECMP("abcd5", "abcd1");
- STRCASECMP("AbCd2", "aBcDp");
- STRCASECMP("AbCd2", "abcdQ");
- STRCASECMP("abcd2", "abcdS");
-static int certmap_tests (const char *config_file) { return 0; }
-static int read_config_test (const char *config_file, const char *dbname,
- const char *url,
- const char *binddn, const char *bindpw)
- int rv;
- DBConfDBInfo_t *db_info;
- char *dn;
- char *pw;
- rv = dbconf_read_default_dbinfo(config_file, &db_info);
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "config_test failed: %s\n",
- ldapu_err2string(rv));
- return LDAPU_FAILED;
- }
- if (strcmp(db_info->dbname, dbname) ||
- strcmp(db_info->url, url)) {
- fprintf(stderr, "config_test failed: %s\n",
- "first line in config file is wrong");
- return LDAPU_FAILED;
- }
- if ((ldapu_dbinfo_attrval(db_info, "binddn", &dn) != LDAPU_SUCCESS) ||
- (ldapu_dbinfo_attrval(db_info, "bindpw", &pw) != LDAPU_SUCCESS))
- {
- fprintf(stderr, "config_test failed: %s\n",
- "properties are missing");
- return LDAPU_FAILED;
- }
- if (strcmp(dn, binddn) ||
- strcmp(pw, bindpw)) {
- fprintf(stderr, "config_test failed: %s\n",
- "property values are wrong");
- return LDAPU_FAILED;
- }
- fprintf(stderr, "binddn from config file: \"%s\"\n", dn);
- fprintf(stderr, "bindpw from config file: \"%s\"\n", pw);
- /* cleanup */
- dbconf_free_dbinfo(db_info);
- free(dn);
- free(pw);
-static int config_test (const char *binddn, const char *bindpw)
- char *config_file = "config_out.conf";
- FILE *fp = fopen(config_file, "w");
- const char *dbname = "default";
- const char *url = "file:/foobar/path";
- int rv;
- if (!fp) return LDAPU_FAILED;
- dbconf_output_db_directive(fp, dbname, url);
- dbconf_output_propval(fp, dbname, "binddn", binddn, 0);
- dbconf_output_propval(fp, dbname, "bindpw", bindpw, 1);
- fclose(fp);
- fprintf(stderr, "Config file written: %s\n", config_file);
- rv = read_config_test(config_file, dbname, url, binddn, bindpw);
- return rv;
-static int
-compare_groupid(const void *arg, const char *group, const int len)
- auto const char* groupid = (const char*)arg;
- auto int err = LDAPU_FAILED;
- if (len == strlen (groupid) && !strncasecmp (groupid, group, len)) {
- }
- return err;
-static int
-compare_group(LDAP* directory, LDAPMessage* entry, void* set)
- auto int err = LDAPU_FAILED;
- auto char** vals = ldap_get_values (directory, entry, "CN");
- if (vals) {
- auto char** val;
- for (val = vals; *val; ++val) {
- if (!strcasecmp (*val, (char*)set)) {
- break;
- }
- }
- ldap_value_free (vals);
- }
- return err;
-int perform_test (int argc, char *argv[])
- int test_type;
- int retval = LDAPU_SUCCESS;
- DBConfDBInfo_t *db_info;
- LDAPDatabase_t *ldb;
- LDAP *ld;
- char *dbmap_file = "dblist.conf";
- char *binddn = 0;
- char *bindpw = 0;
- char *basedn;
- int retry = 1;
- int rv;
- fprintf(stderr, "\nStart of test: ./auth %s \"%s\" \"%s\"\n",
- argv[1], argv[2], argv[3]);
- rv = dbconf_read_default_dbinfo(dbmap_file, &db_info);
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "Error reading dbmap file \"%s\". Reason: %s\n",
- dbmap_file, ldapu_err2string(rv));
- return rv;
- }
- ldapu_dbinfo_attrval (db_info, LDAPU_ATTR_BINDDN, &binddn);
- ldapu_dbinfo_attrval (db_info, LDAPU_ATTR_BINDPW, &bindpw);
- rv = ldapu_url_parse (db_info->url, binddn, bindpw, &ldb);
- free(binddn);
- free(bindpw);
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "Error parsing ldap url \"%s\". Reason: %s\n",
- db_info->url, ldapu_err2string(rv));
- return rv;
- }
- basedn = ldb->basedn;
- test_type = atoi(argv[1]);
- retry = 1;
- while(retry) {
- retry = 0;
- rv = ldapu_ldap_init_and_bind (ldb);
- if (rv != LDAPU_SUCCESS) {
- fprintf(stderr, "Error initializing connection to LDAP. Reason: %s\n",
- ldapu_err2string(rv));
- return rv;
- }
- ld = ldb->ld;
- switch(test_type) {
- case 1:
- fprintf(stderr, "\nuserdn:\t\t\"%s\"\ngroupdn:\t\"%s\"\n",
- argv[2], argv[3]);
- retval = ldapu_auth_userdn_groupdn(ld, argv[2], argv[3], basedn);
- break;
- case 2:
- fprintf(stderr, "\nuid:\t\t\"%s\"\ngroupdn:\t\"%s\"\n", argv[2], argv[3]);
- retval = ldapu_auth_uid_groupdn(ld, argv[2], argv[3], basedn);
- break;
- case 3:
- fprintf(stderr, "\nuid:\t\t\"%s\"\ngroupid:\t\"%s\"\n", argv[2], argv[3]);
- retval = ldapu_auth_uid_groupid(ld, argv[2], argv[3], basedn);
- break;
- case 4:
- fprintf(stderr, "\nuserdn:\t\t\"%s\"\ngroupid:\t\"%s\"\n", argv[2], argv[3]);
- retval = ldapu_auth_userdn_groupid(ld, argv[2], argv[3], basedn);
- break;
- case 5:
- fprintf(stderr, "\nuserdn:\t\t\"%s\"\nattrFilter:\t\"%s\"\n", argv[2], argv[3]);
