3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 ## Copyright 1998-2014 The OpenLDAP Foundation.
6 ## All rights reserved.
8 ## Redistribution and use in source and binary forms, with or without
9 ## modification, are permitted only as authorized by the OpenLDAP
12 ## A copy of this license is available in the file LICENSE in the
13 ## top-level directory of the distribution or, alternatively, at
14 ## <http://www.OpenLDAP.org/license.html>.
16 PCACHETTL=${PCACHETTL-"1m"}
17 PCACHENTTL=${PCACHENTTL-"1m"}
18 PCACHESTTL=${PCACHESTTL-"1m"}
19 PCACHE_ENTRY_LIMIT=${PCACHE_ENTRY_LIMIT-"6"}
20 PCACHE_CCPERIOD=${PCACHE_CCPERIOD-"2"}
21 PCACHETTR=${PCACHETTR-"2"}
22 PCACHEBTTR=${PCACHEBTTR-"5"}
24 . $SRCDIR/scripts/defines.sh
26 if test $PROXYCACHE = pcacheno; then
27 echo "Proxy cache overlay not available, test skipped"
31 if test $BACKLDAP = "ldapno" ; then
32 echo "LDAP backend not available, test skipped"
36 if test $BACKEND = ldif ; then
37 # The (mail=example.com*) queries hit a sizelimit, so which
38 # entry is returned depends on the ordering in the backend.
39 echo "Test does not support $BACKEND backend, test skipped"
43 mkdir -p $TESTDIR $DBDIR1 $DBDIR2
49 # - perform first set of searches at the proxy
50 # - verify cacheability
51 # - perform second set of searches at the proxy
52 # - verify answerability
54 echo "Starting master slapd on TCP/IP port $PORT1..."
55 . $CONFFILTER < $CACHEMASTERCONF > $CONF1
56 $SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 &
58 if test $WAIT != 0 ; then
66 echo "Using ldapsearch to check that master slapd is running..."
67 for i in 0 1 2 3 4 5; do
68 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
69 'objectclass=*' > /dev/null 2>&1
71 if test $RC = 0 ; then
74 echo "Waiting 5 seconds for slapd to start..."
78 if test $RC != 0 ; then
79 echo "ldapsearch failed ($RC)!"
80 test $KILLSERVERS != no && kill -HUP $KILLPIDS
84 echo "Using ldapadd to populate the master directory..."
85 $LDAPADD -x -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD < \
86 $LDIFORDERED > /dev/null 2>&1
88 if test $RC != 0 ; then
89 echo "ldapadd failed ($RC)!"
90 test $KILLSERVERS != no && kill -HUP $KILLPIDS
94 echo "Starting proxy cache on TCP/IP port $PORT2..."
95 . $CONFFILTER < $PROXYCACHECONF | sed \
96 -e "s/@TTL@/${PCACHETTL}/" \
97 -e "s/@NTTL@/${PCACHENTTL}/" \
98 -e "s/@STTL@/${PCACHENTTL}/" \
99 -e "s/@TTR@/${PCACHETTR}/" \
100 -e "s/@ENTRY_LIMIT@/${PCACHE_ENTRY_LIMIT}/" \
101 -e "s/@CCPERIOD@/${PCACHE_CCPERIOD}/" \
102 -e "s/@BTTR@/${PCACHEBTTR}/" \
105 $SLAPD -f $CONF2 -h $URI2 -d $LVL -d pcache > $LOG2 2>&1 &
107 if test $WAIT != 0 ; then
108 echo CACHEPID $CACHEPID
111 KILLPIDS="$KILLPIDS $CACHEPID"
115 echo "Using ldapsearch to check that proxy slapd is running..."
116 for i in 0 1 2 3 4 5; do
117 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT2 \
118 'objectclass=*' > /dev/null 2>&1
120 if test $RC = 0 ; then
123 echo "Waiting 5 seconds for slapd to start..."
127 if test $RC != 0 ; then
128 echo "ldapsearch failed ($RC)!"
