3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 ## Copyright 2004-2006 The OpenLDAP Foundation.
6 ## All rights reserved.
8 ## Redistribution and use in source and binary forms, with or without
9 ## modification, are permitted only as authorized by the OpenLDAP
12 ## A copy of this license is available in the file LICENSE in the
13 ## top-level directory of the distribution or, alternatively, at
14 ## <http://www.OpenLDAP.org/license.html>.
16 echo "running defines.sh"
17 . $SRCDIR/scripts/defines.sh
19 PERSONAL="(objectClass=inetOrgPerson)"
21 FAILURE="additional info:"
23 if test $TRANSLUCENT = translucentno ; then
24 echo "Translucent Proxy overlay not available, test skipped"
28 if test $AC_ldap = ldapno ; then
29 echo "Translucent Proxy overlay requires back-ldap backend, test skipped"
34 mkdir -p $TESTDIR $DBDIR1
36 . $CONFFILTER $BACKEND $MONITORDB < $TRANSLUCENTREMOTECONF > $CONF1
37 echo "Running slapadd to build remote slapd database..."
38 $SLAPADD -f $CONF1 -l $LDIFTRANSLUCENTCONFIG
40 if test $RC != 0 ; then
41 echo "slapadd failed ($RC)!"
45 echo "Starting remote slapd on TCP/IP port $PORT1..."
46 $SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
48 if test $WAIT != 0 ; then
57 for i in 0 1 2 3 4 5; do
58 $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
59 'objectclass=*' > /dev/null 2>&1
61 if test $RC = 0 ; then
64 echo "Waiting 5 seconds for remote slapd to start..."
68 if test $RC != 0 ; then
69 echo "ldapsearch failed ($RC)!"
70 test $KILLSERVERS != no && kill -HUP $KILLPIDS
77 . $CONFFILTER $BACKEND $MONITORDB < $TRANSLUCENTLOCALCONF > $CONF2
79 echo "Starting local slapd on TCP/IP port $PORT2..."
80 $SLAPD -f $CONF2 -h $URI2 -d $LVL $TIMING > $LOG2 2>&1 &
82 if test $WAIT != 0 ; then
87 KILLPIDS="$LOCALPID $REMOTEPID"
91 for i in 0 1 2 3 4 5; do
92 $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \
93 'objectclass=*' > /dev/null 2>&1
95 if test $RC = 0 ; then
98 echo "Waiting 5 seconds for local slapd to start..."
102 if test $RC != 0 ; then
103 echo "ldapsearch failed ($RC)!"
104 test $KILLSERVERS != no && kill -HUP $KILLPIDS
108 echo "Testing slapd Translucent Proxy operations..."
110 echo "Testing search: no remote data defined..."
112 $LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" >$SEARCHOUT 2>&1
115 if test $RC != 0 ; then
116 echo "ldapsearch failed ($RC)!"
117 test $KILLSERVERS != no && kill -HUP $KILLPIDS
121 if test -s $SEARCHOUT; then
122 echo "ldapsearch should have returned no records!"
123 test $KILLSERVERS != no && kill -HUP $KILLPIDS
127 echo "Populating remote database..."
129 $LDAPADD -D "$TRANSLUCENTROOT" -H $URI1 \
130 -w $PASSWD < $LDIFTRANSLUCENTDATA > $NOWHERE 2>&1
133 if test $RC != 0 ; then
134 echo "ldapadd failed ($RC)!"
135 test $KILLSERVERS != no && kill -HUP $KILLPIDS
139 echo "Testing search: remote database via local slapd..."
141 $LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" > $SEARCHOUT 2>&1
144 if test $RC != 0 ; then
145 echo "ldapsearch failed ($RC)!"
146 test $KILLSERVERS != no && kill -HUP $KILLPIDS
150 . $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
151 . $LDIFFILTER < $LDIFTRANSLUCENTDATA > $LDIFFLT
152 $CMP $SEARCHFLT $LDIFFLT > $CMPOUT
154 if test $? != 0 ; then
155 echo "Comparison failed -- corruption from remote to local!"