- retval = ldapu_auth_userdn_attrfilter(ld, argv[2], argv[3]);
- break;
- case 6:
- fprintf(stderr, "\nuid:\t\t\"%s\"\nattrFilter:\t\"%s\"\n", argv[2], argv[3]);
- retval = ldapu_auth_uid_attrfilter(ld, argv[2], argv[3], basedn);
- break;
- case 7:
- fprintf(stderr, "\nuserdn:\t\t\"%s\"\npassword:\t\"%s\"\n", argv[2], argv[3]);
- retval = ldapu_auth_userdn_password(ld, argv[2], argv[3]);
- break;
- case 8:
- fprintf(stderr, "\nuid:\t\t\"%s\"\npassword:\t\"%s\"\n", argv[2], argv[3]);
- retval = ldapu_auth_uid_password(ld, argv[2], argv[3], basedn);
- break;
- case 9: {
- /* plugin test */
- LDAPMessage *entry = 0;
- LDAPMessage *res = 0;
- fprintf(stderr, "Cert Map issuer DN: \"%s\"\n", argv[2]);
- fprintf(stderr, "Cert Map subject DN: \"%s\"\n", argv[3]);
- retval = ldaputil_init("certmap.conf", dllname, NULL, NULL, NULL);
- if (retval != LDAPU_SUCCESS) {
- fprintf(stderr, "Cert Map info test failed. Reason: %s\n",
- ldapu_err2string(retval));
- break;
- }
- if (*(argv[2]))
- global_issuer_dn = argv[2];
- else
- global_issuer_dn = 0;
- retval = ldapu_cert_to_ldap_entry(argv[3], ld, ldb->basedn, &res);
- if (retval == LDAPU_SUCCESS) {
- char *dn;
- entry = ldap_first_entry(ld, res);
- dn = ldap_get_dn(ld, entry);
- fprintf(stderr, "Matched entry to cert: \"%s\"\n", dn);
- ldap_memfree(dn);
- }
- else if (retval == LDAPU_FAILED) {
- /* Not an error but couldn't map the cert */
- }
- else {
- fprintf(stderr, "Cert Map info test failed. Reason: %s\n",
- ldapu_err2string(retval));
- break;
- }
- /* TEMPORARY -- when & how to free the entry */
- if (res) ldap_msgfree(res);
- break;
- } /* case 9 */
- case 10:
- if ((retval = config_test(argv[2], argv[3])) == LDAPU_SUCCESS) {
- fprintf(stderr, "Config file test succeeded\n");
- }
- else {
- fprintf(stderr, "Config file test failed\n");
- }
- break;
- case 11:
- retval = get_dbnames_test(argv[2]);
- break;
- case 12:
- retval = ldapu_certinfo_save_test(argv[2], argv[3]);
- break;
- case 13:
- retval = ldapu_certinfo_delete_test(argv[2], argv[3]);
- break;
- case 14:
- retval = ldapu_certinfo_new_test(argv[2], argv[3]);
- break;
- case 15:
- fprintf(stderr, "\nuserdn:\t\t\"%s\"\ngroupid:\t\"%s\"\n", argv[2], argv[3]);
- {
- auto LDAPU_DNList_t* userDNs = ldapu_DNList_alloc();
- ldapu_DNList_add(userDNs, argv[2]);
- retval = ldapu_auth_usercert_groups(ld, basedn, userDNs, NULL,
- argv[3], compare_group, 30, NULL);
- ldapu_DNList_free(userDNs);
- }
- break;
- case 16:
- fprintf(stderr, "\nuserCert:\t\"%s\"\ngroupid:\t\"%s\"\n", argv[2], argv[3]);
- retval = ldapu_auth_usercert_groupids(ld, NULL/*userDN*/, argv[2], argv[3],
- compare_groupid, basedn, NULL/*group_out*/);
- break;
- } /* switch */
- if (retval == LDAP_SERVER_DOWN) {
- /* retry */
- retry = 1;
- ldb->ld = 0;
- }
- else if (retval == LDAPU_SUCCESS) {
- fprintf(stderr, "Authentication succeeded.\n");
- }
- else {
- fprintf(stderr, "Authentication failed.\n");
- }
- }
- /* cleanup */
-// ldapu_free_LDAPDatabase_t(ldb);
-// dbconf_free_dbinfo(db_info);
-// ldaputil_exit();
- return retval;
-int main (int argc, char *argv[])
- int rv;
- NSPR_INIT("auth");
- if (argc != 4) {
- fprintf(stderr, "argc = %d\n", argc);
- fprintf(stderr, "usage: %s test_type user_dn group_dn\n", argv[0]);
- fprintf(stderr, "\t%s 1 <userdn> <groupdn>\n", argv[0]);
- fprintf(stderr, "\t%s 2 <uid> <groupdn>\n", argv[0]);
- fprintf(stderr, "\t%s 3 <uid> <groupid>\n", argv[0]);
- fprintf(stderr, "\t%s 4 <userdn> <groupid>\n", argv[0]);
- fprintf(stderr, "\t%s 5 <userdn> <attrFilter>\n", argv[0]);
- fprintf(stderr, "\t%s 6 <uid> <attrFilter>\n", argv[0]);
- fprintf(stderr, "\t%s 7 <userdn> <password>\n", argv[0]);
- fprintf(stderr, "\t%s 8 <uid> <password>\n", argv[0]);
- fprintf(stderr, "\t%s 9 <certmap.conf> <subjectDN>\n", argv[0]);
- fprintf(stderr, "\t%s 10 <binddn> <bindpw>\n", argv[0]);
- fprintf(stderr, "\t%s 11 <dbmap> <ignore>\n", argv[0]);
- fprintf(stderr, "\t%s 12 <newconfig> <oldconfig> ... to test save\n", argv[0]);
- fprintf(stderr, "\t%s 13 <newconfig> <oldconfig> ... to test delete\n", argv[0]);
- fprintf(stderr, "\t%s 14 <newconfig> <oldconfig> ... to test add\n", argv[0]);
- fprintf(stderr, "\t%s 15 <userdn> <groupid>\n", argv[0]);
- fprintf(stderr, "\t%s 16 <userCertDescription> <groupid>\n", argv[0]);
- }
- rv = perform_test(argc, argv);
- /* PR_Exit(); */
- return rv;
diff --git a/lib/ldaputil/utest/authtest b/lib/ldaputil/utest/authtest
deleted file mode 100755
index 38e206cf..00000000
--- a/lib/ldaputil/utest/authtest
+++ /dev/null
@@ -1,138 +0,0 @@
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception.
