3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 ## Copyright 2004-2007 The OpenLDAP Foundation.
6 ## All rights reserved.
8 ## Redistribution and use in source and binary forms, with or without
9 ## modification, are permitted only as authorized by the OpenLDAP
12 ## A copy of this license is available in the file LICENSE in the
13 ## top-level directory of the distribution or, alternatively, at
14 ## <http://www.OpenLDAP.org/license.html>.
16 echo "running defines.sh"
17 . $SRCDIR/scripts/defines.sh
19 PERSONAL="(objectClass=inetOrgPerson)"
21 FAILURE="additional info:"
23 if test $TRANSLUCENT = translucentno ; then
24 echo "Translucent Proxy overlay not available, test skipped"
28 if test $AC_ldap = ldapno ; then
29 echo "Translucent Proxy overlay requires back-ldap backend, test skipped"
34 mkdir -p $TESTDIR $DBDIR1
36 . $CONFFILTER $BACKEND $MONITORDB < $TRANSLUCENTREMOTECONF > $CONF1
37 echo "Running slapadd to build remote slapd database..."
38 $SLAPADD -f $CONF1 -l $LDIFTRANSLUCENTCONFIG
40 if test $RC != 0 ; then
41 echo "slapadd failed ($RC)!"
45 echo "Starting remote slapd on TCP/IP port $PORT1..."
46 $SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
48 if test $WAIT != 0 ; then
57 for i in 0 1 2 3 4 5; do
58 $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
59 'objectclass=*' > /dev/null 2>&1
61 if test $RC = 0 ; then
64 echo "Waiting 5 seconds for remote slapd to start..."
68 if test $RC != 0 ; then
69 echo "ldapsearch failed ($RC)!"
70 test $KILLSERVERS != no && kill -HUP $KILLPIDS
77 . $CONFFILTER $BACKEND $MONITORDB < $TRANSLUCENTLOCALCONF > $CONF2
79 echo "Starting local slapd on TCP/IP port $PORT2..."
80 $SLAPD -f $CONF2 -h $URI2 -d $LVL $TIMING > $LOG2 2>&1 &
82 if test $WAIT != 0 ; then
87 KILLPIDS="$LOCALPID $REMOTEPID"
91 for i in 0 1 2 3 4 5; do
92 $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \
93 'objectclass=*' > /dev/null 2>&1
95 if test $RC = 0 ; then
98 echo "Waiting 5 seconds for local slapd to start..."
102 if test $RC != 0 ; then
103 echo "ldapsearch failed ($RC)!"
104 test $KILLSERVERS != no && kill -HUP $KILLPIDS
108 echo "Testing slapd Translucent Proxy operations..."
110 echo "Testing search: no remote data defined..."
112 $LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" >$SEARCHOUT 2>&1
115 if test $RC != 0 ; then
116 echo "ldapsearch failed ($RC)!"
117 test $KILLSERVERS != no && kill -HUP $KILLPIDS
121 if test -s $SEARCHOUT; then
122 echo "ldapsearch should have returned no records!"
123 test $KILLSERVERS != no && kill -HUP $KILLPIDS
127 echo "Populating remote database..."
129 $LDAPADD -D "$TRANSLUCENTROOT" -H $URI1 \
130 -w $PASSWD < $LDIFTRANSLUCENTDATA > $NOWHERE 2>&1
133 if test $RC != 0 ; then
134 echo "ldapadd failed ($RC)!"
135 test $KILLSERVERS != no && kill -HUP $KILLPIDS
139 echo "Testing search: remote database via local slapd..."
141 $LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" > $SEARCHOUT 2>&1
144 if test $RC != 0 ; then
145 echo "ldapsearch failed ($RC)!"
146 test $KILLSERVERS != no && kill -HUP $KILLPIDS
150 . $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
151 . $LDIFFILTER < $LDIFTRANSLUCENTDATA > $LDIFFLT
152 $CMP $SEARCHFLT $LDIFFLT > $CMPOUT
154 if test $? != 0 ; then
155 echo "Comparison failed -- corruption from remote to local!"
