php-src

mirror of https://github.com/php/php-src.git synced 2025-08-18 23:18:56 +02:00

History

Côme Chilliet e67379399a Removing client controls attribute from ldap_exop signature Client controls will not get implemented in php-ldap as they are specific to each client ldap lib and most of the time unused any way. (servers controls on the other end are used and will get implemented)		2017-09-07 16:31:03 +02:00
..
bug48441.phpt
bug48696.phpt
bug72021.phpt
bug73933.phpt	Fixed another part in ldap (bug #73933 )	2017-01-19 12:23:23 +08:00
connect.inc	Fixed ldap_exop_passwd and added tests for it	2017-07-03 10:58:12 +02:00
ldap_add_basic.phpt
ldap_add_error.phpt
ldap_bind_basic.phpt
ldap_bind_error.phpt
ldap_bind_variation.phpt
ldap_compare_basic.phpt
ldap_compare_error.phpt
ldap_connect_basic.phpt
ldap_connect_error.phpt
ldap_connect_ldap_conf.phpt	ext/ldap/test: Test that ldap_connect() uses defaults from ldap.conf (openldap)	2017-05-30 17:30:32 +02:00
ldap_connect_variation.phpt
ldap_control_paged_results_variation1.phpt
ldap_control_paged_results_variation2.phpt
ldap_control_paged_results_variation3.phpt
ldap_count_entries_basic.phpt
ldap_count_entries_error.phpt
ldap_delete_basic.phpt
ldap_delete_error.phpt
ldap_dn2ufn.phpt
ldap_err2str_basic.phpt
ldap_err2str_error.phpt
ldap_errno_basic.phpt
ldap_errno_error.phpt
ldap_error_basic.phpt
ldap_error_error.phpt
ldap_escape_all.phpt
ldap_escape_both.phpt
ldap_escape_dn.phpt
ldap_escape_filter.phpt
ldap_escape_ignore.phpt
ldap_exop.phpt	Removing client controls attribute from ldap_exop signature	2017-09-07 16:31:03 +02:00
ldap_exop_passwd.phpt	Test ldap_exop_passwd with less parameters to be sure it works	2017-07-04 10:17:41 +02:00
ldap_exop_passwd_error.phpt	Removed two step syntax for EXOP helpers, one call workflow is enough	2017-07-03 10:58:13 +02:00
ldap_exop_whoami.phpt	Changed API to avoid using passing result by reference	2017-07-04 10:03:27 +02:00
ldap_explode_dn.phpt
ldap_first_attribute_basic.phpt
ldap_first_attribute_error.phpt
ldap_first_entry_basic.phpt
ldap_first_entry_error.phpt
ldap_first_reference_basic.phpt
ldap_first_reference_error.phpt
ldap_free_result_basic.phpt
ldap_free_result_error.phpt
ldap_get_attributes_basic.phpt
ldap_get_attributes_error.phpt
ldap_get_dn_basic.phpt
ldap_get_dn_error.phpt
ldap_get_entries_basic.phpt
ldap_get_entries_error.phpt
ldap_get_entries_variation.phpt
ldap_get_option_basic.phpt
ldap_get_option_controls.phpt	Fixed removing all controls by passing an empty array to ldap_set_option	2017-07-11 16:18:33 +02:00
ldap_get_option_error.phpt
ldap_get_option_package_basic.phpt
ldap_get_option_variation.phpt	Added constants for known ldap controls OID and tests for ldap_get/set_option for controls	2017-07-05 16:41:52 +02:00
ldap_get_values_len_basic.phpt
ldap_get_values_len_error.phpt
ldap_list_basic.phpt
ldap_list_error.phpt
ldap_mod_add_basic.phpt
ldap_mod_add_error.phpt
ldap_mod_del_basic.phpt
ldap_mod_del_error.phpt
ldap_mod_replace_basic.phpt
ldap_mod_replace_error.phpt
ldap_modify_basic.phpt
ldap_modify_batch_basic.phpt
ldap_modify_batch_error.phpt
ldap_modify_error.phpt
ldap_next_attribute_basic.phpt
ldap_next_attribute_error.phpt
ldap_next_entry_basic.phpt
ldap_next_entry_error.phpt
ldap_next_reference_basic.phpt
ldap_next_reference_error.phpt
ldap_option_reqcert_basic.phpt
ldap_option_reqcert_error.phpt
ldap_parse_reference_basic.phpt
ldap_parse_reference_error.phpt
ldap_parse_result_basic.phpt
ldap_parse_result_error.phpt
ldap_read_basic.phpt
ldap_read_error.phpt
ldap_rename_basic.phpt
ldap_rename_error.phpt
ldap_sasl_bind_basic.phpt
ldap_sasl_bind_error.phpt
ldap_search_basic.phpt
ldap_search_error.phpt
ldap_search_overrides.phpt
ldap_search_variation1.phpt
ldap_search_variation2.phpt
ldap_search_variation3.phpt
ldap_search_variation4.phpt
ldap_search_variation5.phpt
ldap_search_variation6.phpt
ldap_set_option_basic.phpt
ldap_set_option_cafiles_basic.phpt
ldap_set_option_ciphersuite_basic.phpt
ldap_set_option_crlcheck_basic.phpt
ldap_set_option_crlcheck_error.phpt
ldap_set_option_error.phpt
ldap_set_option_keepalive_basic.phpt
ldap_set_option_reqcert_basic.phpt
ldap_set_option_reqcert_error.phpt
ldap_set_option_tls_protocol_min_basic.phpt
ldap_set_option_variation.phpt	Added constants for known ldap controls OID and tests for ldap_get/set_option for controls	2017-07-05 16:41:52 +02:00
ldap_set_rebind_proc_basic.phpt
ldap_set_rebind_proc_error.phpt
ldap_sort_basic.phpt
ldap_sort_error.phpt
ldap_sort_variation.phpt
ldap_start_tls_basic.phpt
ldap_start_tls_error.phpt
ldap_unbind_basic.phpt
ldap_unbind_error.phpt
ldap_unbind_variation.phpt
README
skipif.inc
skipifbindfailure.inc