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# setup for test
-USERDN="cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-USER2DN="cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-GROUPDN="cn=Directory Administrators, o=Ace Industry, c=US"
-GROUPID="Directory Administrators"
-function check_result {
- echo "\nStart of test: $1 $2 \"$3\" \"$4\""
- if ( `$1 $2 "$3" "$4"` ) then
- if [ $5 == "fail" ]; then
- echo "**** Test Failed ****";
- else
- echo "Test Succeeded";
- fi
- else
- if [ $5 == "fail" ]; then
- echo "Test Succeeded";
- else
- echo "**** Test Failed ****";
- fi
- fi
-function must_fail {
- check_result $1 $2 "$3" "$4" "fail";
-function must_succeed {
- check_result $1 $2 "$3" "$4" "success";
-# test for <userdn> <groupdn>
-must_succeed ./auth 1 "${USERDN}" "${GROUPDN}"
-must_fail ./auth 1 "${USER2DN}" "${GROUPDN}"
-# test for <uid> <groupdn>
-must_succeed ./auth 2 "${UID}" "${GROUPDN}"
-must_fail ./auth 2 "${U2ID}" "${GROUPDN}"
-# test for <uid> <groupid>
-must_succeed ./auth 3 "${UID}" "${GROUPID}"
-must_fail ./auth 3 "${U2ID}" "${GROUPID}"
-# test for <userdn> <groupid>
-must_succeed ./auth 4 "${USERDN}" "${GROUPID}"
-must_fail ./auth 4 "${USER2DN}" "${GROUPID}"
-must_succeed ./auth 15 "${USERDN}" "${GROUPID}"
-must_fail ./auth 15 "${USER2DN}" "${GROUPID}"
-must_succeed ./auth 16 "{${USERDN}" "${GROUPID}"
-must_fail ./auth 16 "{${USER2DN}" "${GROUPID}"
-# test for <userdn> <attrFilter>
-must_succeed ./auth 5 "${USERDN}" "${ATTRFILTER}"
-must_fail ./auth 5 "${USERDN}" "${ATTR2FILTER}"
-must_fail ./auth 5 "${USER2DN}" "${ATTRFILTER}"
-# test for <uid> <attrFilter>
-must_succeed ./auth 6 "${UID}" "${ATTRFILTER}"
-must_fail ./auth 6 "${UID}" "${ATTR2FILTER}"
-must_fail ./auth 6 "${U2ID}" "${ATTRFILTER}"
-# test for <userdn> <password>
-must_succeed ./auth 7 "${USERDN}" "hillock"
-must_fail ./auth 7 "${USERDN}" "garbage"
-# test for <uid> <password>
-must_succeed ./auth 8 "${UID}" "hillock"
-must_fail ./auth 8 "${UID}" "garbage"
-#test for cert to ldap entry mapping
-must_succeed ./auth 9 "o=Ace Industry, c=US" "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
-#must_fail ./auth 9 "default" "cn=Kirsten Vaughan, o=Ace Industry, c=US"
-# test for encode/decode bindpw
-must_succeed ./auth 10 "cn=Foo Bar, o=$VENDOR, c=US" "foobar"
-# test for reading dbnames from dbswitch.conf file
-must_succeed ./auth 11 dblist.conf ignore
-# test for saving certmap info
-must_succeed ./auth 12 certmap.conf
-cat certmap.conf 1>&2
-# test for delete certmap info
-must_succeed ./auth 13 certmap.conf
-cat certmap.conf 1>&2
-# test for add certmap info
-must_succeed ./auth 14 certmap.conf
-cat certmap.conf 1>&2
diff --git a/lib/ldaputil/utest/certmap.conf b/lib/ldaputil/utest/certmap.conf
deleted file mode 100644
index b68d9a94..00000000
--- a/lib/ldaputil/utest/certmap.conf
+++ /dev/null
@@ -1,68 +0,0 @@
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception.
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-# Comments before any certmap directive - line 6
-certmap default default
-#default:DNComps o, ou ,c
-#default:FilterComps cn
-certmap default1 o=VENDOR, c=US
-default1:library ./
-default1:InitFn plugin_init_fn
-default1:DNComps ou o c
-default1:FilterComps l
-# Following line has trailing spaces
-certmap default2 o=Ace Industry, c=US
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
diff --git a/lib/ldaputil/utest/dblist.conf b/lib/ldaputil/utest/dblist.conf
deleted file mode 100644
index a7ed9858..00000000
--- a/lib/ldaputil/utest/dblist.conf
+++ /dev/null
@@ -1,47 +0,0 @@
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception.
