Add client definitions to LDAP test fixtures.

FreeRADIUS · Jul 1, 2015 · 2dcefc6 · 2dcefc6
1 parent 925d48e
commit 2dcefc6
Show file tree

Hide file tree

Showing 8 changed files with 51 additions and 91 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -5,11 +5,11 @@ compiler:
 sudo: false
 env:
   global:
+    - LDAP_TEST_SERVER="127.0.0.1"
+    - LDAP_TEST_SERVER_PORT="3890"
     - PANIC_ACTION="gdb -batch -x raddb/panic.gdb %e %p 1>&0 2>&0"
     - SQL_MYSQL_TEST_SERVER="127.0.0.1"
     - SQL_POSTGRESQL_TEST_SERVER="127.0.0.1"
-    - LDAP_TEST_SERVER="127.0.0.1"
-    - LDAP_TEST_SERVER_PORT="3890"
     - secure: "H+uQeyOgsIyXtIPPG2VzAG8S/8KYGHlHaWhdiNuz1LM3SMcEKoPqG6o/P+HO8HVvYnA6nelyGuEryV90UfuwGY9YC6A/pqPQvx/gXSso63Zt66XSaiZjulCSm9OV8EB3wyWF7VSQ/ZHcn+L01hIlsQXTqLprMaC33cM0FYPr9fY="
   matrix:
     - DO_BUILD=yes LIBS_OPTIONAL=no LIBS_SHARED=yes BUILD_CFLAGS="-DWITH_EVAL_DEBUG"

diff --git a/scripts/travis/ldap/slapd.conf b/scripts/travis/ldap/slapd.conf
@@ -11,6 +11,7 @@ include         /etc/ldap/schema/cosine.schema
 include         /etc/ldap/schema/inetorgperson.schema
 include         /etc/ldap/schema/nis.schema
 include         doc/schemas/ldap/openldap/freeradius.schema
+include         doc/schemas/ldap/openldap/freeradius-clients.schema
 pidfile /tmp/slapd.pid
 
 # enable a lot of logging - we might need it

diff --git a/src/tests/modules/ldap/module.conf b/src/tests/modules/ldap/module.conf
@@ -273,7 +273,7 @@ ldap {
 	#
 	client {
 		#   Where to start searching in the tree for clients
-		base_dn = 'ou=people,dc=example,dc=com'
+		base_dn = 'ou=clients,dc=example,dc=com'
 
 		#
 		#  Filter to match client objects
@@ -294,9 +294,9 @@ ldap {
 
 			# Uncomment to add a home_server with the same
 			# attributes as the client.
-#			coa_server {
-#				response_window = 2.0
-#			}
+			coa_server {
+				response_window = 2.0
+			}
 		}
 
 		#
@@ -315,15 +315,15 @@ ldap {
 		attribute {
 			ipaddr				= 'radiusClientIdentifier'
 			secret				= 'radiusClientSecret'
-#			shortname			= 'radiusClientShortname'
-#			nas_type			= 'radiusClientType'
-#			virtual_server			= 'radiusClientVirtualServer'
-#			require_message_authenticator	= 'radiusClientRequireMa'
+			shortname			= 'radiusClientShortname'
+			nas_type			= 'radiusClientType'
+			virtual_server			= 'radiusClientVirtualServer'
+			require_message_authenticator	= 'radiusClientRequireMa'
 		}
 	}
 
 	#  Load clients on startup
-#	read_clients = no
+	read_clients = yes
 
 	#
 	#  Modify user object on receiving Accounting-Request

diff --git a/src/tests/salt-test-server/salt/ldap.sls b/src/tests/salt-test-server/salt/ldap.sls
@@ -22,21 +22,32 @@ ldap-utils:
         - source: salt://ldap/base.ldif
 
 # Copy ldif file for FreeRADIUS schema
-/root/schema_freeradius.ldif:
+/root/freeradius.ldif:
     file.managed:
-        - source: salt://ldap/schema_freeradius.ldif
+        - source: salt://ldap/freeradius.ldif
+
+# Copy ldif file for FreeRADIUS clients schema
+/root/freeradius-clients.ldif:
+    file.managed:
+        - source: salt://ldap/freeradius-clients.ldif
 
 # Add FreeRADIUS schema
 add_fr_schema:
     cmd.run:
-        - name: "ldapadd -Y EXTERNAL -H ldapi:/// -f /root/schema_freeradius.ldif"
+        - name: "ldapadd -Y EXTERNAL -H ldapi:/// -f /root/freeradius.ldif"
         - cwd: /root/
         - unless: "/usr/bin/ldapsearch -Y EXTERNAL -H ldapi:/// -b cn={4}radius,cn=schema,cn=config -s base"
 
+# Add FreeRADIUS clients schema
+add_fr_clients_schema:
+    cmd.run:
+        - name: "ldapadd -Y EXTERNAL -H ldapi:/// -f /root/freeradius-clients.ldif"
+        - cwd: /root/
+        - unless: "/usr/bin/ldapsearch -Y EXTERNAL -H ldapi:/// -b cn={5}radiusclient,cn=schema,cn=config -s base"
+
 # Create base structure in LDAP
 build_base_structure:
     cmd.run:
         - name: "/usr/bin/ldapadd -Y EXTERNAL -H ldapi:/// -f /root/base.ldif"
         - cwd: /root/
         - unless: "/usr/bin/ldapsearch -Y EXTERNAL -H ldapi:/// -b dc=example,dc=com -s base"
-
diff --git a/src/tests/salt-test-server/salt/ldap/base.ldif b/src/tests/salt-test-server/salt/ldap/base.ldif
@@ -82,3 +82,25 @@ radiusIdleTimeout: 3600
 radiusAttribute: reply:Session-Timeout := 7200
 radiusAttribute: control:NAS-IP-Address := 1.2.3.4
 radiusProfileDN: cn=profile1,ou=profiles,dc=example,dc=com
+
+dn: ou=clients,dc=example,dc=com
+objectClass: organizationalUnit
+ou: clients
+
+dn: radiusClientIdentifier=1.1.1.1,ou=clients,dc=example,dc=com
+objectClass: radiusClient
+radiusClientIdentifier: 1.1.1.1
+radiusClientSecret: secret123
+radiusClientShortname: client1
+radiusClientType: other
+radiusClientRequireMa: FALSE
+radiusClientComment: Test client
+
+dn: radiusClientIdentifier=2.2.2.2,ou=clients,dc=example,dc=com
+objectClass: radiusClient
+radiusClientIdentifier: 2.2.2.2
+radiusClientSecret: 123secret
+radiusClientShortname: client2
+radiusClientType: cisco
+radiusClientRequireMa: TRUE
+radiusClientComment: Another test client
diff --git a/src/tests/salt-test-server/salt/ldap/freeradius-clients.ldif b/src/tests/salt-test-server/salt/ldap/freeradius-clients.ldif
@@ -0,0 +1 @@
+../../../../../doc/schemas/ldap/openldap/freeradius-clients.ldif
diff --git a/src/tests/salt-test-server/salt/ldap/freeradius.ldif b/src/tests/salt-test-server/salt/ldap/freeradius.ldif
@@ -0,0 +1 @@
+../../../../../doc/schemas/ldap/openldap/freeradius.ldif
diff --git a/src/tests/salt-test-server/salt/ldap/schema_freeradius.ldif b/src/tests/salt-test-server/salt/ldap/schema_freeradius.ldif