summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Kemp <steve@steve.org.uk>2013-02-13 10:35:17 +0000
committerSteve Kemp <steve@steve.org.uk>2013-02-13 10:35:17 +0000
commitad9f35019beee93d08c5ddc2fad1170782363f9e (patch)
treee42a5750588b288e4a1ddcb5e8978543a6d476d8
parent8d5485569705d7380c921e65fa99b728bff20010 (diff)
LDAP probe complete.
-rw-r--r--cfg/sample.cfg2
-rw-r--r--lib/custodian/protocoltest/ldap.rb41
2 files changed, 40 insertions, 3 deletions
diff --git a/cfg/sample.cfg b/cfg/sample.cfg
index a455f6b..d407b17 100644
--- a/cfg/sample.cfg
+++ b/cfg/sample.cfg
@@ -1,3 +1,3 @@
-http://secure.servoshop.co.uk/ must run http with status 404 otherwise "Failure - this site is https only #524771'.
+auth.bytemark.co.uk must run ldap on 389 with username 'uid=apache,ou=systems,dc=bytemark,dc=co,dc=uk' with password 'binding' otherwise 'LDAP failure'.
diff --git a/lib/custodian/protocoltest/ldap.rb b/lib/custodian/protocoltest/ldap.rb
index 8ec42b6..49b9b41 100644
--- a/lib/custodian/protocoltest/ldap.rb
+++ b/lib/custodian/protocoltest/ldap.rb
@@ -1,5 +1,6 @@
require 'custodian/protocoltest/tcp'
+require 'ldap'
#
# The LDAP-protocol test.
@@ -67,7 +68,7 @@ module Custodian
# Save the port
#
if ( line =~ /on\s+([0-9]+)/ )
- @port = $1.dup
+ @port = $1.dup.to_i
else
@port = 389
end
@@ -94,7 +95,43 @@ module Custodian
# reset the error, in case we were previously executed.
@error = nil
- run_test_internal( @host, @port, nil, false )
+ begin
+ #
+ # Connect.
+ #
+ ldap = LDAP::Conn.new( @host, @port )
+ ldap.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+
+ #
+ # Hardwired search is bad..
+ #
+ base = 'ou=groups,dc=bytemark,dc=co,dc=uk'
+ scope = LDAP::LDAP_SCOPE_SUBTREE
+ filter = '(cn=vpn*)'
+ attrs = ['sn', 'cn']
+
+ #
+ # Bind.
+ #
+ ldap.bind( @ldap_user, @ldap_pass )
+ if ( ldap.bound? )
+
+ #
+ # Search
+ #
+ ldap.search(base,scope,filter,attrs) { |entry|
+ puts entry.vals('cn')
+ }
+ ldap.unbind
+ return true
+ else
+ @error "failed to bind to LDAP server '#{@host}' with username '#{@ldap_user}' and password '#{@ldap_pass}'"
+ return false.
+ end
+ rescue LDAP::ResultError => ex
+ @error = "LDAP exception: #{ex} when talkign to LDAP server '#{@host}' with username '#{@ldap_user}' and password '#{@ldap_pass}'"
+ return false
+ end
end