156 test $KILLSERVERS != no && kill -HUP $KILLPIDS
160 echo "Testing add: prohibited local record..."
162 $LDAPADD -D "$TRANSLUCENTDN" -H $URI2 \
163 -w $TRANSLUCENTPASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1
166 if test $RC != 50 ; then
167 echo "ldapadd failed ($RC), expected INSUFFICIENT ACCESS!"
168 grep "$FAILURE" $TESTOUT
169 test $KILLSERVERS != no && kill -HUP $KILLPIDS
173 echo "Testing add: valid local record, no_glue..."
175 $LDAPADD -v -v -v -D "$TRANSLUCENTROOT" -H $URI2 \
176 -w $PASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1
179 if test $RC != 32 ; then
180 echo "ldapadd failed ($RC), expected NO SUCH OBJECT!"
181 grep "$FAILURE" $TESTOUT
182 test $KILLSERVERS != no && kill -HUP $KILLPIDS
186 echo "Testing modrdn: valid local record, no_glue..."
188 $LDAPMODRDN -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
189 $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy'
192 if test $RC != 32 ; then
193 echo "ldapmodrdn failed ($RC), expected NO SUCH OBJECT!"
194 grep "$FAILURE" $TESTOUT
195 test $KILLSERVERS != no && kill -HUP $KILLPIDS
199 echo "Dynamically configuring local slapd without translucent_no_glue..."
201 $LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF
202 dn: olcOverlay={0}translucent,olcDatabase={2}$BACKEND,cn=config
204 replace: olcTranslucentNoGlue
205 olcTranslucentNoGlue: FALSE
208 if test $RC != 0 ; then
209 echo "ldapmodify of dynamic config failed ($RC)"
210 test $KILLSERVERS != no && kill -HUP $KILLPIDS
214 echo "Testing add: valid local record..."
216 $LDAPADD -D "$TRANSLUCENTROOT" -H $URI2 \
217 -w $PASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1
220 if test $RC != 0 ; then
221 echo "ldapadd failed ($RC)!"
222 grep "$FAILURE" $TESTOUT
223 test $KILLSERVERS != no && kill -HUP $KILLPIDS
227 echo "Testing search: data merging..."
229 $LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" > $SEARCHOUT 2>&1
232 if test $RC != 0 ; then
233 echo "ldapsearch failed ($RC)!"
234 test $KILLSERVERS != no && kill -HUP $KILLPIDS
238 . $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
239 $CMP $SEARCHFLT $LDIFTRANSLUCENTMERGED > $CMPOUT
241 if test $? != 0 ; then
242 echo "Comparison failed -- local data failed to merge with remote!"
243 test $KILLSERVERS != no && kill -HUP $KILLPIDS
247 echo "Testing compare: valid local..."
249 $LDAPCOMPARE -z -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \
250 "uid=danger,ou=users,o=translucent" "carLicense:LIVID"
253 if test $RC != 6 ; then
254 echo "ldapcompare failed ($RC), expected TRUE!"
255 test $KILLSERVERS != no && kill -HUP $KILLPIDS
259 echo "Testing compare: valid remote..."
261 $LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \
262 "uid=binder,o=translucent" "businessCategory:binder-test-user"
265 if test $RC != 6 ; then
266 echo "ldapcompare failed ($RC), expected TRUE!"
267 test $KILLSERVERS != no && kill -HUP $KILLPIDS
271 echo "Testing compare: bogus local..."
273 $LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \
274 "uid=danger,ou=users,o=translucent" "businessCategory:invalid-test-value"
277 if test $RC != 5 ; then
278 echo "ldapcompare failed ($RC), expected FALSE!"
279 test $KILLSERVERS != no && kill -HUP $KILLPIDS
283 echo "Testing compare: bogus remote..."