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-directory default ldap://:3334/
-directory default1 ldap:///o=Ace Industry, c=US
-directory default2 ldap:///o=Ace Industry, c=US
-directory default3 ldap:///o=Ace Industry, c=US
-directory default4 ldap:///o=Ace Industry, c=US
-directory default5 ldap:///o=Ace Industry, c=US
-directory default6 ldap:///o=Ace Industry, c=US
diff --git a/lib/ldaputil/utest/example.c b/lib/ldaputil/utest/example.c
deleted file mode 100644
index 8fe65ffd..00000000
--- a/lib/ldaputil/utest/example.c
+++ /dev/null
@@ -1,153 +0,0 @@
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- *
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- *
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception.
- *
- *
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
-# include <config.h>
-#include <stdio.h>
-#include <certmap.h>
-#ifdef __cplusplus
-extern "C" {
-/* The init function must be defined extern "C" if using a C++ compiler */
-int plugin_init_fn (void *certmap_info, const char *issuerName,
- const char *issuerDN);
-#ifdef __cplusplus
-static int extract_ldapdn_and_filter (const char *subjdn, void *certmap_info,
- char **ldapDN, char **filter)
- /* extract the ldapDN and filter from subjdn */
- /* You can also use the ldapu_certmap_info_attrval function to get value
- of a config file parameter for the certmap_info. */
-static int plugin_mapping_fn (void *cert, LDAP *ld, void *certmap_info,
- char **ldapDN, char **filter)
- char *subjdn;
- int rv;
- fprintf(stderr, "plugin_mapping_fn called.\n");
- rv = ldapu_get_cert_subject_dn(cert, &subjdn);
- if (rv != LDAPU_SUCCESS) return rv;
- *ldapDN = 0;
- *filter = 0;
- rv = extract_ldapdn_and_filter(subjdn, certmap_info, ldapDN, filter);
- if (rv != LDAPU_SUCCESS) {
- /* This function must return LDAPU_FAILED or
- }
-static int plugin_cmp_certs (void *subject_cert,
- void *entry_cert_binary,
- unsigned long entry_cert_len)
- /* compare the certs */
-static int plugin_verify_fn (void *cert, LDAP *ld, void *certmap_info,
- LDAPMessage *res, LDAPMessage **entry_out)
- LDAPMessage *entry;
- struct berval **bvals;
- char *cert_attr = "userCertificate;binary";
- int i;
- int rv;
- fprintf(stderr, "plugin_verify_fn called.\n");
- *entry_out = 0;
- for (entry = ldap_first_entry(ld, res); entry != NULL;
- entry = ldap_next_entry(ld, entry))
- {
- if ((bvals = ldap_get_values_len(ld, entry, cert_attr)) == NULL) {
- /* Maybe one of the remaining entries will match */
- continue;
- }
- for ( i = 0; bvals[i] != NULL; i++ ) {
- rv = plugin_cmp_certs (cert,
- bvals[i]->bv_val,
- bvals[i]->bv_len);
- if (rv == LDAPU_SUCCESS) {
- break;
- }
- }
- ldap_value_free_len(bvals);
- if (rv == LDAPU_SUCCESS) {
- *entry_out = entry;
- break;
- }
- }
- return rv;
-int plugin_init_fn (void *certmap_info, const char *issuerName,
- const char *issuerDN)
- fprintf(stderr, "plugin_init_fn called.\n");
- ldapu_set_cert_mapfn(issuerDN, plugin_mapping_fn);
- ldapu_set_cert_verifyfn(issuerDN, plugin_verify_fn);
diff --git a/lib/ldaputil/utest/plugin.c b/lib/ldaputil/utest/plugin.c
deleted file mode 100644
index 9d0334ec..00000000
--- a/lib/ldaputil/utest/plugin.c
+++ /dev/null
@@ -1,152 +0,0 @@
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- *
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- *
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception.
- *
- *
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
-# include <config.h>
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-#include <plugin.h> /* must define extern "C" functions */
-#include <certmap.h> /* Public Certmap API */
-static CertSearchFn_t default_searchfn = 0;
-static int plugin_attr_val (void *cert, int which_dn, const char *attr)
- char **val;
- int rv = ldapu_get_cert_ava_val(cert, which_dn, attr, &val);
- char **attr_val = val; /* preserve the pointer for free */
- if (rv != LDAPU_SUCCESS || !val) {
- fprintf(stderr, "\t%s: *** Failed ***\n", attr);
- }
- else if (!*val) {
- fprintf(stderr, "\t%s: *** Empty ***\n", attr);
- }
- else {
- fprintf(stderr, "\t%s: \"%s\"", attr, *val++);
- while(*val) {
- fprintf(stderr, ", \"%s\"", *val++);
- }
- fprintf(stderr, "\n");
- }
- ldapu_free_cert_ava_val(attr_val);
-static int plugin_mapping_fn (void *cert, LDAP *ld, void *certmap_info,
- char **ldapDN, char **filter)
- char *subjdn;
- char *issuerDN;
- char *ptr;
- char *comma;
- fprintf(stderr, "plugin_mapping_fn called.\n");
- ldapu_get_cert_subject_dn(cert, &subjdn);
- ldapu_get_cert_issuer_dn(cert, &issuerDN);
- fprintf(stderr, "Value of attrs from subject DN & issuer DN:\n");
- fprintf(stderr, "\tCert: \"%s\"\n", (char *)cert);
- fprintf(stderr, "\tsubjdn: \"%s\"\n", subjdn);
- plugin_attr_val(cert, LDAPU_SUBJECT_DN, "cn");
- plugin_attr_val(cert, LDAPU_SUBJECT_DN, "ou");
- plugin_attr_val(cert, LDAPU_SUBJECT_DN, "o");
- plugin_attr_val(cert, LDAPU_SUBJECT_DN, "c");
- fprintf(stderr, "\tissuerDN: \"%s\"\n", issuerDN);
