3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 ## Copyright 2005-2017 The OpenLDAP Foundation.
6 ## All rights reserved.
8 ## Redistribution and use in source and binary forms, with or without
9 ## modification, are permitted only as authorized by the OpenLDAP
12 ## A copy of this license is available in the file LICENSE in the
13 ## top-level directory of the distribution or, alternatively, at
14 ## <http://www.OpenLDAP.org/license.html>.
16 echo "running defines.sh"
17 . $SRCDIR/scripts/defines.sh
19 case $BACKEND in ldif | null)
20 # LDIF lacks ACL support, NULL cannot hold dynamic entries
21 echo "Test does not support $BACKEND backend, test skipped"
25 if test $DDS = ddsno; then
26 echo "Dynamic Directory Services overlay not available, test skipped"
30 mkdir -p $TESTDIR $DBDIR1
32 echo "Running slapadd to build slapd database..."
33 . $CONFFILTER $BACKEND $MONITORDB < $MCONF > $ADDCONF
34 $SLAPADD -f $ADDCONF -l $LDIFORDERED
36 if test $RC != 0 ; then
37 echo "slapadd failed ($RC)!"
41 echo "Running slapindex to index slapd database..."
42 . $CONFFILTER $BACKEND $MONITORDB < $DDSCONF > $CONF1
45 if test $RC != 0 ; then
46 echo "warning: slapindex failed ($RC)"
47 echo " assuming no indexing support"
50 echo "Starting slapd on TCP/IP port $PORT1..."
51 $SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
53 if test $WAIT != 0 ; then
61 echo "Testing slapd searching..."
62 for i in 0 1 2 3 4 5; do
63 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
64 '(objectclass=*)' > /dev/null 2>&1
66 if test $RC = 0 ; then
69 echo "Waiting 5 seconds for slapd to start..."
73 if test $RC != 0 ; then
74 echo "ldapsearch failed ($RC)!"
75 test $KILLSERVERS != no && kill -HUP $KILLPIDS
79 cat /dev/null > $SEARCHOUT
81 echo "Creating a dynamic entry..."
82 $LDAPADD -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
83 >> $TESTOUT 2>&1 << EOMODS
84 dn: cn=Dynamic Object,dc=example,dc=com
85 objectClass: inetOrgPerson
86 objectClass: dynamicObject
91 if test $RC != 0 ; then
92 echo "ldapadd failed ($RC)!"
93 test $KILLSERVERS != no && kill -HUP $KILLPIDS
97 echo "Refreshing the newly created dynamic entry..."
98 $LDAPEXOP -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
99 "refresh" "cn=Dynamic Object,dc=example,dc=com" "120" \
102 if test $RC != 0 ; then
103 echo "ldapexop failed ($RC)!"
104 test $KILLSERVERS != no && kill -HUP $KILLPIDS
108 echo "Modifying the newly created dynamic entry..."
109 $LDAPMODIFY -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
110 >> $TESTOUT 2>&1 << EOMODS
111 dn: cn=Dynamic Object,dc=example,dc=com
114 userPassword: dynamic
117 if test $RC != 0 ; then
118 echo "ldapadd failed ($RC)!"
119 test $KILLSERVERS != no && kill -HUP $KILLPIDS
123 echo "Binding as the newly created dynamic entry..."
124 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 \
125 -D "cn=Dynamic Object,dc=example,dc=com" -w dynamic
127 if test $RC != 0 ; then
128 echo "ldapwhoami failed ($RC)!"
129 test $KILLSERVERS != no && kill -HUP $KILLPIDS
133 echo "Creating a dynamic entry subordinate to another..."
134 $LDAPADD -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
135 >> $TESTOUT 2>&1 << EOMODS
136 dn: cn=Subordinate Dynamic Object,cn=Dynamic Object,dc=example,dc=com
137 objectClass: inetOrgPerson
138 objectClass: dynamicObject
139 cn: Subordinate Dynamic Object
141 userPassword: dynamic
144 if test $RC != 0 ; then
145 echo "ldapadd failed ($RC)!"
146 test $KILLSERVERS != no && kill -HUP $KILLPIDS
152 SEARCH=`expr $SEARCH + 1`
154 echo "# [$SEARCH] Searching the dynamic portion of the database..." >> $SEARCHOUT
155 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
156 '(objectClass=dynamicObject)' '*' entryTtl \
159 if test $RC != 0 ; then
160 echo "ldapsearch failed ($RC)!"
161 test $KILLSERVERS != no && kill -HUP $KILLPIDS
165 echo "Creating a static entry subordinate to a dynamic one (should fail)..."
166 $LDAPADD -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
167 >> $TESTOUT 2>&1 << EOMODS
168 dn: cn=Subordinate Static Object,cn=Dynamic Object,dc=example,dc=com
169 objectClass: inetOrgPerson
170 cn: Subordinate Static Object
177 echo "ldapadd should have failed ($RC)!"
178 test $KILLSERVERS != no && kill -HUP $KILLPIDS
182 echo "ldapadd failed ($RC)"
185 echo "ldapadd failed ($RC)!"
186 test $KILLSERVERS != no && kill -HUP $KILLPIDS
191 echo "Turning a static into a dynamic entry (should fail)..."
