3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 ## Copyright 1998-2011 The OpenLDAP Foundation.
6 ## All rights reserved.
8 ## Redistribution and use in source and binary forms, with or without
9 ## modification, are permitted only as authorized by the OpenLDAP
12 ## A copy of this license is available in the file LICENSE in the
13 ## top-level directory of the distribution or, alternatively, at
14 ## <http://www.OpenLDAP.org/license.html>.
16 PCACHETTL=${PCACHETTL-"1m"}
17 PCACHENTTL=${PCACHENTTL-"1m"}
18 PCACHESTTL=${PCACHESTTL-"1m"}
19 PCACHE_ENTRY_LIMIT=${PCACHE_ENTRY_LIMIT-"6"}
20 PCACHE_CCPERIOD=${PCACHE_CCPERIOD-"2"}
21 PCACHETTR=${PCACHETTR-"2"}
22 PCACHEBTTR=${PCACHEBTTR-"5"}
24 . $SRCDIR/scripts/defines.sh
26 if test $PROXYCACHE = pcacheno; then
27 echo "Proxy cache overlay not available, test skipped"
31 if test $BACKLDAP = "ldapno" ; then
32 echo "LDAP backend not available, test skipped"
36 if test $BACKEND = ldif ; then
37 # The (mail=example.com*) queries hit a sizelimit, so which
38 # entry is returned depends on the ordering in the backend.
39 echo "Test does not support $BACKEND backend, test skipped"
43 mkdir -p $TESTDIR $DBDIR1 $DBDIR2
49 # - perform first set of searches at the proxy
50 # - verify cacheability
51 # - perform second set of searches at the proxy
52 # - verify answerability
54 echo "Starting master slapd on TCP/IP port $PORT1..."
55 . $CONFFILTER < $CACHEMASTERCONF > $CONF1
56 $SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 &
58 if test $WAIT != 0 ; then
66 echo "Using ldapsearch to check that master slapd is running..."
67 for i in 0 1 2 3 4 5; do
68 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
69 'objectclass=*' > /dev/null 2>&1
71 if test $RC = 0 ; then
74 echo "Waiting 5 seconds for slapd to start..."
78 if test $RC != 0 ; then
79 echo "ldapsearch failed ($RC)!"
80 test $KILLSERVERS != no && kill -HUP $KILLPIDS
84 echo "Using ldapadd to populate the master directory..."
85 $LDAPADD -x -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD < \
86 $LDIFORDERED > /dev/null 2>&1
88 if test $RC != 0 ; then
89 echo "ldapadd failed ($RC)!"
90 test $KILLSERVERS != no && kill -HUP $KILLPIDS
94 echo "Starting proxy cache on TCP/IP port $PORT2..."
95 . $CONFFILTER < $PROXYCACHECONF | sed \
96 -e "s/@TTL@/${PCACHETTL}/" \
97 -e "s/@NTTL@/${PCACHENTTL}/" \
98 -e "s/@STTL@/${PCACHENTTL}/" \
99 -e "s/@TTR@/${PCACHETTR}/" \
100 -e "s/@ENTRY_LIMIT@/${PCACHE_ENTRY_LIMIT}/" \
101 -e "s/@CCPERIOD@/${PCACHE_CCPERIOD}/" \
102 -e "s/@BTTR@/${PCACHEBTTR}/" \
105 $SLAPD -f $CONF2 -h $URI2 -d $LVL -d pcache > $LOG2 2>&1 &
107 if test $WAIT != 0 ; then
108 echo CACHEPID $CACHEPID
111 KILLPIDS="$KILLPIDS $CACHEPID"
115 echo "Using ldapsearch to check that proxy slapd is running..."
116 for i in 0 1 2 3 4 5; do
117 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT2 \
118 'objectclass=*' > /dev/null 2>&1
120 if test $RC = 0 ; then
123 echo "Waiting 5 seconds for slapd to start..."
127 if test $RC != 0 ; then
128 echo "ldapsearch failed ($RC)!"