156 test $KILLSERVERS != no && kill -HUP $KILLPIDS
160 echo "Testing add: prohibited local record..."
162 $LDAPADD -D "$TRANSLUCENTDN" -H $URI2 \
163 -w $TRANSLUCENTPASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1
166 if test $RC != 50 ; then
167 echo "ldapadd failed ($RC), expected INSUFFICIENT ACCESS!"
168 grep "$FAILURE" $TESTOUT
169 test $KILLSERVERS != no && kill -HUP $KILLPIDS
173 echo "Testing add: valid local record, no_glue..."
175 $LDAPADD -v -v -v -D "$TRANSLUCENTROOT" -H $URI2 \
176 -w $PASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1
179 if test $RC != 32 ; then
180 echo "ldapadd failed ($RC), expected NO SUCH OBJECT!"
181 grep "$FAILURE" $TESTOUT
182 test $KILLSERVERS != no && kill -HUP $KILLPIDS
186 echo "Testing modrdn: valid local record, no_glue..."
188 $LDAPMODRDN -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
189 $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy'
192 if test $RC != 32 ; then
193 echo "ldapmodrdn failed ($RC), expected NO SUCH OBJECT!"
194 grep "$FAILURE" $TESTOUT
195 test $KILLSERVERS != no && kill -HUP $KILLPIDS
199 echo "Shutting down local slapd..."
203 echo "Configuring local slapd without translucent_no_glue..."
204 . $CONFFILTER $BACKEND $MONITORDB < $TRANSLUCENTLOCALCONF | \
205 grep -v translucent_no_glue > $CONF2
207 echo "Restarting local slapd on TCP/IP port $PORT2..."
208 $SLAPD -f $CONF2 -h $URI2 -d $LVL $TIMING >> $LOG2 2>&1 &
210 if test $WAIT != 0 ; then
215 KILLPIDS="$REMOTEPID $PID"
219 for i in 0 1 2 3 4 5; do
220 $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \
221 'objectclass=*' > /dev/null 2>&1
223 if test $RC = 0 ; then
226 echo "Waiting 5 seconds for local slapd to start..."
230 if test $RC != 0 ; then
231 echo "ldapsearch failed ($RC)!"
232 test $KILLSERVERS != no && kill -HUP $KILLPIDS
236 echo "Testing add: valid local record..."
238 $LDAPADD -D "$TRANSLUCENTROOT" -H $URI2 \
239 -w $PASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1
242 if test $RC != 0 ; then
243 echo "ldapadd failed ($RC)!"
244 grep "$FAILURE" $TESTOUT
245 test $KILLSERVERS != no && kill -HUP $KILLPIDS
249 echo "Testing search: data merging..."
251 $LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" > $SEARCHOUT 2>&1
254 if test $RC != 0 ; then
255 echo "ldapsearch failed ($RC)!"
256 test $KILLSERVERS != no && kill -HUP $KILLPIDS
260 . $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
261 $CMP $SEARCHFLT $LDIFTRANSLUCENTMERGED > $CMPOUT
263 if test $? != 0 ; then
264 echo "Comparison failed -- local data failed to merge with remote!"
265 test $KILLSERVERS != no && kill -HUP $KILLPIDS
269 echo "Testing compare: valid local..."
271 $LDAPCOMPARE -z -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \
272 "uid=danger,ou=users,o=translucent" "carLicense:LIVID"
275 if test $RC != 6 ; then
276 echo "ldapcompare failed ($RC), expected TRUE!"
277 test $KILLSERVERS != no && kill -HUP $KILLPIDS
281 echo "Testing compare: valid remote..."
283 $LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \
284 "uid=binder,o=translucent" "businessCategory:binder-test-user"
287 if test $RC != 6 ; then
288 echo "ldapcompare failed ($RC), expected TRUE!"
289 test $KILLSERVERS != no && kill -HUP $KILLPIDS
293 echo "Testing compare: bogus local..."