285 $LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \
286 "uid=binder,o=translucent" "businessCategory:invalid-test-value"
289 if test $RC != 5 ; then
290 echo "ldapcompare failed ($RC), expected FALSE!"
291 test $KILLSERVERS != no && kill -HUP $KILLPIDS
295 echo "Testing modify: nonexistent record..."
297 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
298 $TESTOUT 2>&1 << EOF_MOD
300 dn: uid=bogus,ou=users,o=translucent
307 if test $RC != 32 ; then
308 echo "ldapmodify failed ($RC), expected NO SUCH OBJECT!"
309 grep "$FAILURE" $TESTOUT
310 test $KILLSERVERS != no && kill -HUP $KILLPIDS
314 echo "Testing modify: valid local record, nonexistent attribute..."
316 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
317 $TESTOUT 2>&1 << EOF_MOD1
319 dn: uid=danger,ou=users,o=translucent
326 if test $RC != 0 ; then
327 echo "ldapmodify failed ($RC)!"
328 grep "$FAILURE" $TESTOUT
329 test $KILLSERVERS != no && kill -HUP $KILLPIDS
333 $LDAPSEARCH -H $URI2 -b "uid=danger,ou=users,o=translucent" > $SEARCHOUT 2>&1
336 if test $RC != 0 ; then
337 echo "ldapsearch failed ($RC)!"
338 test $KILLSERVERS != no && kill -HUP $KILLPIDS
342 ATTR=`grep roomNumber $SEARCHOUT` > $NOWHERE 2>&1
343 if test "$ATTR" != "roomNumber: 9N-21" ; then
344 echo "modification failed!"
345 test $KILLSERVERS != no && kill -HUP $KILLPIDS
349 echo "Testing search: specific nonexistent remote attribute..."
351 $LDAPSEARCH -H $URI2 -b "uid=danger,ou=users,o=translucent" roomNumber > $SEARCHOUT 2>&1
354 if test $RC != 0 ; then
355 echo "ldapsearch failed ($RC)!"
356 test $KILLSERVERS != no && kill -HUP $KILLPIDS
360 echo "Testing modify: nonexistent local record, nonexistent attribute..."
362 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
363 $TESTOUT 2>&1 << EOF_MOD2
365 dn: uid=fred,ou=users,o=translucent
372 if test $RC != 0 ; then
373 echo "ldapmodify failed ($RC)!"
374 grep "$FAILURE" $TESTOUT
375 test $KILLSERVERS != no && kill -HUP $KILLPIDS
379 $LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1
382 if test $RC != 0 ; then
383 echo "ldapsearch failed ($RC)!"
384 test $KILLSERVERS != no && kill -HUP $KILLPIDS
388 ATTR=`grep roomNumber $SEARCHOUT` > $NOWHERE 2>&1
389 if test "$ATTR" != "roomNumber: 31J-2112" ; then
390 echo "modification failed!"
391 test $KILLSERVERS != no && kill -HUP $KILLPIDS
395 echo "Testing modify: valid remote record, nonexistent attribute..."
397 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
398 $TESTOUT 2>&1 << EOF_MOD9
400 dn: uid=fred,ou=users,o=translucent
402 delete: preferredLanguage
406 if test $RC != 16 ; then
407 echo "ldapmodify failed ($RC), expected NO SUCH ATTRIBUTE!"
408 grep "$FAILURE" $TESTOUT
409 test $KILLSERVERS != no && kill -HUP $KILLPIDS
413 echo "Testing delete: valid local record, nonexistent attribute..."
415 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
416 $TESTOUT 2>&1 << EOF_MOD4
418 dn: uid=fred,ou=users,o=translucent
424 if test $RC != 0 ; then
425 echo "ldapmodify failed ($RC)!"
426 grep "$FAILURE" $TESTOUT
427 test $KILLSERVERS != no && kill -HUP $KILLPIDS
431 echo "Testing modrdn: prohibited local record..."