129 test $KILLSERVERS != no && kill -HUP $KILLPIDS
133 cat /dev/null > $SEARCHOUT
135 echo "Making queries on the proxy cache..."
140 echo "Query $CNT: filter:$FILTER attrs:all (expect nothing)"
141 echo "# Query $CNT: filter:$FILTER attrs:all (expect nothing)" >> $SEARCHOUT
142 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
143 "$FILTER" >> $SEARCHOUT 2>> $TESTOUT
145 if test $RC != 0 ; then
146 echo "ldapsearch failed ($RC)!"
147 test $KILLSERVERS != no && kill -HUP $KILLPIDS
151 # ITS#4491, if debug messages are unavailable, we can't verify the tests.
152 grep "query template" $LOG2 > /dev/null
154 if test $RC != 0 ; then
155 echo "Debug messages unavailable, test aborted..."
156 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
161 FILTER="(|(cn=*Jon*)(sn=Jon*))"
162 ATTRS="cn sn title uid"
163 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
164 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
165 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
166 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
168 if test $RC != 0 ; then
169 echo "ldapsearch failed ($RC)!"
170 test $KILLSERVERS != no && kill -HUP $KILLPIDS
177 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
178 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
179 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
180 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
182 if test $RC != 0 ; then
183 echo "ldapsearch failed ($RC)!"
184 test $KILLSERVERS != no && kill -HUP $KILLPIDS
190 ATTRS="cn sn title uid"
191 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
192 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
193 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
194 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
196 if test $RC != 0 ; then
197 echo "ldapsearch failed ($RC)!"
198 test $KILLSERVERS != no && kill -HUP $KILLPIDS
204 ATTRS="mail postaladdress telephonenumber cn uid"
205 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
206 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
207 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
208 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
210 if test $RC != 0 ; then
211 echo "ldapsearch failed ($RC)!"
212 test $KILLSERVERS != no && kill -HUP $KILLPIDS
217 FILTER="(mail=*@mail.alumni.example.com)"
218 ATTRS="cn sn title uid"
219 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
220 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
221 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
222 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
224 if test $RC != 0 ; then
225 echo "ldapsearch failed ($RC)!"
226 test $KILLSERVERS != no && kill -HUP $KILLPIDS
232 ATTRS="cn sn title uid"
233 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
234 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
235 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
236 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
238 if test $RC != 0 ; then
239 echo "ldapsearch failed ($RC)!"
240 test $KILLSERVERS != no && kill -HUP $KILLPIDS
245 FILTER="(mail=*example.com)"
246 ATTRS="cn sn title uid"
247 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
249 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
250 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
251 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
252 -D "$USERDN" -w "$UPASSWD" \
253 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
257 echo "ldapsearch should have failed!"
258 test $KILLSERVERS != no && kill -HUP $KILLPIDS
262 echo "ldapsearch failed ($RC)"
265 echo "ldapsearch failed ($RC)!"
266 test $KILLSERVERS != no && kill -HUP $KILLPIDS
274 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
276 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
277 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
278 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
279 -D "$USERDN" -w "$UPASSWD" \
280 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
284 echo "ldapsearch should have failed!"
285 test $KILLSERVERS != no && kill -HUP $KILLPIDS
289 echo "ldapsearch failed ($RC)"
292 echo "ldapsearch failed ($RC)!"
293 test $KILLSERVERS != no && kill -HUP $KILLPIDS
299 FILTER="(|(cn=All Staff)(sn=All Staff))"
300 ATTRS="sn cn title uid undefinedAttr"
301 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
302 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
303 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
304 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
306 if test $RC != 0 ; then
307 echo "ldapsearch failed ($RC)!"
308 test $KILLSERVERS != no && kill -HUP $KILLPIDS
314 # queries 2-6,8-10 are cacheable
315 CACHEABILITY=0111110111
316 grep CACHEABLE $LOG2 | awk '{
318 printf "Query %d not cacheable\n",NR
320 printf "Query %d cacheable\n",NR
322 CACHED=`grep CACHEABLE $LOG2 | awk '{
329 if test "$CACHEABILITY" = "$CACHED" ; then
330 echo "Successfully verified cacheability"
332 echo "Error in verifying cacheability"
333 test $KILLSERVERS != no && kill -HUP $KILLPIDS
338 FILTER="(|(cn=*Jones)(sn=Jones))"
339 ATTRS="cn sn title uid"
340 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
341 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
342 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
343 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
345 if test $RC != 0 ; then
346 echo "ldapsearch failed ($RC)!"
