Switch branches/tags
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
..
Failed to load latest commit information.
README
bug48441.phpt
bug48696.phpt
bug72021.phpt
bug73933.phpt
connect.inc
ldap_add_basic.phpt
ldap_add_error.phpt
ldap_bind_basic.phpt
ldap_bind_error.phpt
ldap_bind_variation.phpt
ldap_compare_basic.phpt
ldap_compare_error.phpt
ldap_connect_basic.phpt
ldap_connect_error.phpt
ldap_connect_ldap_conf.phpt
ldap_connect_variation.phpt
ldap_control_paged_results_variation1.phpt
ldap_control_paged_results_variation2.phpt
ldap_control_paged_results_variation3.phpt
ldap_count_entries_basic.phpt
ldap_count_entries_error.phpt
ldap_delete_basic.phpt
ldap_delete_error.phpt
ldap_dn2ufn.phpt
ldap_err2str_basic.phpt
ldap_err2str_error.phpt
ldap_errno_basic.phpt
ldap_errno_error.phpt
ldap_error_basic.phpt
ldap_error_error.phpt
ldap_escape_all.phpt
ldap_escape_both.phpt
ldap_escape_dn.phpt
ldap_escape_filter.phpt
ldap_escape_ignore.phpt
ldap_exop.phpt
ldap_exop_passwd.phpt
ldap_exop_passwd_error.phpt
ldap_exop_refresh.phpt
ldap_exop_whoami.phpt
ldap_explode_dn.phpt
ldap_first_attribute_basic.phpt
ldap_first_attribute_error.phpt
ldap_first_entry_basic.phpt
ldap_first_entry_error.phpt
ldap_first_reference_basic.phpt
ldap_first_reference_error.phpt
ldap_free_result_basic.phpt
ldap_free_result_error.phpt
ldap_get_attributes_basic.phpt
ldap_get_attributes_error.phpt
ldap_get_dn_basic.phpt
ldap_get_dn_error.phpt
ldap_get_entries_basic.phpt
ldap_get_entries_error.phpt
ldap_get_entries_variation.phpt
ldap_get_option_basic.phpt
ldap_get_option_controls.phpt
ldap_get_option_error.phpt
ldap_get_option_package_basic.phpt
ldap_get_option_variation.phpt
ldap_get_values_len_basic.phpt
ldap_get_values_len_error.phpt
ldap_list_basic.phpt
ldap_list_error.phpt
ldap_mod_add_basic.phpt
ldap_mod_add_error.phpt
ldap_mod_del_basic.phpt
ldap_mod_del_error.phpt
ldap_mod_replace_basic.phpt
ldap_mod_replace_error.phpt
ldap_modify_basic.phpt
ldap_modify_batch_basic.phpt
ldap_modify_batch_error.phpt
ldap_modify_error.phpt
ldap_next_attribute_basic.phpt
ldap_next_attribute_error.phpt
ldap_next_entry_basic.phpt
ldap_next_entry_error.phpt
ldap_next_reference_basic.phpt
ldap_next_reference_error.phpt
ldap_option_reqcert_basic.phpt
ldap_option_reqcert_error.phpt
ldap_parse_reference_basic.phpt
ldap_parse_reference_error.phpt
ldap_parse_result_basic.phpt
ldap_parse_result_error.phpt
ldap_read_basic.phpt
ldap_read_error.phpt
ldap_rename_basic.phpt
ldap_rename_error.phpt
ldap_sasl_bind_basic.phpt
ldap_sasl_bind_error.phpt
ldap_search_basic.phpt
ldap_search_error.phpt
ldap_search_overrides.phpt
ldap_search_variation1.phpt
ldap_search_variation2.phpt
ldap_search_variation3.phpt
ldap_search_variation4.phpt
ldap_search_variation5.phpt
ldap_search_variation6.phpt
ldap_set_option_basic.phpt
ldap_set_option_cafiles_basic.phpt
ldap_set_option_ciphersuite_basic.phpt
ldap_set_option_crlcheck_basic.phpt
ldap_set_option_crlcheck_error.phpt
ldap_set_option_error.phpt
ldap_set_option_keepalive_basic.phpt
ldap_set_option_reqcert_basic.phpt
ldap_set_option_reqcert_error.phpt
ldap_set_option_tls_protocol_min_basic.phpt
ldap_set_option_variation.phpt
ldap_set_rebind_proc_basic.phpt
ldap_set_rebind_proc_error.phpt
ldap_sort_basic.phpt
ldap_sort_error.phpt
ldap_sort_variation.phpt
ldap_start_tls_basic.phpt
ldap_start_tls_error.phpt
ldap_unbind_basic.phpt
ldap_unbind_error.phpt
ldap_unbind_variation.phpt
skipif.inc
skipifbindfailure.inc

README

To ease testing LDAP-Setups we've created a vagrant-setup.