295 $LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \
296 "uid=danger,ou=users,o=translucent" "businessCategory:invalid-test-value"
299 if test $RC != 5 ; then
300 echo "ldapcompare failed ($RC), expected FALSE!"
301 test $KILLSERVERS != no && kill -HUP $KILLPIDS
305 echo "Testing compare: bogus remote..."
307 $LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \
308 "uid=binder,o=translucent" "businessCategory:invalid-test-value"
311 if test $RC != 5 ; then
312 echo "ldapcompare failed ($RC), expected FALSE!"
313 test $KILLSERVERS != no && kill -HUP $KILLPIDS
317 echo "Testing modify: nonexistent record..."
319 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
320 $TESTOUT 2>&1 << EOF_MOD
322 dn: uid=bogus,ou=users,o=translucent
329 if test $RC != 32 ; then
330 echo "ldapmodify failed ($RC), expected NO SUCH OBJECT!"
331 grep "$FAILURE" $TESTOUT
332 test $KILLSERVERS != no && kill -HUP $KILLPIDS
336 echo "Testing modify: valid local record, nonexistent attribute..."
338 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
339 $TESTOUT 2>&1 << EOF_MOD1
341 dn: uid=danger,ou=users,o=translucent
348 if test $RC != 0 ; then
349 echo "ldapmodify failed ($RC)!"
350 grep "$FAILURE" $TESTOUT
351 test $KILLSERVERS != no && kill -HUP $KILLPIDS
355 $LDAPSEARCH -H $URI2 -b "uid=danger,ou=users,o=translucent" > $SEARCHOUT 2>&1
358 if test $RC != 0 ; then
359 echo "ldapsearch failed ($RC)!"
360 test $KILLSERVERS != no && kill -HUP $KILLPIDS
364 ATTR=`grep roomNumber $SEARCHOUT` > $NOWHERE 2>&1
365 if test "$ATTR" != "roomNumber: 9N-21" ; then
366 echo "modification failed!"
367 test $KILLSERVERS != no && kill -HUP $KILLPIDS
371 echo "Testing search: specific nonexistent remote attribute..."
373 $LDAPSEARCH -H $URI2 -b "uid=danger,ou=users,o=translucent" roomNumber > $SEARCHOUT 2>&1
376 if test $RC != 0 ; then
377 echo "ldapsearch failed ($RC)!"
378 test $KILLSERVERS != no && kill -HUP $KILLPIDS
382 echo "Testing modify: nonexistent local record, nonexistent attribute..."
384 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
385 $TESTOUT 2>&1 << EOF_MOD2
387 dn: uid=fred,ou=users,o=translucent
394 if test $RC != 0 ; then
395 echo "ldapmodify failed ($RC)!"
396 grep "$FAILURE" $TESTOUT
397 test $KILLSERVERS != no && kill -HUP $KILLPIDS
401 $LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1
404 if test $RC != 0 ; then
405 echo "ldapsearch failed ($RC)!"
406 test $KILLSERVERS != no && kill -HUP $KILLPIDS
410 ATTR=`grep roomNumber $SEARCHOUT` > $NOWHERE 2>&1
411 if test "$ATTR" != "roomNumber: 31J-2112" ; then
412 echo "modification failed!"
413 test $KILLSERVERS != no && kill -HUP $KILLPIDS
417 echo "Testing modify: valid remote record, nonexistent attribute..."
419 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
420 $TESTOUT 2>&1 << EOF_MOD9
422 dn: uid=fred,ou=users,o=translucent
424 delete: preferredLanguage
428 if test $RC != 16 ; then
429 echo "ldapmodify failed ($RC), expected NO SUCH ATTRIBUTE!"
430 grep "$FAILURE" $TESTOUT
431 test $KILLSERVERS != no && kill -HUP $KILLPIDS
435 echo "Testing delete: valid local record, nonexistent attribute..."