347 test $KILLSERVERS != no && kill -HUP $KILLPIDS
353 ATTRS="cn sn title uid"
354 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
355 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
356 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
357 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
359 if test $RC != 0 ; then
360 echo "ldapsearch failed ($RC)!"
361 test $KILLSERVERS != no && kill -HUP $KILLPIDS
367 ATTRS="mail postaladdress telephonenumber cn uid"
368 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
369 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
370 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
371 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
373 if test $RC != 0 ; then
374 echo "ldapsearch failed ($RC)!"
375 test $KILLSERVERS != no && kill -HUP $KILLPIDS
380 FILTER="(mail=jaj@mail.alumni.example.com)"
381 ATTRS="cn sn title uid"
382 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
383 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
384 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
385 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
388 if test $RC != 0 ; then
389 echo "ldapsearch failed ($RC)!"
390 test $KILLSERVERS != no && kill -HUP $KILLPIDS
395 FILTER="(mail=*example.com)"
396 ATTRS="cn sn title uid"
397 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
399 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
400 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
401 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
402 -D "$USERDN" -w "$UPASSWD" \
403 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
407 echo "ldapsearch should have failed!"
408 test $KILLSERVERS != no && kill -HUP $KILLPIDS
412 echo "ldapsearch failed ($RC)"
415 echo "ldapsearch failed ($RC)!"
416 test $KILLSERVERS != no && kill -HUP $KILLPIDS
424 USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
426 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
427 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
428 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
429 -D "$USERDN" -w "$UPASSWD" \
430 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
434 echo "ldapsearch should have failed!"
435 test $KILLSERVERS != no && kill -HUP $KILLPIDS
439 echo "ldapsearch failed ($RC)"
442 echo "ldapsearch failed ($RC)!"
443 test $KILLSERVERS != no && kill -HUP $KILLPIDS
449 FILTER="(|(cn=All Staff)(sn=All Staff))"
450 ATTRS="sn cn title uid undefinedAttr"
451 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
452 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
453 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
454 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
456 if test $RC != 0 ; then
457 echo "ldapsearch failed ($RC)!"
458 test $KILLSERVERS != no && kill -HUP $KILLPIDS
462 #queries 11-13,16-17 are answerable, 14-15 are not
463 #actually, 14 would be answerable, but since 8 made mail=*example.com
464 #not answerable because of sizelimit, queries contained in it are no longer
466 ANSWERABILITY=1110011
467 grep ANSWERABLE $LOG2 | awk "BEGIN {FIRST=$FIRST}"'{
470 printf "Query %d not answerable\n",NR
472 printf "Query %d answerable\n",NR
475 ANSWERED=`grep ANSWERABLE $LOG2 | awk "BEGIN {FIRST=$FIRST}"'{
484 if test "$ANSWERABILITY" = "$ANSWERED" ; then
485 echo "Successfully verified answerability"
487 echo "Error in verifying answerability"
488 test $KILLSERVERS != no && kill -HUP $KILLPIDS
492 echo "Filtering ldapsearch results..."
493 $LDIFFILTER -s ldif=a < $SEARCHOUT > $SEARCHFLT
494 echo "Filtering original ldif..."
495 $LDIFFILTER -s ldif=a < $PROXYCACHEOUT > $LDIFFLT
496 echo "Comparing filter output..."
497 $CMP $SEARCHFLT $LDIFFLT > $CMPOUT
499 if test $? != 0 ; then
500 echo "Comparison failed"
501 test $KILLSERVERS != no && kill -HUP $KILLPIDS
506 echo "Testing cache refresh"
509 FILTER="(&(objectclass=person)(uid=dots))"
510 ATTRS="cn mail telephonenumber"
511 echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
512 echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
513 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
514 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
516 if test $RC != 0 ; then
517 echo "ldapsearch failed ($RC)!"