433 $LDAPMODRDN -D "$TRANSLUCENTDN" -H $URI2 -w $TRANSLUCENTPASSWD > \
434 $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy'
437 if test $RC != 50 ; then
438 echo "ldapmodrdn failed ($RC), expected INSUFFICIENT ACCESS!"
439 grep "$FAILURE" $TESTOUT
440 test $KILLSERVERS != no && kill -HUP $KILLPIDS
444 echo "Testing modrdn: valid local record..."
446 $LDAPMODRDN -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
447 $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy'
450 if test $RC != 0 ; then
451 echo "ldapmodrdn failed ($RC)!"
452 grep "$FAILURE" $TESTOUT
453 test $KILLSERVERS != no && kill -HUP $KILLPIDS
457 echo "Testing delete: prohibited local record..."
459 $LDAPMODIFY -v -D "$TRANSLUCENTDN" -H $URI2 -w $TRANSLUCENTPASSWD > \
460 $TESTOUT 2>&1 << EOF_DEL2
462 dn: uid=someguy,ou=users,o=translucent
467 if test $RC != 50 ; then
468 echo "ldapadd failed ($RC), expected INSUFFICIENT ACCESS!"
469 grep "$FAILURE" $TESTOUT
470 test $KILLSERVERS != no && kill -HUP $KILLPIDS
474 echo "Testing delete: valid local record..."
476 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
477 $TESTOUT 2>&1 << EOF_DEL3
479 dn: uid=someguy,ou=users,o=translucent
484 if test $RC != 0 ; then
485 echo "ldapmodify failed ($RC)!"
486 grep "$FAILURE" $TESTOUT
487 test $KILLSERVERS != no && kill -HUP $KILLPIDS
491 echo "Testing delete: valid remote record..."
493 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
494 $TESTOUT 2>&1 << EOF_DEL8
496 dn: uid=fred,ou=users,o=translucent
501 if test $RC != 32 ; then
502 echo "ldapmodify failed ($RC), expected NO SUCH OBJECT!"
503 grep "$FAILURE" $TESTOUT
504 test $KILLSERVERS != no && kill -HUP $KILLPIDS
508 echo "Testing delete: nonexistent local record, nonexistent attribute..."
510 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
511 $TESTOUT 2>&1 << EOF_DEL1
513 dn: uid=fred,ou=users,o=translucent
519 if test $RC != 0 ; then
520 echo "ldapmodify failed ($RC)!"
521 grep "$FAILURE" $TESTOUT
522 test $KILLSERVERS != no && kill -HUP $KILLPIDS
526 $LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1
529 if test $RC != 0 ; then
530 echo "ldapsearch failed ($RC)!"
531 test $KILLSERVERS != no && kill -HUP $KILLPIDS
535 echo "Testing delete: valid local record, nonexistent attribute..."
537 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
538 $TESTOUT 2>&1 << EOF_MOD8
540 dn: uid=danger,ou=users,o=translucent
542 delete: preferredLanguage
546 if test $RC != 16 ; then
547 echo "ldapmodify failed ($RC), expected NO SUCH ATTRIBUTE!"
548 grep "$FAILURE" $TESTOUT
549 test $KILLSERVERS != no && kill -HUP $KILLPIDS
553 echo "Testing delete: valid local record, remote attribute..."
555 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
556 $TESTOUT 2>&1 << EOF_MOD8
558 dn: uid=danger,ou=users,o=translucent
564 if test $RC != 0 ; then
565 echo "ldapmodify failed ($RC)"
566 grep "$FAILURE" $TESTOUT
567 test $KILLSERVERS != no && kill -HUP $KILLPIDS
571 echo "Testing modify: valid remote record, combination add-modify-delete..."
573 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
574 $TESTOUT 2>&1 << EOF_MOD6
576 dn: uid=fred,ou=users,o=translucent
580 add: preferredLanguage
581 preferredLanguage: ISO8859-1
583 replace: employeeType
584 employeeType: consultant
588 if test $RC != 0 ; then
589 echo "ldapmodify failed ($RC)!"
