From: Nick Porter <nick@portercomputing.co.uk>
Date: Thu, 18 Jul 2024 09:10:18 +0000 (+0100)
Subject: Use attributes from packet in LDAP map tests
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cffa9cad055f91c4b15294f7c308ebd7423364cd;p=thirdparty%2Ffreeradius-server.git

Use attributes from packet in LDAP map tests
---

diff --git a/src/tests/modules/ldap/map.attrs b/src/tests/modules/ldap/map.attrs
index 6b9d34f4d9a..36afc136a31 100644
--- a/src/tests/modules/ldap/map.attrs
+++ b/src/tests/modules/ldap/map.attrs
@@ -2,9 +2,10 @@
 #  Input packet
 #
 Packet-Type = Access-Request
-User-Name = "mike"
+User-Name = "john"
 User-Password = "mikeymikemike"
 NAS-IP-Address = 6.6.6.6
+NAS-Identifier = "not=ldap(safe"
 
 #
 #  Expected answer
diff --git a/src/tests/modules/ldap/map.unlang b/src/tests/modules/ldap/map.unlang
index 3a62f320e63..52d67c38f1b 100644
--- a/src/tests/modules/ldap/map.unlang
+++ b/src/tests/modules/ldap/map.unlang
@@ -28,7 +28,7 @@ if (!notfound) {
 	test_fail
 }
 
-map ldapldapi "ldapi://%%2Ftmp%%2Fldap%%2Fsocket/ou=people,dc=example,dc=com??sub?(uid=John)" {
+map ldapldapi "ldapi://%%2Ftmp%%2Fldap%%2Fsocket/ou=people,dc=example,dc=com??sub?(uid=%{User-Name})" {
 	&Filter-Id := 'displayName'
 }
 
@@ -40,4 +40,15 @@ if !(&Filter-Id == 'John Doe') {
 	test_fail
 }
 
+#
+#  Use an attribute in the incoming requests with non "ldap safe" characters which should be escaped
+#
+map ldapldapi "ldapi://%%2Ftmp%%2Fldap%%2Fsocket/ou=people,dc=example,dc=com??sub?(uid=%{NAS-Identifier})" {
+	&Filter-Id := 'displayName'
+}
+
+if (!notfound) {
+	test_fail
+}
+
 test_pass