- plugin_attr_val(cert, LDAPU_ISSUER_DN, "cn");
- plugin_attr_val(cert, LDAPU_ISSUER_DN, "ou");
- plugin_attr_val(cert, LDAPU_ISSUER_DN, "o");
- plugin_attr_val(cert, LDAPU_ISSUER_DN, "c");
- if (subjdn && *subjdn) {
- comma = ptr = strchr(subjdn, ',');
- while(*ptr == ',' || isspace(*ptr)) ptr++;
- *ldapDN = strdup(ptr);
- /* Set filter to the first AVA in the subjdn */
- *filter = subjdn;
- *comma = 0;
- }
- else {
- *ldapDN = 0;
- *filter = 0;
- }
-static int plugin_search_fn (void *cert, LDAP *ld, void *certmap_info,
- const char *basedn,
- const char *dn, const char *filter,
- const char **attrs, LDAPMessage **res)
- fprintf(stderr, "plugin_search_fn called.\n");
- return (*default_searchfn)(cert, ld, certmap_info, basedn, dn, filter,
- attrs, res);
-static int plugin_verify_fn (void *cert, LDAP *ld, void *certmap_info,
- LDAPMessage *res, LDAPMessage **entry)
- fprintf(stderr, "plugin_verify_fn called.\n");
- *entry = ldap_first_entry(ld, res);
-int plugin_init_fn (void *certmap_info, const char *issuerName,
- const char *issuerDN)
- fprintf(stderr, "plugin_init_fn called.\n");
- ldapu_set_cert_mapfn(issuerDN, plugin_mapping_fn);
- ldapu_set_cert_verifyfn(issuerDN, plugin_verify_fn);
- if (!default_searchfn)
- default_searchfn = ldapu_get_cert_searchfn(issuerDN);
- ldapu_set_cert_searchfn(issuerDN, plugin_search_fn);
diff --git a/lib/ldaputil/utest/plugin.h b/lib/ldaputil/utest/plugin.h
deleted file mode 100644
index fbb2650b..00000000
--- a/lib/ldaputil/utest/plugin.h
+++ /dev/null
@@ -1,57 +0,0 @@
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- *
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- *
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception.
- *
- *
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
-# include <config.h>
-#ifdef __cplusplus
-extern "C" {
-extern int plugin_init_fn (void *certmap_info, const char *issuerName,
- const char *issuerDN);
-#ifdef __cplusplus
-#endif /* _CERTMAP_PLUGIN_H */
diff --git a/lib/ldaputil/utest/stubs.c b/lib/ldaputil/utest/stubs.c
deleted file mode 100644
index ec393139..00000000
--- a/lib/ldaputil/utest/stubs.c
+++ /dev/null
@@ -1,144 +0,0 @@
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- *
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- *
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception.
- *
- *
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
-# include <config.h>
-#include <ctype.h> /* isspace */
-#include <string.h>
-#include <stdio.h> /* sprintf */
-#include <stdlib.h> /* malloc */
-#include <ldap.h>
-#include <ldaputil/certmap.h>
-#include <ldaputil/cert.h>
-#include <ldaputil/errors.h>
-#define BIG_LINE 1024
-NSAPI_PUBLIC int ldapu_get_cert_subject_dn (void *cert_in, char **subjectDN)
- char *cert = (char *)cert_in;
- *subjectDN = strdup((char *)cert);
- return *subjectDN ? LDAPU_SUCCESS : LDAPU_FAILED;
-NSAPI_PUBLIC int ldapu_get_cert_issuer_dn (void *cert, char **issuerDN)
- extern char *global_issuer_dn;
- /* TEMPORARY -- not implemented yet*/
- *issuerDN = global_issuer_dn ? strdup(global_issuer_dn) : 0;
-/* A stub to remove link errors -- ignore SSL */
-LDAP *ldapssl_init (const char *host, int port, int secure)
- LDAP *ld = 0;
- if ((ld = ldap_init(host, port)) == NULL) {
- fprintf(stderr, "ldap_init: Failed to initialize connection");
- return(0);
- }
- return ld;
-NSAPI_PUBLIC int ldapu_get_cert_ava_val (void *cert_in, int which_dn,
- const char *attr, char ***val_out)
- int rv;
- char *cert_dn;
- char **ptr;
- char **val;
- char *dnptr;
- char attr_eq1[BIG_LINE];
- char attr_eq2[BIG_LINE];
- char *comma;
- *val_out = 0;
- if (which_dn == LDAPU_SUBJECT_DN)
- rv = ldapu_get_cert_subject_dn(cert_in, &cert_dn);
- else if (which_dn == LDAPU_ISSUER_DN)
- rv = ldapu_get_cert_issuer_dn(cert_in, &cert_dn);
- else
- if (rv != LDAPU_SUCCESS) return rv;
- val = (char **)malloc(32*sizeof(char *));
- if (!val) return LDAPU_ERR_OUT_OF_MEMORY;
- ptr = val;
- sprintf(attr_eq1, "%s =", attr);
- sprintf(attr_eq2, "%s=", attr);
- while(cert_dn &&
- ((dnptr = strstr(cert_dn, attr_eq1)) ||
- (dnptr = strstr(cert_dn, attr_eq2))))
- {
- dnptr = strchr(dnptr, '=');
- dnptr++;
- while(isspace(*dnptr)) dnptr++;
- comma = strchr(dnptr, ',');
- if (comma) {
- *ptr = (char *)malloc((comma-dnptr+1)*sizeof(char));
- strncpy(*ptr, dnptr, (comma-dnptr));
- (*ptr++)[comma-dnptr] = 0;
- }
- else {
- *ptr++ = strdup(dnptr);
- }
- cert_dn = comma;
- }
- *ptr = 0;
- *val_out = val;
-NSAPI_PUBLIC int ldapu_get_cert_der (void *cert_in, unsigned char **der,
- unsigned int *len)
- return LDAPU_FAILED;
diff --git a/lib/ldaputil/utest/stubs.cpp b/lib/ldaputil/utest/stubs.cpp
deleted file mode 100644
index aaa5bc69..00000000
--- a/lib/ldaputil/utest/stubs.cpp
+++ /dev/null
@@ -1,139 +0,0 @@
- * This Program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License as published by the Free Software
- * Foundation; version 2 of the License.