518 test $KILLSERVERS != no && kill -HUP $KILLPIDS
522 $LDAPMODIFY -x -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD <<EOF \
524 dn: cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com
527 mail: dots@admin.example2.com
532 if test $RC != 0 ; then
533 echo "ldapmodify failed ($RC)!"
534 test $KILLSERVERS != no && kill -HUP $KILLPIDS
538 SLEEP=`expr $PCACHETTR + $PCACHE_CCPERIOD`
539 echo "Waiting $SLEEP seconds for cache to refresh"
543 echo "Checking entry again"
544 $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
545 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
547 if test $RC != 0 ; then
548 echo "ldapsearch failed ($RC)!"
549 test $KILLSERVERS != no && kill -HUP $KILLPIDS
553 grep "^mail: dots@admin" $SEARCHOUT > /dev/null
555 if test $RC != 0 ; then
556 echo "Refresh failed"
557 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
562 echo "Testing Bind caching"
565 USERDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
567 echo "Query $CNT: $USERDN"
568 echo "# Query $CNT: $USERDN" >> $SEARCHOUT
569 $LDAPSEARCH -S "" -b "" -s base -h $LOCALHOST -p $PORT2 \
570 -D "$USERDN" -w "$UPASSWD" >> $SEARCHOUT 2>> $TESTOUT
572 if test $RC != 0 ; then
573 echo "ldapsearch failed ($RC)!"
574 test $KILLSERVERS != no && kill -HUP $KILLPIDS
578 grep "CACHING BIND" $LOG2 > /dev/null
580 if test $RC != 0 ; then
581 echo "Refresh failed"
582 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
587 USERDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
589 echo "Query $CNT: (Bind should be cached)"
590 echo "# Query $CNT: (Bind should be cached)" >> $SEARCHOUT
591 $LDAPSEARCH -S "" -b "" -s base -h $LOCALHOST -p $PORT2 \
592 -D "$USERDN" -w "$UPASSWD" >> $SEARCHOUT 2>> $TESTOUT
594 if test $RC != 0 ; then
595 echo "ldapsearch failed ($RC)!"
596 test $KILLSERVERS != no && kill -HUP $KILLPIDS
600 grep "CACHED BIND" $LOG2 > /dev/null
602 if test $RC != 0 ; then
603 echo "Refresh failed"
604 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
609 echo "Testing pwdModify"
610 $LDAPPASSWD -h $LOCALHOST -p $PORT2 \
611 -D "$MANAGERDN" -w "$PASSWD" -s newpw "$USERDN" >> $TESTOUT 2>&1
613 if test $RC != 0 ; then
614 echo "ldappasswd failed ($RC)!"
615 test $KILLSERVERS != no && kill -HUP $KILLPIDS
619 RC=`grep "CACH.* BIND" $LOG2 | wc -l`
620 if test $RC != 3 ; then
621 echo "ldappasswd didn't update the cache"
622 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
627 USERDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
629 echo "Query $CNT: (Bind should be cached)"
630 echo "# Query $CNT: (Bind should be cached)" >> $SEARCHOUT
631 $LDAPSEARCH -S "" -b "" -s base -h $LOCALHOST -p $PORT2 \
632 -D "$USERDN" -w "$UPASSWD" >> $SEARCHOUT 2>> $TESTOUT
634 if test $RC != 0 ; then
635 echo "ldapsearch failed ($RC)!"
636 test $KILLSERVERS != no && kill -HUP $KILLPIDS
640 RC=`grep "CACH.* BIND" $LOG2 | wc -l`
641 if test $RC != 4 ; then
642 echo "Bind wasn't answered from cache"
643 test $KILLSERVERS != no && kill -HUP $KILLPIDS && wait
646 test $KILLSERVERS != no && kill -HUP $KILLPIDS
648 echo ">>>>> Test succeeded"
650 test $KILLSERVERS != no && wait