590 grep "$FAILURE" $TESTOUT
591 test $KILLSERVERS != no && kill -HUP $KILLPIDS
595 $LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1
598 if test $RC != 0 ; then
599 echo "ldapsearch failed ($RC)!"
600 test $KILLSERVERS != no && kill -HUP $KILLPIDS
604 ATTR=`grep employeeType $SEARCHOUT` > $NOWHERE 2>&1
605 if test "$ATTR" != "employeeType: consultant" ; then
606 echo "modification failed!"
607 test $KILLSERVERS != no && kill -HUP $KILLPIDS
611 ATTR=`grep preferredLanguage $SEARCHOUT` > $NOWHERE 2>&1
612 if test "$ATTR" != "preferredLanguage: ISO8859-1" ; then
613 echo "modification failed!"
614 test $KILLSERVERS != no && kill -HUP $KILLPIDS
618 echo "Dynamically configuring local slapd with translucent_no_glue and translucent_strict..."
620 $LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF
621 dn: olcOverlay={0}translucent,olcDatabase={2}$BACKEND,cn=config
623 replace: olcTranslucentNoGlue
624 olcTranslucentNoGlue: TRUE
626 replace: olcTranslucentStrict
627 olcTranslucentStrict: TRUE
630 if test $RC != 0 ; then
631 echo "ldapmodify of dynamic config failed ($RC)"
632 test $KILLSERVERS != no && kill -HUP $KILLPIDS
636 echo "Testing strict mode delete: nonexistent local attribute..."
638 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
639 $TESTOUT 2>&1 << EOF_MOD5
641 dn: uid=example,ou=users,o=translucent
643 delete: preferredLanguage
647 if test $RC != 19 ; then
648 echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!"
649 grep "$FAILURE" $TESTOUT
650 test $KILLSERVERS != no && kill -HUP $KILLPIDS
654 echo "Testing strict mode delete: nonexistent remote attribute..."
656 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
657 $TESTOUT 2>&1 << EOF_MOD3
659 dn: uid=danger,ou=users,o=translucent
665 if test $RC != 19 ; then
666 echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!"
667 grep "$FAILURE" $TESTOUT
668 test $KILLSERVERS != no && kill -HUP $KILLPIDS
672 echo "Testing strict mode modify: combination add-modify-delete..."
674 $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \
675 $TESTOUT 2>&1 << EOF_MOD6
677 dn: uid=example,ou=users,o=translucent
681 add: preferredLanguage
682 preferredLanguage: ISO8859-1
684 replace: employeeType
685 employeeType: consultant
689 if test $RC != 19 ; then
690 echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!"
691 grep "$FAILURE" $TESTOUT
692 test $KILLSERVERS != no && kill -HUP $KILLPIDS
696 echo "Testing invalid Bind request..."
697 $LDAPWHOAMI -D "$TRANSLUCENTDN" -H $URI2 -w Wrong"$TRANSLUCENTPASSWD" > \
700 if test $RC != 49 ; then
701 echo "ldapwhoami failed ($RC), expected INVALID CREDENTIALS!"
702 grep "$FAILURE" $TESTOUT
703 test $KILLSERVERS != no && kill -HUP $KILLPIDS
707 $LDAPWHOAMI -D "$TRANSLUCENTDN" -H $URI2 -w "$TRANSLUCENTPASSWD" > \
710 if test $RC != 0 ; then
711 echo "ldapwhoami failed ($RC), expected SUCCESS!"
712 grep "$FAILURE" $TESTOUT
713 test $KILLSERVERS != no && kill -HUP $KILLPIDS
717 test $KILLSERVERS != no && kill -HUP $KILLPIDS
719 echo ">>>>> Test succeeded"
721 test $KILLSERVERS != no && wait