From: Nick Porter Date: Thu, 24 Aug 2023 13:22:19 +0000 (+0100) Subject: Add LDAP test using ldapi:// scheme X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=59172e87b89ab84acdf9cbec8ee365d72f41caf9;p=thirdparty%2Ffreeradius-server.git Add LDAP test using ldapi:// scheme --- diff --git a/src/tests/modules/ldap/auth_ldapi.attrs b/src/tests/modules/ldap/auth_ldapi.attrs new file mode 100644 index 00000000000..d08077d093f --- /dev/null +++ b/src/tests/modules/ldap/auth_ldapi.attrs @@ -0,0 +1,12 @@ +# +# Input packet +# +Packet-Type = Access-Request +User-Name = "john" +User-Password = "password" +NAS-IP-Address = 1.2.3.5 + +# +# Expected answer +# +Packet-Type == Access-Accept diff --git a/src/tests/modules/ldap/auth_ldapi.unlang b/src/tests/modules/ldap/auth_ldapi.unlang new file mode 100644 index 00000000000..918e2a1a625 --- /dev/null +++ b/src/tests/modules/ldap/auth_ldapi.unlang @@ -0,0 +1,13 @@ +# +# Run the "ldap" module +# +ldapldapi + +if (!(&control.LDAP-UserDN == "uid=john,ou=people,dc=example,dc=com")) { + test_fail +} + +# Attempt a bind authentication +ldapldapi.authenticate + +test_pass diff --git a/src/tests/modules/ldap/module.conf b/src/tests/modules/ldap/module.conf index 2764dbcbcaa..06266454c89 100644 --- a/src/tests/modules/ldap/module.conf +++ b/src/tests/modules/ldap/module.conf @@ -746,3 +746,46 @@ ldap ldapsasl { retry_delay = 1 } } + +# +# Fifth LDAP connection using UNIX socket +# +ldap ldapldapi { + server = "ldapi://%2Ftmp%2Fldap%2Fsocket" + base_dn = 'dc=example,dc=com' + + sasl { + mech = "EXTERNAL" + } + + user { + base_dn = "ou=people,${..base_dn}" + filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})" + sasl { + mech = 'DIGEST-MD5' + authname = &User-Name + } + } + + options { + chase_referrals = yes + rebind = yes + referral_depth = 2 + timeout = 10 + timelimit = 3 + idle = 60 + probes = 3 + interval = 3 + } + + pool { + start = 0 + min = 1 + max = 4 + spare = 3 + uses = 0 + lifetime = 0 + idle_timeout = 60 + retry_delay = 1 + } +}