437 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
438 $TESTOUT 2>&1 << EOF_MOD4
440 dn: uid=fred,ou=users,o=translucent
446 if test $RC != 0 ; then
447 echo "ldapmodify failed ($RC)!"
448 grep "$FAILURE" $TESTOUT
449 test $KILLSERVERS != no && kill -HUP $KILLPIDS
453 echo "Testing modrdn: prohibited local record..."
455 $LDAPMODRDN -D "$TRANSLUCENTDN" -H $URI2 -w $TRANSLUCENTPASSWD > \
456 $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy'
459 if test $RC != 50 ; then
460 echo "ldapmodrdn failed ($RC), expected INSUFFICIENT ACCESS!"
461 grep "$FAILURE" $TESTOUT
462 test $KILLSERVERS != no && kill -HUP $KILLPIDS
466 echo "Testing modrdn: valid local record..."
468 $LDAPMODRDN -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
469 $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy'
472 if test $RC != 0 ; then
473 echo "ldapmodrdn failed ($RC)!"
474 grep "$FAILURE" $TESTOUT
475 test $KILLSERVERS != no && kill -HUP $KILLPIDS
479 echo "Testing delete: prohibited local record..."
481 $LDAPMODIFY -v -D "$TRANSLUCENTDN" -H $URI2 -w $TRANSLUCENTPASSWD > \
482 $TESTOUT 2>&1 << EOF_DEL2
484 dn: uid=someguy,ou=users,o=translucent
489 if test $RC != 50 ; then
490 echo "ldapadd failed ($RC), expected INSUFFICIENT ACCESS!"
491 grep "$FAILURE" $TESTOUT
492 test $KILLSERVERS != no && kill -HUP $KILLPIDS
496 echo "Testing delete: valid local record..."
498 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
499 $TESTOUT 2>&1 << EOF_DEL3
501 dn: uid=someguy,ou=users,o=translucent
506 if test $RC != 0 ; then
507 echo "ldapmodify failed ($RC)!"
508 grep "$FAILURE" $TESTOUT
509 test $KILLSERVERS != no && kill -HUP $KILLPIDS
513 echo "Testing delete: valid remote record..."
515 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
516 $TESTOUT 2>&1 << EOF_DEL8
518 dn: uid=fred,ou=users,o=translucent
523 if test $RC != 32 ; then
524 echo "ldapmodify failed ($RC), expected NO SUCH OBJECT!"
525 grep "$FAILURE" $TESTOUT
526 test $KILLSERVERS != no && kill -HUP $KILLPIDS
530 echo "Testing delete: nonexistent local record, nonexistent attribute..."
532 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
533 $TESTOUT 2>&1 << EOF_DEL1
535 dn: uid=fred,ou=users,o=translucent
541 if test $RC != 0 ; then
542 echo "ldapmodify failed ($RC)!"
543 grep "$FAILURE" $TESTOUT
544 test $KILLSERVERS != no && kill -HUP $KILLPIDS
548 $LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1
551 if test $RC != 0 ; then
552 echo "ldapsearch failed ($RC)!"
553 test $KILLSERVERS != no && kill -HUP $KILLPIDS
557 echo "Testing delete: valid local record, nonexistent attribute..."
559 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
560 $TESTOUT 2>&1 << EOF_MOD8
562 dn: uid=danger,ou=users,o=translucent
564 delete: preferredLanguage
568 if test $RC != 16 ; then
569 echo "ldapmodify failed ($RC), expected NO SUCH ATTRIBUTE!"
570 grep "$FAILURE" $TESTOUT
571 test $KILLSERVERS != no && kill -HUP $KILLPIDS
575 echo "Testing modify: valid remote record, combination add-modify-delete..."
577 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
578 $TESTOUT 2>&1 << EOF_MOD6
580 dn: uid=fred,ou=users,o=translucent
584 add: preferredLanguage
585 preferredLanguage: ISO8859-1
587 replace: employeeType
588 employeeType: consultant
592 if test $RC != 0 ; then
593 echo "ldapmodify failed ($RC)!"