129 test $KILLSERVERS != no && kill -HUP $KILLPIDS
133 cat /dev/null > $SEARCHOUT
135 echo "Making queries on the proxy cache..."
140 echo "Query $CNT: filter:$FILTER attrs:all (expect nothing)"
141 echo "# Query $CNT: filter:$FILTER attrs:all (expect nothing)" >> $SEARCHOUT
142 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
143 "$FILTER" >> $SEARCHOUT 2>> $TESTOUT
145 if test $RC != 0 ; then
146 echo "ldapsearch failed ($RC)!"
147 test $KILLSERVERS != no && kill -HUP $KILLPIDS
151 # ITS#4491, if debug messages are unavailable, we can't verify the tests.
152 grep "query template" $LOG2 > /dev/null
154 if test $RC != 0 ; then
155 echo "Debug messages unavailable, remaining test skipped..."
156 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
161 FILTER="(|(cn=*Jon*)(sn=Jon*))"
162 ATTRS="cn sn title uid"
163 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
164 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
165 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
166 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
168 if test $RC != 0 ; then
169 echo "ldapsearch failed ($RC)!"
170 test $KILLSERVERS != no && kill -HUP $KILLPIDS
177 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
178 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
179 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
180 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
182 if test $RC != 0 ; then
183 echo "ldapsearch failed ($RC)!"
184 test $KILLSERVERS != no && kill -HUP $KILLPIDS
190 ATTRS="cn sn title uid"
191 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
192 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
193 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
194 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
196 if test $RC != 0 ; then
197 echo "ldapsearch failed ($RC)!"
198 test $KILLSERVERS != no && kill -HUP $KILLPIDS
204 ATTRS="mail postaladdress telephonenumber cn uid"
205 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
206 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
207 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
208 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
210 if test $RC != 0 ; then
211 echo "ldapsearch failed ($RC)!"
212 test $KILLSERVERS != no && kill -HUP $KILLPIDS
217 FILTER="(mail=*@mail.alumni.example.com)"
218 ATTRS="cn sn title uid"
219 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
220 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
221 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
222 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
224 if test $RC != 0 ; then
225 echo "ldapsearch failed ($RC)!"
226 test $KILLSERVERS != no && kill -HUP $KILLPIDS
232 ATTRS="cn sn title uid"
233 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
234 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
235 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
236 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
238 if test $RC != 0 ; then
239 echo "ldapsearch failed ($RC)!"
240 test $KILLSERVERS != no && kill -HUP $KILLPIDS
245 FILTER="(mail=*example.com)"
246 ATTRS="cn sn title uid"
247 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
249 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
250 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
251 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
252 -D "$USERDN" -w "$UPASSWD" \
253 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
257 echo "ldapsearch should have failed!"
258 test $KILLSERVERS != no && kill -HUP $KILLPIDS
262 echo "ldapsearch failed ($RC)"
265 echo "ldapsearch failed ($RC)!"
266 test $KILLSERVERS != no && kill -HUP $KILLPIDS
274 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
276 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
277 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
278 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
279 -D "$USERDN" -w "$UPASSWD" \
280 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
284 echo "ldapsearch should have failed!"
285 test $KILLSERVERS != no && kill -HUP $KILLPIDS
289 echo "ldapsearch failed ($RC)"
292 echo "ldapsearch failed ($RC)!"
293 test $KILLSERVERS != no && kill -HUP $KILLPIDS
299 FILTER="(|(cn=All Staff)(sn=All Staff))"
300 ATTRS="sn cn title uid undefinedAttr"
301 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
302 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
303 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
304 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
306 if test $RC != 0 ; then
307 echo "ldapsearch failed ($RC)!"
