mirror of
https://gitlab.com/davical-project/davical.git
synced 2026-01-27 00:33:34 +00:00
118 lines
3.0 KiB
Plaintext
118 lines
3.0 KiB
Plaintext
# Test again for an invalid user to check that the failed credentials are
|
|
# cached.
|
|
BEGINPERL
|
|
if ($debug) { $ENV{'LDAP_DEBUG'} = 1 };
|
|
|
|
use Net::LDAP::Server::Test;
|
|
use Net::LDAP;
|
|
use IO::Socket::INET;
|
|
|
|
#my $port = find_idle_port();
|
|
|
|
#my $ldap_port = RT::Test->find_idle_port;
|
|
my $ldap_port = 21394;
|
|
my $ldap_socket = IO::Socket::INET->new(
|
|
Listen => 5,
|
|
Proto => 'tcp',
|
|
Reuse => 1,
|
|
LocalPort => $ldap_port,
|
|
);
|
|
|
|
# Keep it around after this block exits.
|
|
$evaled{'ldap_server'} = Net::LDAP::Server::Test->new( $ldap_socket, auto_schema => 1 );
|
|
|
|
my $ldap = Net::LDAP->new("localhost:$ldap_port") || die "Failed to instantiate Net::LDAP: $!";
|
|
$ldap->bind();
|
|
my $username = "ldap1";
|
|
my $base = "dc=example,dc=com";
|
|
my $dn = "uid=$username,ou=users,$base";
|
|
my $entry = {
|
|
cn => $username,
|
|
mail => "$username\@example.com",
|
|
uid => $username,
|
|
objectClass => 'User',
|
|
userPassword => 'ldap1',
|
|
};
|
|
$ldap->add( $base );
|
|
$ldap->add( $dn, attr => [%$entry] );
|
|
|
|
# We need to keep the client around, otherwise the test server will exit.
|
|
$evaled{'ldap_client'} = $ldap;
|
|
#sleep 100;
|
|
ENDPERL
|
|
|
|
APPCONF=common
|
|
|
|
TYPE=PROPFIND
|
|
HEADER=Content-Type: text/xml
|
|
HEADER=Depth: 1
|
|
AUTH=ldap2:ldap2
|
|
HEAD
|
|
|
|
BEGINDATA
|
|
<?xml version="1.0" encoding="utf-8" ?>
|
|
<D:propfind xmlns:D="DAV:">
|
|
<D:prop>
|
|
<D:resourcetype/>
|
|
</D:prop>
|
|
</D:propfind>
|
|
ENDDATA
|
|
|
|
URL=http://regression_ldap.host/caldav.php/
|
|
|
|
# Check that no usr record has been created.
|
|
QUERY
|
|
SELECT active, email, fullname, last_used, password, username, user_no
|
|
FROM usr
|
|
WHERE username = 'ldap2';
|
|
ENDQUERY
|
|
|
|
# Check to see if the log line for cached credentials being invalid is
|
|
# present. That is only issued if we've fetch a fail for the credentials
|
|
# from our cache.
|
|
BEGINPERL
|
|
my $log_file = '/var/log/apache2/regression-error.log';
|
|
open(my $log, "< $log_file")
|
|
|| die "Failed to open $log_file for reading: $!";
|
|
|
|
my $no_salt = 0;
|
|
my $cached_creds = 0;
|
|
my $ldap_conn = 0;
|
|
|
|
if (defined $request_id) {
|
|
while (<$log>) {
|
|
if (/davical: $request_id: ALL: (HTTPAuth:CheckCache|LDAP:drivers_ldap ): (.*)/) {
|
|
my $msg = $2;
|
|
if ($msg =~ /^No stored salt for ldap2,/) {
|
|
$no_salt = 1;
|
|
} elsif ($msg =~ /^Cached credentials for ldap2 are good and invalid/) {
|
|
$cached_creds = 1;
|
|
} elsif ($msg =~ /^Connected to LDAP server/) {
|
|
$ldap_conn = 1;
|
|
}
|
|
}
|
|
}
|
|
|
|
if ($no_salt) {
|
|
print "No salt for ldap2 found, failed\n";
|
|
} else {
|
|
print "Salt found for ldap2, passed\n";
|
|
}
|
|
|
|
if ($cached_creds) {
|
|
print "Cached credentials found (invalid), correct, passed\n";
|
|
} else {
|
|
print "No cached credentials found, unexpected, failed\n";
|
|
}
|
|
|
|
if ($ldap_conn) {
|
|
print "Connected to LDAP server, unexpected, failed\n";
|
|
} else {
|
|
print "No connection to LDAP, auth bailed out due to cached credentials, passed\n";
|
|
}
|
|
} else {
|
|
print "No request_id found, can't check log file, failed\n";
|
|
}
|
|
ENDPERL
|
|
|