- *
- * This Program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
- * Place, Suite 330, Boston, MA 02111-1307 USA.
- *
- * In addition, as a special exception, Red Hat, Inc. gives You the additional
- * right to link the code of this Program with code not covered under the GNU
- * General Public License ("Non-GPL Code") and to distribute linked combinations
- * including the two, subject to the limitations in this paragraph. Non-GPL Code
- * permitted under this exception must only link to the code of this Program
- * through those well defined interfaces identified in the file named EXCEPTION
- * found in the source code files (the "Approved Interfaces"). The files of
- * Non-GPL Code may instantiate templates or use macros or inline functions from
- * the Approved Interfaces without causing the resulting work to be covered by
- * the GNU General Public License. Only Red Hat, Inc. may make changes or
- * additions to the list of Approved Interfaces. You must obey the GNU General
- * Public License in all respects for all of the Program code and other code used
- * in conjunction with the Program except the Non-GPL Code covered by this
- * exception. If you modify this file, you may extend this exception to your
- * version of the file, but you are not obligated to do so. If you do not wish to
- * provide this exception without modification, you must delete this exception
- * statement from your version and license this file solely under the GPL without
- * exception.
- *
- *
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
-# include <config.h>
-#include <ctype.h> /* isspace */
-#include <string.h>
-#include <stdio.h> /* sprintf */
-#include <stdlib.h> /* malloc */
-#include <ldaputil/ldaputil.h>
-#include <ldaputil/cert.h>
-#include <ldaputil/errors.h>
-#include "../ldaputili.h"
-#define BIG_LINE 1024
-NSAPI_PUBLIC int ldapu_get_cert_subject_dn (void *cert_in, char **subjectDN)
- char *cert = (char *)cert_in;
- *subjectDN = strdup((char *)cert);
- return *subjectDN ? LDAPU_SUCCESS : LDAPU_FAILED;
-NSAPI_PUBLIC int ldapu_get_cert_issuer_dn (void *cert, char **issuerDN)
- /* TEMPORARY -- not implemented yet*/
- *issuerDN = strdup("o=" VENDOR ", c=US");
- return *issuerDN ? LDAPU_SUCCESS : LDAPU_FAILED;
-NSAPI_PUBLIC int ldapu_get_cert_ava_val (void *cert_in, int which_dn,
- const char *attr, char ***val_out)
- int rv;
- char *cert_dn;
- char **ptr;
- char **val;
- char *dnptr;
- char attr_eq1[BIG_LINE];
- char attr_eq2[BIG_LINE];
- char *comma;
- *val_out = 0;
- if (which_dn == LDAPU_SUBJECT_DN)
- rv = ldapu_get_cert_subject_dn(cert_in, &cert_dn);
- else if (which_dn == LDAPU_ISSUER_DN)
- rv = ldapu_get_cert_issuer_dn(cert_in, &cert_dn);
- else
- if (rv != LDAPU_SUCCESS) return rv;
- val = (char **)malloc(32*sizeof(char *));
- if (!val) return LDAPU_ERR_OUT_OF_MEMORY;
- ptr = val;
- sprintf(attr_eq1, "%s =", attr);
- sprintf(attr_eq2, "%s=", attr);
- while(cert_dn &&
- ((dnptr = strstr(cert_dn, attr_eq1)) ||
- (dnptr = strstr(cert_dn, attr_eq2))))
- {
- dnptr = strchr(dnptr, '=');
- dnptr++;
- while(isspace(*dnptr)) dnptr++;
- comma = strchr(dnptr, ',');
- if (comma) {
- *ptr = (char *)malloc((comma-dnptr+1)*sizeof(char));
- strncpy(*ptr, dnptr, (comma-dnptr));
- (*ptr++)[comma-dnptr] = 0;
- }
- else {
- *ptr++ = strdup(dnptr);
- }
- cert_dn = comma;
- }
- *ptr = 0;
- *val_out = val;
-NSAPI_PUBLIC int ldapu_get_cert_der (void *cert_in, unsigned char **der,
- unsigned int *len)
- return LDAPU_FAILED;
-ldapu_member_certificate_match (void* cert, const char* desc)
- if (!strcasecmp ((char*)cert, desc)) {
- }
- return LDAPU_FAILED;
diff --git a/lib/ldaputil/utest/test.ref b/lib/ldaputil/utest/test.ref
deleted file mode 100644
index dfb71acc..00000000
--- a/lib/ldaputil/utest/test.ref
+++ /dev/null
@@ -1,480 +0,0 @@
-# This Program is free software; you can redistribute it and/or modify it under
-# the terms of the GNU General Public License as published by the Free Software
-# Foundation; version 2 of the License.
-# This Program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with
-# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
-# Place, Suite 330, Boston, MA 02111-1307 USA.
-# In addition, as a special exception, Red Hat, Inc. gives You the additional
-# right to link the code of this Program with code not covered under the GNU
-# General Public License ("Non-GPL Code") and to distribute linked combinations
-# including the two, subject to the limitations in this paragraph. Non-GPL Code
-# permitted under this exception must only link to the code of this Program
-# through those well defined interfaces identified in the file named EXCEPTION
-# found in the source code files (the "Approved Interfaces"). The files of
-# Non-GPL Code may instantiate templates or use macros or inline functions from
-# the Approved Interfaces without causing the resulting work to be covered by
-# the GNU General Public License. Only Red Hat, Inc. may make changes or
-# additions to the list of Approved Interfaces. You must obey the GNU General
-# Public License in all respects for all of the Program code and other code used
-# in conjunction with the Program except the Non-GPL Code covered by this
-# exception. If you modify this file, you may extend this exception to your
-# version of the file, but you are not obligated to do so. If you do not wish to
-# provide this exception without modification, you must delete this exception
-# statement from your version and license this file solely under the GPL without
-# exception.
-# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
-# Copyright (C) 2005 Red Hat, Inc.
-# All rights reserved.
-Start of test: ./auth 1 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" "cn=Directory Administrators, o=Ace Industry, c=US"
-userdn: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-groupdn: "cn=Directory Administrators, o=Ace Industry, c=US"
- base: "cn=Directory Administrators, o=Ace Industry, c=US"
- filter: "(| (uniquemember=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US) (member=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US))"
- scope: "LDAP_SCOPE_BASE"
-Authentication succeeded.
-Start of test: ./auth 1 "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US" "cn=Directory Administrators, o=Ace Industry, c=US"
-userdn: "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-groupdn: "cn=Directory Administrators, o=Ace Industry, c=US"
- base: "cn=Directory Administrators, o=Ace Industry, c=US"
- filter: "(| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US))"
- scope: "LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Find parent groups of "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
- base: "o=Ace Industry, c=US"
- filter: "(& (| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US)) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-ldap_search_s: Entry not found
-Authentication failed.
-Start of test: ./auth 2 "hmiller" "cn=Directory Administrators, o=Ace Industry, c=US"
-uid: "hmiller"
-groupdn: "cn=Directory Administrators, o=Ace Industry, c=US"
- base: "o=Ace Industry, c=US"
- filter: "uid=hmiller"
- base: "cn=Directory Administrators, o=Ace Industry, c=US"
- filter: "(| (uniquemember=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US) (member=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US))"
- scope: "LDAP_SCOPE_BASE"
-Authentication succeeded.
-Start of test: ./auth 2 "scarter" "cn=Directory Administrators, o=Ace Industry, c=US"
-uid: "scarter"
-groupdn: "cn=Directory Administrators, o=Ace Industry, c=US"
- base: "o=Ace Industry, c=US"
- filter: "uid=scarter"
- base: "cn=Directory Administrators, o=Ace Industry, c=US"
- filter: "(| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US))"
- scope: "LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Find parent groups of "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
- base: "o=Ace Industry, c=US"
- filter: "(& (| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US)) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-ldap_search_s: Entry not found
-Authentication failed.
-Start of test: ./auth 3 "hmiller" "Directory Administrators"
-uid: "hmiller"
-groupid: "Directory Administrators"
- base: "o=Ace Industry, c=US"
- filter: "(& (cn=Directory Administrators) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
- base: "o=Ace Industry, c=US"
- filter: "uid=hmiller"
- base: "cn=Directory Administrators, o=Ace Industry, c=US"
- filter: "(| (uniquemember=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US) (member=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US))"
- scope: "LDAP_SCOPE_BASE"
-Authentication succeeded.
-Start of test: ./auth 3 "scarter" "Directory Administrators"
-uid: "scarter"
-groupid: "Directory Administrators"
- base: "o=Ace Industry, c=US"
- filter: "(& (cn=Directory Administrators) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
- base: "o=Ace Industry, c=US"
- filter: "uid=scarter"
- base: "cn=Directory Administrators, o=Ace Industry, c=US"
- filter: "(| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US))"
- scope: "LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Find parent groups of "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
- base: "o=Ace Industry, c=US"
- filter: "(& (| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US)) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-ldap_search_s: Entry not found
-Authentication failed.
-Start of test: ./auth 4 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" "Directory Administrators"
-userdn: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-groupid: "Directory Administrators"
- base: "o=Ace Industry, c=US"
- filter: "(& (cn=Directory Administrators) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
- base: "cn=Directory Administrators, o=Ace Industry, c=US"
- filter: "(| (uniquemember=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US) (member=cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US))"
- scope: "LDAP_SCOPE_BASE"
-Authentication succeeded.
-Start of test: ./auth 4 "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US" "Directory Administrators"
-userdn: "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-groupid: "Directory Administrators"
- base: "o=Ace Industry, c=US"
- filter: "(& (cn=Directory Administrators) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
- base: "cn=Directory Administrators, o=Ace Industry, c=US"
- filter: "(| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US))"
- scope: "LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Find parent groups of "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
- base: "o=Ace Industry, c=US"
- filter: "(& (| (uniquemember=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US) (member=cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US)) (| (objectclass=groupofuniquenames) (objectclass=groupofnames)))"
-ldap_search_s: Entry not found
-Authentication failed.
-Start of test: ./auth 5 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" ""
-userdn: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-attrFilter: ""
- base: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
- filter: ""
- scope: "LDAP_SCOPE_BASE"
-Authentication succeeded.
-Start of test: ./auth 5 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" ""
-userdn: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-attrFilter: ""
- base: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
- filter: ""
- scope: "LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Authentication failed.
-Start of test: ./auth 5 "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US" ""
-userdn: "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
-attrFilter: ""
- base: "cn=Sam Carter, ou=Accounting, o=Ace Industry, c=US"
- filter: ""
- scope: "LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
-Authentication failed.
-Start of test: ./auth 6 "hmiller" ""
-uid: "hmiller"
-attrFilter: ""
- base: "o=Ace Industry, c=US"
- filter: "(& (uid=hmiller) ("
-Authentication succeeded.
-Start of test: ./auth 6 "hmiller" ""
-uid: "hmiller"
-attrFilter: ""
- base: "o=Ace Industry, c=US"
- filter: "(& (uid=hmiller) ("
-ldap_search_s: Entry not found
-Authentication failed.