308 test $KILLSERVERS != no && kill -HUP $KILLPIDS
314 # queries 2-6,8-10 are cacheable
315 CACHEABILITY=0111110111
316 grep CACHEABLE $LOG2 | awk '{
318 printf "Query %d not cacheable\n",NR
320 printf "Query %d cacheable\n",NR
322 CACHED=`grep CACHEABLE $LOG2 | awk '{
329 if test "$CACHEABILITY" = "$CACHED" ; then
330 echo "Successfully verified cacheability"
332 echo "Error in verifying cacheability"
335 test $KILLSERVERS != no && kill -HUP $KILLPIDS
340 FILTER="(|(cn=*Jones)(sn=Jones))"
341 ATTRS="cn sn title uid"
342 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
343 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
344 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
345 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
347 if test $RC != 0 ; then
348 echo "ldapsearch failed ($RC)!"
349 test $KILLSERVERS != no && kill -HUP $KILLPIDS
355 ATTRS="cn sn title uid"
356 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
357 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
358 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
359 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
361 if test $RC != 0 ; then
362 echo "ldapsearch failed ($RC)!"
363 test $KILLSERVERS != no && kill -HUP $KILLPIDS
369 ATTRS="mail postaladdress telephonenumber cn uid"
370 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
371 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
372 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
373 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
375 if test $RC != 0 ; then
376 echo "ldapsearch failed ($RC)!"
377 test $KILLSERVERS != no && kill -HUP $KILLPIDS
382 FILTER="(mail=jaj@mail.alumni.example.com)"
383 ATTRS="cn sn title uid"
384 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
385 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
386 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
387 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
390 if test $RC != 0 ; then
391 echo "ldapsearch failed ($RC)!"
392 test $KILLSERVERS != no && kill -HUP $KILLPIDS
397 FILTER="(mail=*example.com)"
398 ATTRS="cn sn title uid"
399 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
401 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
402 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
403 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
404 -D "$USERDN" -w "$UPASSWD" \
405 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
409 echo "ldapsearch should have failed!"
410 test $KILLSERVERS != no && kill -HUP $KILLPIDS
414 echo "ldapsearch failed ($RC)"
417 echo "ldapsearch failed ($RC)!"
418 test $KILLSERVERS != no && kill -HUP $KILLPIDS
426 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
428 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
429 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
430 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
431 -D "$USERDN" -w "$UPASSWD" \
432 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
436 echo "ldapsearch should have failed!"
437 test $KILLSERVERS != no && kill -HUP $KILLPIDS
441 echo "ldapsearch failed ($RC)"
444 echo "ldapsearch failed ($RC)!"
445 test $KILLSERVERS != no && kill -HUP $KILLPIDS
451 FILTER="(|(cn=All Staff)(sn=All Staff))"
452 ATTRS="sn cn title uid undefinedAttr"
453 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
454 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
455 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
456 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
458 if test $RC != 0 ; then
459 echo "ldapsearch failed ($RC)!"
460 test $KILLSERVERS != no && kill -HUP $KILLPIDS
464 #queries 11-13,16-17 are answerable, 14-15 are not
465 #actually, 14 would be answerable, but since 8 made mail=*example.com
466 #not answerable because of sizelimit, queries contained in it are no longer
468 ANSWERABILITY=1110011
469 grep ANSWERABLE $LOG2 | awk "BEGIN {FIRST=$FIRST}"'{
472 printf "Query %d not answerable\n",NR
474 printf "Query %d answerable\n",NR
477 ANSWERED=`grep ANSWERABLE $LOG2 | awk "BEGIN {FIRST=$FIRST}"'{
486 if test "$ANSWERABILITY" = "$ANSWERED" ; then
487 echo "Successfully verified answerability"
489 echo "Error in verifying answerability"
490 test $KILLSERVERS != no && kill -HUP $KILLPIDS
494 echo "Filtering ldapsearch results..."
495 $LDIFFILTER -s ldif=a < $SEARCHOUT > $SEARCHFLT
496 echo "Filtering original ldif..."
497 $LDIFFILTER -s ldif=a < $PROXYCACHEOUT > $LDIFFLT
498 echo "Comparing filter output..."
499 $CMP $SEARCHFLT $LDIFFLT > $CMPOUT
501 if test $? != 0 ; then
502 echo "Comparison failed"
503 test $KILLSERVERS != no && kill -HUP $KILLPIDS
508 echo "Testing cache refresh"
511 FILTER="(&(objectclass=person)(uid=dots))"
512 ATTRS="cn mail telephonenumber"
513 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
514 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
515 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
516 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
518 if test $RC != 0 ; then
519 echo "ldapsearch failed ($RC)!"
520 test $KILLSERVERS != no && kill -HUP $KILLPIDS
524 $LDAPMODIFY -x -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD <<EOF \
526 dn: cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com
529 mail: dots@admin.example2.com
534 if test $RC != 0 ; then
535 echo "ldapmodify failed ($RC)!"
536 test $KILLSERVERS != no && kill -HUP $KILLPIDS
540 SLEEP=`expr $PCACHETTR + $PCACHE_CCPERIOD + 1`
541 echo "Waiting $SLEEP seconds for cache to refresh"
545 echo "Checking entry again"
546 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
547 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
549 if test $RC != 0 ; then
550 echo "ldapsearch failed ($RC)!"
551 test $KILLSERVERS != no && kill -HUP $KILLPIDS
555 grep "^mail: dots@admin" $SEARCHOUT > /dev/null
557 if test $RC != 0 ; then
558 echo "Refresh failed"
559 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
564 echo "Testing Bind caching"
567 USERDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
569 echo "Query $CNT: $USERDN"
570 echo "# Query $CNT: $USERDN" >> $SEARCHOUT
571 $LDAPSEARCH -S "" -b "" -s base -h $LOCALHOST -p $PORT2 \
572 -D "$USERDN" -w "$UPASSWD" >> $SEARCHOUT 2>> $TESTOUT
574 if test $RC != 0 ; then
575 echo "ldapsearch failed ($RC)!"
576 test $KILLSERVERS != no && kill -HUP $KILLPIDS
580 grep "CACHING BIND" $LOG2 > /dev/null
582 if test $RC != 0 ; then
583 echo "Refresh failed"
584 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
589 USERDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
591 echo "Query $CNT: (Bind should be cached)"
592 echo "# Query $CNT: (Bind should be cached)" >> $SEARCHOUT
593 $LDAPSEARCH -S "" -b "" -s base -h $LOCALHOST -p $PORT2 \
594 -D "$USERDN" -w "$UPASSWD" >> $SEARCHOUT 2>> $TESTOUT
596 if test $RC != 0 ; then
597 echo "ldapsearch failed ($RC)!"
598 test $KILLSERVERS != no && kill -HUP $KILLPIDS
602 grep "CACHED BIND" $LOG2 > /dev/null
604 if test $RC != 0 ; then
605 echo "Refresh failed"
606 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
611 echo "Testing pwdModify"
612 $LDAPPASSWD -h $LOCALHOST -p $PORT2 \
613 -D "$MANAGERDN" -w "$PASSWD" -s newpw "$USERDN" >> $TESTOUT 2>&1
615 if test $RC != 0 ; then
616 echo "ldappasswd failed ($RC)!"
617 test $KILLSERVERS != no && kill -HUP $KILLPIDS
621 RC=`grep "CACH.* BIND" $LOG2 | wc -l`
622 if test $RC != 3 ; then
623 echo "ldappasswd didn't update the cache"
624 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
629 USERDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
631 echo "Query $CNT: (Bind should be cached)"
632 echo "# Query $CNT: (Bind should be cached)" >> $SEARCHOUT
633 $LDAPSEARCH -S "" -b "" -s base -h $LOCALHOST -p $PORT2 \
634 -D "$USERDN" -w "$UPASSWD" >> $SEARCHOUT 2>> $TESTOUT
636 if test $RC != 0 ; then
637 echo "ldapsearch failed ($RC)!"
638 test $KILLSERVERS != no && kill -HUP $KILLPIDS
642 RC=`grep "CACH.* BIND" $LOG2 | wc -l`
643 if test $RC != 4 ; then
644 echo "Bind wasn't answered from cache"
645 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
648 test $KILLSERVERS != no && kill -HUP $KILLPIDS
650 echo ">>>>> Test succeeded"
652 test $KILLSERVERS != no && wait