594 grep "$FAILURE" $TESTOUT
595 test $KILLSERVERS != no && kill -HUP $KILLPIDS
599 $LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1
602 if test $RC != 0 ; then
603 echo "ldapsearch failed ($RC)!"
604 test $KILLSERVERS != no && kill -HUP $KILLPIDS
608 ATTR=`grep employeeType $SEARCHOUT` > $NOWHERE 2>&1
609 if test "$ATTR" != "employeeType: consultant" ; then
610 echo "modification failed!"
611 test $KILLSERVERS != no && kill -HUP $KILLPIDS
615 ATTR=`grep preferredLanguage $SEARCHOUT` > $NOWHERE 2>&1
616 if test "$ATTR" != "preferredLanguage: ISO8859-1" ; then
617 echo "modification failed!"
618 test $KILLSERVERS != no && kill -HUP $KILLPIDS
622 echo "Shutting down local slapd..."
626 echo "Configuring local slapd with translucent_strict..."
627 echo translucent_strict >> $CONF2
629 echo "Restarting slapd on TCP/IP port $PORT2..."
630 $SLAPD -f $CONF2 -h $URI2 -d $LVL $TIMING >> $LOG2 2>&1 &
632 if test $WAIT != 0 ; then
637 KILLPIDS="$REMOTEPID $PID"
641 for i in 0 1 2 3 4 5; do
642 $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \
643 'objectclass=*' > /dev/null 2>&1
645 if test $RC = 0 ; then
648 echo "Waiting 5 seconds for local slapd to start..."
652 if test $RC != 0 ; then
653 echo "ldapsearch failed ($RC)!"
654 test $KILLSERVERS != no && kill -HUP $KILLPIDS
658 echo "Testing strict mode delete: nonexistent local attribute..."
660 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
661 $TESTOUT 2>&1 << EOF_MOD5
663 dn: uid=example,ou=users,o=translucent
665 delete: preferredLanguage
669 if test $RC != 19 ; then
670 echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!"
671 grep "$FAILURE" $TESTOUT
672 test $KILLSERVERS != no && kill -HUP $KILLPIDS
676 echo "Testing strict mode delete: nonexistent remote attribute..."
678 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
679 $TESTOUT 2>&1 << EOF_MOD3
681 dn: uid=danger,ou=users,o=translucent
687 if test $RC != 19 ; then
688 echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!"
689 grep "$FAILURE" $TESTOUT
690 test $KILLSERVERS != no && kill -HUP $KILLPIDS
694 echo "Testing strict mode modify: combination add-modify-delete..."
696 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
697 $TESTOUT 2>&1 << EOF_MOD6
699 dn: uid=example,ou=users,o=translucent
703 add: preferredLanguage
704 preferredLanguage: ISO8859-1
706 replace: employeeType
707 employeeType: consultant
711 if test $RC != 19 ; then
712 echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!"
713 grep "$FAILURE" $TESTOUT
714 test $KILLSERVERS != no && kill -HUP $KILLPIDS
718 echo "Testing invalid Bind request..."
719 $LDAPWHOAMI -D "$TRANSLUCENTDN" -H $URI2 -w Wrong"$TRANSLUCENTPASSWD" > \
722 if test $RC != 49 ; then
723 echo "ldapwhoami failed ($RC), expected INVALID CREDENTIALS!"
724 grep "$FAILURE" $TESTOUT
725 test $KILLSERVERS != no && kill -HUP $KILLPIDS
729 $LDAPWHOAMI -D "$TRANSLUCENTDN" -H $URI2 -w "$TRANSLUCENTPASSWD" > \
732 if test $RC != 0 ; then
733 echo "ldapwhoami failed ($RC), expected SUCCESS!"
734 grep "$FAILURE" $TESTOUT
735 test $KILLSERVERS != no && kill -HUP $KILLPIDS
739 test $KILLSERVERS != no && kill -HUP $KILLPIDS
741 echo ">>>>> Test succeeded"
743 test $KILLSERVERS != no && wait