Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
test ldap encripted password
#!/usr/bin/perl
use warnings;
use strict;
use Authen::Passphrase::SaltedDigest;
use Net::LDAP;
use Test::More;
##########################################################################
my $DC_BASE = 'dc=example,dc=com';
my ($ADMIN_USER, $ADMIN_PASSWORD) = ( 'cn=Directory Manager', '12345678');
my @OBJECT_CLASS = ('top'
,'organizationalPerson'
,'person'
,'inetOrgPerson'
);
##########################################################################
sub connect_ldap {
my ($dn, $pass) = @_;
my $ldap = Net::LDAP->new('localhost', port => 389, verify => 'none');
my $mesg = $ldap->bind($dn, password => $pass);
die "ERROR: ".$mesg->code." : ".$mesg->error. " : Bad credentials for $dn\n"
if $mesg->code;
print "Binded with $dn\n";
return $ldap;
}
sub add_entry {
my $ldap = shift;
my ($name,$password) = @_;
my $apr=Authen::Passphrase::SaltedDigest->new(passphrase => $password, algorithm => "MD5");
my %entry = (
cn => $name
, uid => $name
, objectClass => [@OBJECT_CLASS]
, givenName => $name
, sn => $name
, userPassword => $apr->as_rfc2307()
);
my $dn = "cn=$name,".$DC_BASE;
my $mesg = $ldap->add($dn, attr => [%entry]);
if ($mesg->code) {
die "Error ".$mesg->code." adding $name to $dn ".$mesg->error;
}
print "User $name added\n";
}
sub search_entry {
my $ldap = shift;
my $cn = shift;
my $mesg = $ldap->search( # Search for the user
base => $DC_BASE,
scope => 'sub',
attrs => ['*'],
filter => "cn=$cn"
);
die "LDAP retry ".$mesg->code." ".$mesg->error if $mesg->code;
return if !$mesg->entries;
my @entries = $mesg->entries();
return $entries[0];
}
sub remove_entry {
my $ldap = shift;
my $cn = shift;
my $entry = search_entry($ldap, $cn);
return if !scalar($entry);
my $mesg = $ldap->delete($entry);
die "ERROR: ".$mesg->code." : ".$mesg->error
if $mesg->code;
}
##########################################################################
my $ldap1 = connect_ldap($ADMIN_USER, $ADMIN_PASSWORD);
my ($cn, $password) = qw(foo bar);
remove_entry($ldap1, $cn);
add_entry($ldap1, $cn,$password);
my $entry1 = search_entry($ldap1, $cn);
my $ldap_password = $entry1->get_value('userPassword')."\n";
my $ldap2 = connect_ldap($entry1->dn, $password);
my $ldap3 = connect_ldap($ADMIN_USER, $ADMIN_PASSWORD);
my $entry3 = search_entry($ldap3,$cn, $ldap3);
my $ldap_password3 = $entry3->get_value('userPassword')."\n";
is($ldap_password3, $ldap_password);
done_testing();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment