3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 ## Copyright 1998-2010 The OpenLDAP Foundation.
6 ## All rights reserved.
8 ## Redistribution and use in source and binary forms, with or without
9 ## modification, are permitted only as authorized by the OpenLDAP
12 ## A copy of this license is available in the file LICENSE in the
13 ## top-level directory of the distribution or, alternatively, at
14 ## <http://www.OpenLDAP.org/license.html>.
16 PCACHETTL=${PCACHETTL-"1m"}
17 PCACHENTTL=${PCACHENTTL-"1m"}
18 PCACHESTTL=${PCACHESTTL-"1m"}
19 PCACHE_ENTRY_LIMIT=${PCACHE_ENTRY_LIMIT-"6"}
20 PCACHE_CCPERIOD=${PCACHE_CCPERIOD-"2"}
21 PCACHETTR=${PCACHETTR-"2"}
22 PCACHEBTTR=${PCACHEBTTR-"5"}
24 . $SRCDIR/scripts/defines.sh
26 if test $PROXYCACHE = pcacheno; then
27 echo "Proxy cache overlay not available, test skipped"
31 if test $BACKLDAP = "ldapno" ; then
32 echo "LDAP backend not available, test skipped"
36 if test $BACKEND = ldif ; then
37 # The (mail=example.com*) queries hit a sizelimit, so which
38 # entry is returned depends on the ordering in the backend.
39 echo "Test does not support $BACKEND backend, test skipped"
43 mkdir -p $TESTDIR $DBDIR1 $DBDIR2
49 # - perform first set of searches at the proxy
50 # - verify cacheability
51 # - perform second set of searches at the proxy
52 # - verify answerability
54 echo "Starting master slapd on TCP/IP port $PORT1..."
55 . $CONFFILTER < $CACHEMASTERCONF > $CONF1
56 $SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 &
58 if test $WAIT != 0 ; then
66 echo "Using ldapsearch to check that master slapd is running..."
67 for i in 0 1 2 3 4 5; do
68 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
69 'objectclass=*' > /dev/null 2>&1
71 if test $RC = 0 ; then
74 echo "Waiting 5 seconds for slapd to start..."
78 if test $RC != 0 ; then
79 echo "ldapsearch failed ($RC)!"
80 test $KILLSERVERS != no && kill -HUP $KILLPIDS
84 echo "Using ldapadd to populate the master directory..."
85 $LDAPADD -x -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD < \
86 $LDIFORDERED > /dev/null 2>&1
88 if test $RC != 0 ; then
89 echo "ldapadd failed ($RC)!"
90 test $KILLSERVERS != no && kill -HUP $KILLPIDS
94 echo "Starting proxy cache on TCP/IP port $PORT2..."
95 . $CONFFILTER < $PROXYCACHECONF | sed \
96 -e "s/@TTL@/${PCACHETTL}/" \
97 -e "s/@NTTL@/${PCACHENTTL}/" \
98 -e "s/@STTL@/${PCACHENTTL}/" \
99 -e "s/@TTR@/${PCACHETTR}/" \
100 -e "s/@ENTRY_LIMIT@/${PCACHE_ENTRY_LIMIT}/" \
101 -e "s/@CCPERIOD@/${PCACHE_CCPERIOD}/" \
102 -e "s/@BTTR@/${PCACHEBTTR}/" \
105 $SLAPD -f $CONF2 -h $URI2 -d $LVL -d pcache > $LOG2 2>&1 &
107 if test $WAIT != 0 ; then
108 echo CACHEPID $CACHEPID
111 KILLPIDS="$KILLPIDS $CACHEPID"
115 echo "Using ldapsearch to check that proxy slapd is running..."
116 for i in 0 1 2 3 4 5; do
117 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT2 \
118 'objectclass=*' > /dev/null 2>&1
120 if test $RC = 0 ; then
123 echo "Waiting 5 seconds for slapd to start..."
127 if test $RC != 0 ; then
128 echo "ldapsearch failed ($RC)!"
129 test $KILLSERVERS != no && kill -HUP $KILLPIDS
133 cat /dev/null > $SEARCHOUT
135 echo "Making queries on the proxy cache..."
140 echo "Query $CNT: filter:$FILTER attrs:all (expect nothing)"
141 echo "# Query $CNT: filter:$FILTER attrs:all (expect nothing)" >> $SEARCHOUT
142 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
143 "$FILTER" >> $SEARCHOUT 2>> $TESTOUT
145 if test $RC != 0 ; then
146 echo "ldapsearch failed ($RC)!"
147 test $KILLSERVERS != no && kill -HUP $KILLPIDS
151 # ITS#4491, if debug messages are unavailable, we can't verify the tests.
152 grep "query template" $LOG2 > /dev/null
154 if test $RC != 0 ; then
155 echo "Debug messages unavailable, test aborted..."
156 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
161 FILTER="(|(cn=*Jon*)(sn=Jon*))"
162 ATTRS="cn sn title uid"
163 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
164 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
165 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
166 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
168 if test $RC != 0 ; then
169 echo "ldapsearch failed ($RC)!"
170 test $KILLSERVERS != no && kill -HUP $KILLPIDS
177 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
178 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
179 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
180 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
182 if test $RC != 0 ; then
183 echo "ldapsearch failed ($RC)!"
184 test $KILLSERVERS != no && kill -HUP $KILLPIDS
190 ATTRS="cn sn title uid"
191 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
192 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
193 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
194 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
196 if test $RC != 0 ; then
197 echo "ldapsearch failed ($RC)!"
198 test $KILLSERVERS != no && kill -HUP $KILLPIDS
204 ATTRS="mail postaladdress telephonenumber cn uid"
205 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
206 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
207 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
208 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
210 if test $RC != 0 ; then
211 echo "ldapsearch failed ($RC)!"
212 test $KILLSERVERS != no && kill -HUP $KILLPIDS
217 FILTER="(mail=*@mail.alumni.example.com)"
218 ATTRS="cn sn title uid"
219 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
220 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
221 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
222 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
224 if test $RC != 0 ; then
225 echo "ldapsearch failed ($RC)!"
226 test $KILLSERVERS != no && kill -HUP $KILLPIDS
232 ATTRS="cn sn title uid"
233 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
234 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
235 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
236 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
238 if test $RC != 0 ; then
239 echo "ldapsearch failed ($RC)!"
240 test $KILLSERVERS != no && kill -HUP $KILLPIDS
245 FILTER="(mail=*example.com)"
246 ATTRS="cn sn title uid"
247 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
249 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
250 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
251 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
252 -D "$USERDN" -w "$UPASSWD" \
253 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
257 echo "ldapsearch should have failed!"
258 test $KILLSERVERS != no && kill -HUP $KILLPIDS
262 echo "ldapsearch failed ($RC)"
265 echo "ldapsearch failed ($RC)!"
266 test $KILLSERVERS != no && kill -HUP $KILLPIDS
274 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
276 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
277 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
278 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
279 -D "$USERDN" -w "$UPASSWD" \
280 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
284 echo "ldapsearch should have failed!"
285 test $KILLSERVERS != no && kill -HUP $KILLPIDS
289 echo "ldapsearch failed ($RC)"
292 echo "ldapsearch failed ($RC)!"
293 test $KILLSERVERS != no && kill -HUP $KILLPIDS
300 # queries 2-6,8-9 are cacheable
301 CACHEABILITY=011111011
302 grep CACHEABLE $LOG2 | awk '{
304 printf "Query %d not cacheable\n",NR
306 printf "Query %d cacheable\n",NR
308 CACHED=`grep CACHEABLE $LOG2 | awk '{
315 if test "$CACHEABILITY" = "$CACHED" ; then
316 echo "Successfully verified cacheability"
318 echo "Error in verifying cacheability"
319 test $KILLSERVERS != no && kill -HUP $KILLPIDS
324 FILTER="(|(cn=*Jones)(sn=Jones))"
325 ATTRS="cn sn title uid"
326 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
327 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
328 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
329 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
331 if test $RC != 0 ; then
332 echo "ldapsearch failed ($RC)!"
333 test $KILLSERVERS != no && kill -HUP $KILLPIDS
339 ATTRS="cn sn title uid"
340 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
341 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
342 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
343 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
345 if test $RC != 0 ; then
346 echo "ldapsearch failed ($RC)!"
347 test $KILLSERVERS != no && kill -HUP $KILLPIDS
353 ATTRS="mail postaladdress telephonenumber cn uid"
354 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
355 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
356 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
357 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
359 if test $RC != 0 ; then
360 echo "ldapsearch failed ($RC)!"
361 test $KILLSERVERS != no && kill -HUP $KILLPIDS
366 FILTER="(mail=jaj@mail.alumni.example.com)"
367 ATTRS="cn sn title uid"
368 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
369 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
370 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
371 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
374 if test $RC != 0 ; then
375 echo "ldapsearch failed ($RC)!"
376 test $KILLSERVERS != no && kill -HUP $KILLPIDS
381 FILTER="(mail=*example.com)"
382 ATTRS="cn sn title uid"
383 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
385 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
386 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
387 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
388 -D "$USERDN" -w "$UPASSWD" \
389 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
393 echo "ldapsearch should have failed!"
394 test $KILLSERVERS != no && kill -HUP $KILLPIDS
398 echo "ldapsearch failed ($RC)"
401 echo "ldapsearch failed ($RC)!"
402 test $KILLSERVERS != no && kill -HUP $KILLPIDS
410 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
412 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
413 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
414 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
415 -D "$USERDN" -w "$UPASSWD" \
416 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
420 echo "ldapsearch should have failed!"
421 test $KILLSERVERS != no && kill -HUP $KILLPIDS
425 echo "ldapsearch failed ($RC)"
428 echo "ldapsearch failed ($RC)!"