Prerequisits:
=============

You will need vagrant on your box. Get it from https://www.vagrantup.com

Usage:
======

To use it follow these steps:

* Create a Vagrant-file with the following content.
* Go to that directory and run "vagrant up"

```
$setup = <<<SETUP
apt-get update

DEBIAN_FRONTEND=noninteractive aptitude install -q -y slapd ldap-utils

export SLAPPASS=`slappasswd -s password`

echo "dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=nodomain
-
replace: olcRootDN
olcRootDN: dc=admin,dc=nodomain
-
replace: olcRootPW
olcRootPW: ${SLAPPASS}" | ldapmodify -Y EXTERNAL -H ldapi:///

echo "dn: dc=nodomain
objectClass: dcObject
objectClass: organization
o: Example
dc: example

dn: ou=extldap,dc=nodomain
objectClass: organizationalUnit
ou: extldap" | ldapadd -c -x -H ldap://localhost:389 -D "dc=admin,dc=nodomain" -w password
SETUP

Vagrant.configure(2) do |config|
  config.vm.box = "ubuntu/trusty64"
  config.vm.network "private_network", ip: "192.168.33.10"
  config.vm.provision "shell", inline: $setup
end
```

Now you will have a virtual machine up and running on IP-Address 192.168.10.33 listening on port 369 for incomming LDAP-connections. The machine is already configured to execute the LDAP-Tests

The next step is to go into the PHP-Source-directory. Configure and make the source as appropriate.

Before running the LDAP-Tests you need to set some environment-variables:

export LDAP_TEST_PASSWD="password"
export LDAP_TEST_BASE="ou=extldap,dc=nodomain"
export LDAP_TEST_USER="dc=admin,dc=nodomain"
export LDAP_TEST_HOST=192.168.33.10

Now you can run the test-suite by calling "make test". To test only the LDAP-Tests, run "make test TESTS=ext/ldap"

CAVEAT: The current setup does not (yet) test secure connections. 


========
OLD README

Most tests here relies on the availability of an LDAP server configured with TLS.

Client/Server configuration:
===========================================================
OpenLDAP 2.4.31 has been used with the configuration below.

Notes:
1.  A self signed certificate can be generated using:
    $ openssl req -newkey rsa:1024 -x509 -nodes -out server.pem -keyout server.pem -days 3650
    It is used for testing ldap_start_tls(), which also requires "TLS_REQCERT never" in client configuration
2.  An empty LDAP structure is required for the tests to be PASSed (except for base and admin)

If you use a debian based distribution, prefer the use of dpkg-reconfigure.
Otherwise you may alter these configuration files:

	(/etc/openldap/)slapd.conf:
-----------------------------------------------------------
TLSCACertificateFile /etc/openldap/ssl/server.pem
TLSCertificateFile /etc/openldap/ssl/server.pem
TLSCertificateKeyFile /etc/openldap/ssl/server.pem
TLSVerifyClient never

# hdb is used instead of bdb as it enables the usage of referrals & aliases
database        hdb
suffix          "dc=my-domain,dc=com"
checkpoint      32      30
rootdn          "cn=Manager,dc=my-domain,dc=com"
rootpw          secret
directory       /var/lib/openldap-data
index   objectClass     eq

authz-regexp
	uid=Manager,cn=digest-md5,cn=auth
	cn=Manager,dc=my-domain,dc=com


(/etc/openldap/)ldap.conf:
-----------------------------------------------------------
TLS_REQCERT never

Tests configuration:
===========================================================
The following environment variables may be defined:
LDAP_TEST_HOST (default: localhost)                        Host to connect to
LDAP_TEST_PORT (default: 389)                              Port to connect to
LDAP_TEST_BASE (default: dc=my-domain,dc=com)              Base to use. May be the ldap root or a subtree. (ldap_search_variation6 will fail if a subtree is used)
LDAP_TEST_USER (default: cn=Manager,dc=my-domain,dc=com)   DN used for binding
LDAP_TEST_SASL_USER (default: Manager)                     SASL user used for SASL binding
LDAP_TEST_PASSWD (default: secret)                         Password used for plain and SASL binding
LDAP_TEST_OPT_PROTOCOL_VERSION (default: 3)                Version of LDAP protocol to use
LDAP_TEST_SKIP_BIND_FAILURE (default: true)                Whether to fail the test or not in case binding fails

Credits:
===========================================================
Davide Mendolia <idaf1er@gmail.com>
Patrick Allaert <patrick.allaert@gmail.com>
Côme Bernigaud <mcmic@php.net>