-Start of test: ./auth 6 "scarter" ""
-uid: "scarter"
-attrFilter: ""
- base: "o=Ace Industry, c=US"
- filter: "(& (uid=scarter) ("
-ldap_search_s: Entry not found
-Authentication failed.
-Start of test: ./auth 7 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" "hillock"
-userdn: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-password: "hillock"
- userdn: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
- password: "hillock"
-Authentication succeeded.
-Start of test: ./auth 7 "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US" "garbage"
-userdn: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
-password: "garbage"
- userdn: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
- password: "garbage"
-ldap_simple_bind_s: Invalid credentials
-Authentication failed.
-Start of test: ./auth 8 "hmiller" "hillock"
-uid: "hmiller"
-password: "hillock"
- base: "o=Ace Industry, c=US"
- filter: "uid=hmiller"
- userdn: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
- password: "hillock"
-Authentication succeeded.
-Start of test: ./auth 8 "hmiller" "garbage"
-uid: "hmiller"
-password: "garbage"
- base: "o=Ace Industry, c=US"
- filter: "uid=hmiller"
- userdn: "cn=Harry Miller, ou=Human Resources, o=Ace Industry, c=US"
- password: "garbage"
-ldap_simple_bind_s: Invalid credentials
-Authentication failed.
-Start of test: ./auth 9 "o=Ace Industry, c=US" "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
-Cert Map issuer DN: "o=Ace Industry, c=US"
-Cert Map subject DN: "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
-plugin_init_fn called.
-plugin_init_fn called.
-plugin_mapping_fn called.
-Value of attrs from subject DN & issuer DN:
- Cert: "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
- subjdn: "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
- cn: "Kirsten Vaughan"
- ou: "Human Resources"
- o: "Ace Industry"
- c: "US"
- issuerDN: "o=Ace Industry, c=US"
- cn: *** Empty ***
- ou: *** Empty ***
- o: "Ace Industry"
- c: "US"
-plugin_search_fn called.
- base: "ou=Human Resources, o=Ace Industry, c=US"
- filter: "cn=Kirsten Vaughan"
- scope: "LDAP_SCOPE_BASE"
-ldap_search_s: Entry not found
- base: "ou=Human Resources, o=Ace Industry, c=US"
- filter: "cn=Kirsten Vaughan"
-plugin_verify_fn called.
-Matched entry to cert: "cn=Kirsten Vaughan, ou=Human Resources, o=Ace Industry, c=US"
-Authentication succeeded.
-Start of test: ./auth 10 "cn=Foo Bar, o=$VENDOR, c=US" "foobar"
-Config file written: config_out.conf
-binddn from config file: "cn=Foo Bar, o=$VENDOR, c=US"
-bindpw from config file: "foobar"
-Config file test succeeded
-Authentication succeeded.
-Start of test: ./auth 11 "dblist.conf" "ignore"
- dbname[0] = "default"
- dbname[1] = "default1"
- dbname[2] = "default2"
- dbname[3] = "default3"
- dbname[4] = "default4"
- dbname[5] = "default5"
- dbname[6] = "default6"
-Authentication succeeded.
-Start of test: ./auth 12 "" "certmap.conf"
-plugin_init_fn called.
-plugin_init_fn called.
-Authentication succeeded.
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-# Comments before any certmap directive - line 6
-certmap default default
-#default:DNComps o, ou ,c
-#default:FilterComps cn
-certmap default1 o=$VENDOR, c=US
-default1:library ./
-default1:InitFn plugin_init_fn
-default1:DNComps ou o c
-default1:FilterComps l
-# Following line has trailing spaces
-certmap default2 o=Ace Industry, c=US
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-# Comments before any certmap directive - line 6
-certmap default default
-certmap default1 o=$VENDOR, c=US
-default1:library ./
-default1:InitFn plugin_init_fn
-default1:DNComps ou o c
-default1:FilterComps l
-certmap default2 o=Ace Industry, c=US
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-Start of test: ./auth 13 "" "certmap.conf"
-plugin_init_fn called.
-plugin_init_fn called.
-Authentication succeeded.
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-# Comments before any certmap directive - line 6
-certmap default default
-#default:DNComps o, ou ,c
-#default:FilterComps cn
-certmap default1 o=$VENDOR, c=US
-default1:library ./
-default1:InitFn plugin_init_fn
-default1:DNComps ou o c
-default1:FilterComps l
-# Following line has trailing spaces
-certmap default2 o=Ace Industry, c=US
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-# Comments before any certmap directive - line 6
-certmap default default
-certmap default2 o=Ace Industry, c=US
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-Start of test: ./auth 14 "" "certmap.conf"
-plugin_init_fn called.
-plugin_init_fn called.
-Authentication succeeded.
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-# Comments before any certmap directive - line 6
-certmap default default
-#default:DNComps o, ou ,c
-#default:FilterComps cn
-certmap default1 o=$VENDOR, c=US
-default1:library ./
-default1:InitFn plugin_init_fn
-default1:DNComps ou o c
-default1:FilterComps l
-# Following line has trailing spaces
-certmap default2 o=Ace Industry, c=US
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-# Comments before any certmap directive - line 1
-# Comments before any certmap directive - line 2
-# Comments before any certmap directive - line 3
-# Comments before any certmap directive - line 4
-# Comments before any certmap directive - line 5
-# Comments before any certmap directive - line 6
-certmap default default
-certmap default1 o=$VENDOR, c=US
-default1:library ./
-default1:InitFn plugin_init_fn
-default1:DNComps ou o c
-default1:FilterComps l
-certmap default2 o=Ace Industry, c=US
-default2:InitFn plugin_init_fn
-default2:DNComps cn o ou c
-default2:FilterComps l
-default2:verifycert on
-certmap newmap o=Mcom Communications, c=US
-newmap:prop1 val1
-newmap:prop2 val2