429 test $KILLSERVERS != no && kill -HUP $KILLPIDS
434 #queries 10-12,15 are answerable, 13-14 are not
435 #actually, 12 would be answerable, but since 8 made mail=*example.com
436 #not answerable because of sizelimit, queries contained in it are no longer
439 grep ANSWERABLE $LOG2 | awk "BEGIN {FIRST=$FIRST}"'{
442 printf "Query %d not answerable\n",NR
444 printf "Query %d answerable\n",NR
447 ANSWERED=`grep ANSWERABLE $LOG2 | awk "BEGIN {FIRST=$FIRST}"'{
456 if test "$ANSWERABILITY" = "$ANSWERED" ; then
457 echo "Successfully verified answerability"
459 echo "Error in verifying answerability"
460 test $KILLSERVERS != no && kill -HUP $KILLPIDS
464 echo "Filtering ldapsearch results..."
465 $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
466 echo "Filtering original ldif..."
467 $LDIFFILTER < $PROXYCACHEOUT > $LDIFFLT
468 echo "Comparing filter output..."
469 $CMP $SEARCHFLT $LDIFFLT > $CMPOUT
471 if test $? != 0 ; then
472 echo "Comparison failed"
473 test $KILLSERVERS != no && kill -HUP $KILLPIDS
478 echo "Testing cache refresh"
481 FILTER="(&(objectclass=person)(uid=dots))"
482 ATTRS="cn mail telephonenumber"
483 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
484 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
485 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
486 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
488 if test $RC != 0 ; then
489 echo "ldapsearch failed ($RC)!"
490 test $KILLSERVERS != no && kill -HUP $KILLPIDS
494 $LDAPMODIFY -x -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD <<EOF \
496 dn: cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com
499 mail: dots@admin.example2.com
504 if test $RC != 0 ; then
505 echo "ldapmodify failed ($RC)!"
506 test $KILLSERVERS != no && kill -HUP $KILLPIDS
510 SLEEP=`expr $PCACHETTR + $PCACHE_CCPERIOD`
511 echo "Waiting $SLEEP seconds for cache to refresh"
515 echo "Checking entry again"
516 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
517 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
519 if test $RC != 0 ; then
520 echo "ldapsearch failed ($RC)!"
521 test $KILLSERVERS != no && kill -HUP $KILLPIDS
525 grep "^mail: dots@admin" $SEARCHOUT > /dev/null
527 if test $RC != 0 ; then
528 echo "Refresh failed"
529 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
534 echo "Testing Bind caching"
537 USERDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
539 echo "Query $CNT: $USERDN"
540 echo "# Query $CNT: $USERDN" >> $SEARCHOUT
541 $LDAPSEARCH -S "" -b "" -s base -h $LOCALHOST -p $PORT2 \
542 -D "$USERDN" -w "$UPASSWD" >> $SEARCHOUT 2>> $TESTOUT
544 if test $RC != 0 ; then
545 echo "ldapsearch failed ($RC)!"
546 test $KILLSERVERS != no && kill -HUP $KILLPIDS
550 grep "CACHING BIND" $LOG2 > /dev/null
552 if test $RC != 0 ; then
553 echo "Refresh failed"
554 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
559 USERDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
561 echo "Query $CNT: (Bind should be cached)"
562 echo "# Query $CNT: (Bind should be cached)" >> $SEARCHOUT
563 $LDAPSEARCH -S "" -b "" -s base -h $LOCALHOST -p $PORT2 \
564 -D "$USERDN" -w "$UPASSWD" >> $SEARCHOUT 2>> $TESTOUT
566 if test $RC != 0 ; then
567 echo "ldapsearch failed ($RC)!"
568 test $KILLSERVERS != no && kill -HUP $KILLPIDS
572 grep "CACHED BIND" $LOG2 > /dev/null
574 if test $RC != 0 ; then
575 echo "Refresh failed"
576 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
581 echo "Testing pwdModify"
582 $LDAPPASSWD -h $LOCALHOST -p $PORT2 \
583 -D "$MANAGERDN" -w "$PASSWD" -s newpw "$USERDN" >> $TESTOUT 2>&1
585 if test $RC != 0 ; then
586 echo "ldappasswd failed ($RC)!"
587 test $KILLSERVERS != no && kill -HUP $KILLPIDS
591 RC=`grep "CACH.* BIND" $LOG2 | wc -l`
592 if test $RC != 3 ; then
593 echo "ldappasswd didn't update the cache"
594 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
599 USERDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
601 echo "Query $CNT: (Bind should be cached)"
602 echo "# Query $CNT: (Bind should be cached)" >> $SEARCHOUT
603 $LDAPSEARCH -S "" -b "" -s base -h $LOCALHOST -p $PORT2 \
604 -D "$USERDN" -w "$UPASSWD" >> $SEARCHOUT 2>> $TESTOUT
606 if test $RC != 0 ; then
607 echo "ldapsearch failed ($RC)!"
608 test $KILLSERVERS != no && kill -HUP $KILLPIDS
612 RC=`grep "CACH.* BIND" $LOG2 | wc -l`
613 if test $RC != 4 ; then
614 echo "Bind wasn't answered from cache"
615 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
618 test $KILLSERVERS != no && kill -HUP $KILLPIDS
620 echo ">>>>> Test succeeded"
622 test $KILLSERVERS != no && wait