v2: Fix test failures. v3: actually fail on ADS_SECURE_AUTHENTICATION.
Signed-off-by: Dmitry Timoshkov dmitry@baikal.ru --- dlls/adsldp/Makefile.in | 3 +- dlls/adsldp/adsldp.c | 29 ++++++++++-- dlls/adsldp/adsldp_private.h | 24 ++++++++++ dlls/adsldp/ldap.c | 91 ++++++++++++++++++++++++++++++++++++ dlls/adsldp/tests/ldap.c | 31 +++++++++--- 5 files changed, 166 insertions(+), 12 deletions(-) create mode 100644 dlls/adsldp/adsldp_private.h create mode 100644 dlls/adsldp/ldap.c
diff --git a/dlls/adsldp/Makefile.in b/dlls/adsldp/Makefile.in index e9c87e68f1..3e5a5e310e 100644 --- a/dlls/adsldp/Makefile.in +++ b/dlls/adsldp/Makefile.in @@ -5,7 +5,8 @@ DELAYIMPORTS = netapi32 wldap32 EXTRADLLFLAGS = -mno-cygwin
C_SRCS = \ - adsldp.c + adsldp.c \ + ldap.c
IDL_SRCS = \ adsldp.idl diff --git a/dlls/adsldp/adsldp.c b/dlls/adsldp/adsldp.c index 30bd1672f6..bc4e9780b0 100644 --- a/dlls/adsldp/adsldp.c +++ b/dlls/adsldp/adsldp.c @@ -36,6 +36,8 @@ #include "lmapibuf.h" #include "winldap.h"
+#include "adsldp_private.h" + #include "wine/heap.h" #include "wine/debug.h"
@@ -700,7 +702,7 @@ static HRESULT parse_path(WCHAR *path, BSTR *host, ULONG *port, BSTR *object) }
static HRESULT WINAPI openobj_OpenDSObject(IADsOpenDSObject *iface, BSTR path, BSTR user, BSTR password, - LONG reserved, IDispatch **obj) + LONG flags, IDispatch **obj) { BSTR host, object; ULONG port; @@ -709,7 +711,7 @@ static HRESULT WINAPI openobj_OpenDSObject(IADsOpenDSObject *iface, BSTR path, B HRESULT hr; ULONG err;
- FIXME("%p,%s,%s,%08x,%p: semi-stub\n", iface, debugstr_w(path), debugstr_w(user), reserved, obj); + FIXME("%p,%s,%s,%p,%08x,%p: semi-stub\n", iface, debugstr_w(path), debugstr_w(user), password, flags, obj);
hr = parse_path(path, &host, &port, &object); if (hr != S_OK) return hr; @@ -760,7 +762,7 @@ static HRESULT WINAPI openobj_OpenDSObject(IADsOpenDSObject *iface, BSTR path, B err = ldap_set_optionW(ld, LDAP_OPT_PROTOCOL_VERSION, &version); if (err != LDAP_SUCCESS) { - hr = HRESULT_FROM_WIN32(err); + hr = HRESULT_FROM_WIN32(map_ldap_error(err)); ldap_unbind(ld); goto fail; } @@ -768,10 +770,29 @@ static HRESULT WINAPI openobj_OpenDSObject(IADsOpenDSObject *iface, BSTR path, B err = ldap_connect(ld, NULL); if (err != LDAP_SUCCESS) { - hr = HRESULT_FROM_WIN32(err); + hr = HRESULT_FROM_WIN32(map_ldap_error(err)); + ldap_unbind(ld); + goto fail; + } + + if (flags & ADS_SECURE_AUTHENTICATION) + { + FIXME("ADS_SECURE_AUTHENTICATION is not supported\n"); + hr = ERROR_DS_AUTH_METHOD_NOT_SUPPORTED; ldap_unbind(ld); goto fail; } + else + { + err = ldap_simple_bind_sW(ld, user, password); + if (err != LDAP_SUCCESS) + { + TRACE("ldap_simple_bind_sW error %#x\n", err); + hr = HRESULT_FROM_WIN32(map_ldap_error(err)); + ldap_unbind(ld); + goto fail; + } + } }