README

To ease testing LDAP-Setups we've created a vagrant-setup.

Prerequisits:
=============

You will need vagrant on your box. Get it from https://www.vagrantup.com

Usage:
======

To use it follow these steps:

* Create a Vagrant-file with the following content.
* Go to that directory and run "vagrant up"

```
$setup = <<<SETUP
apt-get update

DEBIAN_FRONTEND=noninteractive aptitude install -q -y slapd ldap-utils

export SLAPPASS=`slappasswd -s password`

echo "dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=nodomain
-
replace: olcRootDN
olcRootDN: dc=admin,dc=nodomain
-
replace: olcRootPW
olcRootPW: ${SLAPPASS}" | ldapmodify -Y EXTERNAL -H ldapi:///

echo "dn: dc=nodomain
objectClass: dcObject
objectClass: organization
o: Example
dc: example

dn: ou=extldap,dc=nodomain
objectClass: organizationalUnit
ou: extldap" | ldapadd -c -x -H ldap://localhost:389 -D "dc=admin,dc=nodomain" -w password
SETUP

Vagrant.configure(2) do |config|
  config.vm.box = "ubuntu/trusty64"
  config.vm.network "private_network", ip: "192.168.33.10"
  config.vm.provision "shell", inline: $setup
end
```

Now you will have a virtual machine up and running on IP-Address 192.168.10.33 listening on port 369 for incomming LDAP-connections. The machine is already configured to execute the LDAP-Tests

The next step is to go into the PHP-Source-directory. Configure and make the source as appropriate.

Before running the LDAP-Tests you need to set some environment-variables:

export LDAP_TEST_PASSWD="password"
export LDAP_TEST_BASE="ou=extldap,dc=nodomain"
export LDAP_TEST_USER="dc=admin,dc=nodomain"
export LDAP_TEST_HOST=192.168.33.10

Now you can run the test-suite by calling "make test". To test only the LDAP-Tests, run "make test TESTS=ext/ldap"

CAVEAT: The current setup does not (yet) test secure connections. 


========
OLD README

Most tests here relies on the availability of an LDAP server configured with TLS.

Client/Server configuration:
===========================================================
OpenLDAP 2.4.31 has been used with the configuration below.

Notes:
1.  A self signed certificate can be generated using:
    $ openssl req -newkey rsa:1024 -x509 -nodes -out server.pem -keyout server.pem -days 3650
    It is used for testing ldap_start_tls(), which also requires "TLS_REQCERT never" in client configuration
2.  An empty LDAP structure is required for the tests to be PASSed (except for base and admin)

If you use a debian based distribution, prefer the use of dpkg-reconfigure.
Otherwise you may alter these configuration files:

	(/etc/openldap/)slapd.conf:
-----------------------------------------------------------
TLSCACertificateFile /etc/openldap/ssl/server.pem
TLSCertificateFile /etc/openldap/ssl/server.pem
TLSCertificateKeyFile /etc/openldap/ssl/server.pem
TLSVerifyClient never

# hdb is used instead of bdb as it enables the usage of referrals & aliases
database        hdb
suffix          "dc=my-domain,dc=com"
checkpoint      32      30
rootdn          "cn=Manager,dc=my-domain,dc=com"
rootpw          secret
directory       /var/lib/openldap-data
index   objectClass     eq

authz-regexp
	uid=Manager,cn=digest-md5,cn=auth
	cn=Manager,dc=my-domain,dc=com


(/etc/openldap/)ldap.conf:
-----------------------------------------------------------
TLS_REQCERT never

Tests configuration:
===========================================================
The following environment variables may be defined:
LDAP_TEST_HOST (default: localhost)                        Host to connect to
LDAP_TEST_PORT (default: 389)                              Port to connect to
LDAP_TEST_BASE (default: dc=my-domain,dc=com)              Base to use. May be the ldap root or a subtree. (ldap_search_variation6 will fail if a subtree is used)
LDAP_TEST_USER (default: cn=Manager,dc=my-domain,dc=com)   DN used for binding
LDAP_TEST_SASL_USER (default: Manager)                     SASL user used for SASL binding
LDAP_TEST_PASSWD (default: secret)                         Password used for plain and SASL binding
LDAP_TEST_OPT_PROTOCOL_VERSION (default: 3)                Version of LDAP protocol to use
LDAP_TEST_SKIP_BIND_FAILURE (default: true)                Whether to fail the test or not in case binding fails

Credits:
===========================================================
Davide Mendolia <idaf1er@gmail.com>
Patrick Allaert <patrick.allaert@gmail.com>
Côme Bernigaud <mcmic@php.net>