hr = LDAPNamespace_create(&IID_IADs, (void **)&ads); diff --git a/dlls/adsldp/adsldp_private.h b/dlls/adsldp/adsldp_private.h new file mode 100644 index 0000000000..8748d0496d --- /dev/null +++ b/dlls/adsldp/adsldp_private.h @@ -0,0 +1,24 @@ +/* + * Copyright 2020 Dmitry Timoshkov + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef _ADSLDP_PRIVATE_H +#define _ADSLDP_PRIVATE_H + +DWORD map_ldap_error(DWORD) DECLSPEC_HIDDEN; + +#endif diff --git a/dlls/adsldp/ldap.c b/dlls/adsldp/ldap.c new file mode 100644 index 0000000000..c23f46267e --- /dev/null +++ b/dlls/adsldp/ldap.c @@ -0,0 +1,91 @@ +/* + * Copyright 2020 Dmitry Timoshkov + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include <stdarg.h> + +#include "windef.h" +#include "winbase.h" +#include "winerror.h" +#include "winldap.h" + +DWORD map_ldap_error(DWORD err) +{ + switch (err) + { + case LDAP_SUCCESS: return ERROR_SUCCESS; + case LDAP_OPERATIONS_ERROR: return ERROR_DS_OPERATIONS_ERROR; + case LDAP_PROTOCOL_ERROR: return ERROR_DS_PROTOCOL_ERROR; + case LDAP_TIMELIMIT_EXCEEDED: return ERROR_DS_TIMELIMIT_EXCEEDED; + case LDAP_SIZELIMIT_EXCEEDED: return ERROR_DS_SIZELIMIT_EXCEEDED; + case LDAP_COMPARE_FALSE: return ERROR_DS_COMPARE_FALSE; + case LDAP_COMPARE_TRUE: return ERROR_DS_COMPARE_TRUE; + case LDAP_AUTH_METHOD_NOT_SUPPORTED: return ERROR_DS_AUTH_METHOD_NOT_SUPPORTED; + case LDAP_STRONG_AUTH_REQUIRED: return ERROR_DS_STRONG_AUTH_REQUIRED; + case LDAP_REFERRAL_V2: return ERROR_DS_REFERRAL; + case LDAP_REFERRAL: return ERROR_DS_REFERRAL; + case LDAP_ADMIN_LIMIT_EXCEEDED: return ERROR_DS_ADMIN_LIMIT_EXCEEDED; + case LDAP_UNAVAILABLE_CRIT_EXTENSION: return ERROR_DS_UNAVAILABLE_CRIT_EXTENSION; + case LDAP_CONFIDENTIALITY_REQUIRED: return ERROR_DS_CONFIDENTIALITY_REQUIRED; + case LDAP_NO_SUCH_ATTRIBUTE: return ERROR_DS_NO_ATTRIBUTE_OR_VALUE; + case LDAP_UNDEFINED_TYPE: return ERROR_DS_ATTRIBUTE_TYPE_UNDEFINED; + case LDAP_INAPPROPRIATE_MATCHING: return ERROR_DS_INAPPROPRIATE_MATCHING; + case LDAP_CONSTRAINT_VIOLATION: return ERROR_DS_CONSTRAINT_VIOLATION; + case LDAP_ATTRIBUTE_OR_VALUE_EXISTS: return ERROR_DS_ATTRIBUTE_OR_VALUE_EXISTS; + case LDAP_INVALID_SYNTAX: return ERROR_DS_INVALID_ATTRIBUTE_SYNTAX; + case LDAP_NO_SUCH_OBJECT: return ERROR_DS_NO_SUCH_OBJECT; + case LDAP_ALIAS_PROBLEM: return ERROR_DS_ALIAS_PROBLEM; + case LDAP_INVALID_DN_SYNTAX: return ERROR_DS_INVALID_DN_SYNTAX; + case LDAP_IS_LEAF: return ERROR_DS_IS_LEAF; + case LDAP_ALIAS_DEREF_PROBLEM: return ERROR_DS_ALIAS_DEREF_PROBLEM; + case LDAP_INAPPROPRIATE_AUTH: return ERROR_DS_INAPPROPRIATE_AUTH; + case LDAP_INVALID_CREDENTIALS: return ERROR_DS_SEC_DESC_INVALID; + case LDAP_INSUFFICIENT_RIGHTS: return ERROR_DS_INSUFF_ACCESS_RIGHTS; + case LDAP_BUSY: return ERROR_DS_BUSY; + case LDAP_UNAVAILABLE: return ERROR_DS_UNAVAILABLE; + case LDAP_UNWILLING_TO_PERFORM: return ERROR_DS_UNWILLING_TO_PERFORM; + case LDAP_LOOP_DETECT: return ERROR_DS_LOOP_DETECT; + case LDAP_SORT_CONTROL_MISSING: return ERROR_DS_SORT_CONTROL_MISSING; + case LDAP_OFFSET_RANGE_ERROR: return ERROR_DS_OFFSET_RANGE_ERROR; + case LDAP_NAMING_VIOLATION: return ERROR_DS_NAMING_VIOLATION; + case LDAP_OBJECT_CLASS_VIOLATION: return ERROR_DS_OBJ_CLASS_VIOLATION; + case LDAP_NOT_ALLOWED_ON_NONLEAF: return ERROR_DS_CANT_ON_NON_LEAF; + case LDAP_NOT_ALLOWED_ON_RDN: return ERROR_DS_CANT_ON_RDN; + case LDAP_ALREADY_EXISTS: return ERROR_ALREADY_EXISTS; + case LDAP_NO_OBJECT_CLASS_MODS: return ERROR_DS_CANT_MOD_OBJ_CLASS; + case LDAP_RESULTS_TOO_LARGE: return ERROR_DS_OBJECT_RESULTS_TOO_LARGE; + case LDAP_AFFECTS_MULTIPLE_DSAS: return ERROR_DS_AFFECTS_MULTIPLE_DSAS; + case LDAP_SERVER_DOWN: return ERROR_DS_SERVER_DOWN; + case LDAP_LOCAL_ERROR: return ERROR_DS_LOCAL_ERROR; + case LDAP_ENCODING_ERROR: return ERROR_DS_ENCODING_ERROR; + case LDAP_DECODING_ERROR: return ERROR_DS_DECODING_ERROR; + case LDAP_TIMEOUT: return ERROR_TIMEOUT; + case LDAP_AUTH_UNKNOWN: return ERROR_DS_AUTH_UNKNOWN; + case LDAP_FILTER_ERROR: return ERROR_DS_FILTER_UNKNOWN; + case LDAP_USER_CANCELLED: return ERROR_CANCELLED; + case LDAP_PARAM_ERROR: return ERROR_DS_PARAM_ERROR; + case LDAP_NO_MEMORY: return ERROR_NOT_ENOUGH_MEMORY; + case LDAP_CONNECT_ERROR: return ERROR_CONNECTION_UNAVAIL; + case LDAP_NOT_SUPPORTED: return ERROR_DS_NOT_SUPPORTED; + case LDAP_CONTROL_NOT_FOUND: return ERROR_DS_CONTROL_NOT_FOUND; + case LDAP_NO_RESULTS_RETURNED: return ERROR_DS_NO_RESULTS_RETURNED; + case LDAP_MORE_RESULTS_TO_RETURN: return ERROR_MORE_DATA; + case LDAP_CLIENT_LOOP: return ERROR_DS_CLIENT_LOOP; + case LDAP_REFERRAL_LIMIT_EXCEEDED: return ERROR_DS_REFERRAL_LIMIT_EXCEEDED; + default: return err; + } +} diff --git a/dlls/adsldp/tests/ldap.c b/dlls/adsldp/tests/ldap.c index 0ecba26817..6f8c00aa89 100644 --- a/dlls/adsldp/tests/ldap.c +++ b/dlls/adsldp/tests/ldap.c @@ -40,6 +40,8 @@ static const struct { const WCHAR *path; HRESULT hr, hr_ads_open, hr_ads_get; + const WCHAR *user, *password; + LONG flags; } test[] = { { L"invalid", MK_E_SYNTAX, E_ADS_BAD_PATHNAME, E_FAIL }, @@ -55,6 +57,9 @@ static const struct { L"LDAP://ldap.forumsys.com/rootDSE", S_OK }, { L"LDAP://ldap.forumsys.com/rootDSE/", E_ADS_BAD_PATHNAME }, { L"LDAP://ldap.forumsys.com/rootDSE/invalid", E_ADS_BAD_PATHNAME }, + { L"LDAP://ldap.forumsys.com/rootDSE", S_OK, S_OK, S_OK, NULL, NULL, 0 }, + { L"LDAP://ldap.forumsys.com/rootDSE", S_OK, S_OK, S_OK, L"CN=read-only-admin,DC=example,DC=com", L"password", 0 }, + /*{ L"LDAP://invalid", __HRESULT_FROM_WIN32(ERROR_DS_INVALID_DN_SYNTAX) }, takes way too much time */ };
@@ -65,7 +70,8 @@ static void test_LDAP(void) IADs *ads; IADsOpenDSObject *ads_open; IDispatch *disp; - BSTR path; + BSTR path, user, password; + int i;
hr = CoCreateInstance(&CLSID_LDAPNamespace, 0, CLSCTX_INPROC_SERVER, &IID_IADs, (void **)&ads); ok(hr == S_OK, "got %#x\n", hr); @@ -80,14 +86,25 @@ static void test_LDAP(void)
hr = IUnknown_QueryInterface(unk, &IID_IADsOpenDSObject, (void **)&ads_open); ok(hr == S_OK, "got %#x\n", hr); - IADsOpenDSObject_Release(ads_open);
- path = SysAllocString(L"LDAP:"); - hr = IADsOpenDSObject_OpenDSObject(ads_open, path, NULL, NULL, ADS_SECURE_AUTHENTICATION, &disp); - SysFreeString(path); - ok(hr == S_OK, "got %#x\n", hr); - IDispatch_Release(disp); + for (i = 0; i < ARRAY_SIZE(test); i++) + { + path = SysAllocString(test[i].path); + user = test[i].user ? SysAllocString(test[i].user) : NULL; + password = test[i].password ? SysAllocString(test[i].password) : NULL;
+ hr = IADsOpenDSObject_OpenDSObject(ads_open, path, user, password, test[i].flags, &disp); + ok(hr == test[i].hr || hr == test[i].hr_ads_open, "%d: got %#x, expected %#x\n", i, hr, test[i].hr); + if (hr == S_OK) + IDispatch_Release(disp); + + SysFreeString(path); + SysFreeString(user); + SysFreeString(password); + } + + + IADsOpenDSObject_Release(ads_open); IUnknown_Release(unk); }