192 $LDAPMODIFY -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
193 >> $TESTOUT 2>&1 << EOMODS
194 dn: ou=People,dc=example,dc=com
197 objectClass: dynamicObject
202 echo "ldapmodify should have failed ($RC)!"
203 test $KILLSERVERS != no && kill -HUP $KILLPIDS
207 echo "ldapmodify failed ($RC)"
210 echo "ldapmodify failed ($RC)!"
211 test $KILLSERVERS != no && kill -HUP $KILLPIDS
216 echo "Turning a dynamic into a static entry (should fail)..."
217 $LDAPMODIFY -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
218 >> $TESTOUT 2>&1 << EOMODS
219 dn: cn=Dynamic Object,dc=example,dc=com
222 objectClass: dynamicObject
227 echo "ldapmodify should have failed ($RC)!"
228 test $KILLSERVERS != no && kill -HUP $KILLPIDS
232 echo "ldapmodify failed ($RC)"
235 echo "ldapmodify failed ($RC)!"
236 test $KILLSERVERS != no && kill -HUP $KILLPIDS
241 echo "Renaming a dynamic entry..."
242 $LDAPMODIFY -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
243 >> $TESTOUT 2>&1 << EOMODS
244 dn: cn=Subordinate Dynamic Object,cn=Dynamic Object,dc=example,dc=com
246 newrdn: cn=Renamed Dynamic Object
250 if test $RC != 0 ; then
251 echo "ldapmodrdn failed ($RC)!"
252 test $KILLSERVERS != no && kill -HUP $KILLPIDS
256 SEARCH=`expr $SEARCH + 1`
258 echo "# [$SEARCH] Searching the dynamic portion of the database..." >> $SEARCHOUT
259 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
260 '(objectClass=dynamicObject)' '*' entryTtl \
263 if test $RC != 0 ; then
264 echo "ldapsearch failed ($RC)!"
265 test $KILLSERVERS != no && kill -HUP $KILLPIDS
269 echo "Refreshing the initial dynamic entry to make it expire earlier than the subordinate..."
270 $LDAPEXOP -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
271 "refresh" "cn=Dynamic Object,dc=example,dc=com" "1" \
274 if test $RC != 0 ; then
275 echo "ldapexop failed ($RC)!"
276 test $KILLSERVERS != no && kill -HUP $KILLPIDS
281 echo "Waiting $SLEEP seconds to force a subordinate/superior expiration conflict..."
284 echo "Re-vitalizing the initial dynamic entry..."
285 $LDAPEXOP -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
286 "refresh" "cn=Dynamic Object,dc=example,dc=com" "120" \
289 if test $RC != 0 ; then
290 echo "ldapexop failed ($RC)!"
291 test $KILLSERVERS != no && kill -HUP $KILLPIDS
295 echo "Re-renaming the subordinate dynamic entry (new superior)..."
296 $LDAPMODIFY -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
297 >> $TESTOUT 2>&1 << EOMODS
298 dn: cn=Renamed Dynamic Object,cn=Dynamic Object,dc=example,dc=com
300 newrdn: cn=Renamed Dynamic Object
302 newsuperior: dc=example,dc=com
305 if test $RC != 0 ; then
306 echo "ldapmodrdn failed ($RC)!"
307 test $KILLSERVERS != no && kill -HUP $KILLPIDS
311 SEARCH=`expr $SEARCH + 1`
313 echo "# [$SEARCH] Searching the dynamic portion of the database..." >> $SEARCHOUT
314 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
315 '(objectClass=dynamicObject)' '*' entryTtl \
318 if test $RC != 0 ; then
319 echo "ldapsearch failed ($RC)!"
320 test $KILLSERVERS != no && kill -HUP $KILLPIDS
324 echo "Deleting a dynamic entry..."
325 $LDAPMODIFY -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
326 >> $TESTOUT 2>&1 << EOMODS
327 dn: cn=Dynamic Object,dc=example,dc=com
331 if test $RC != 0 ; then
332 echo "ldapdelete failed ($RC)!"
333 test $KILLSERVERS != no && kill -HUP $KILLPIDS
337 SEARCH=`expr $SEARCH + 1`
339 echo "# [$SEARCH] Searching the dynamic portion of the database..." >> $SEARCHOUT
340 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
341 '(objectClass=dynamicObject)' '*' entryTtl \
344 if test $RC != 0 ; then
345 echo "ldapsearch failed ($RC)!"
346 test $KILLSERVERS != no && kill -HUP $KILLPIDS
350 echo "Refreshing the remaining dynamic entry..."
351 $LDAPEXOP -D $MANAGERDN -w $PASSWD -h $LOCALHOST -p $PORT1 \
352 "refresh" "cn=Renamed Dynamic Object,dc=example,dc=com" "1" \
355 if test $RC != 0 ; then
356 echo "ldapexop failed ($RC)!"
357 test $KILLSERVERS != no && kill -HUP $KILLPIDS
361 SEARCH=`expr $SEARCH + 1`
363 echo "# [$SEARCH] Searching the dynamic portion of the database..." >> $SEARCHOUT
364 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
365 '(objectClass=dynamicObject)' '*' entryTtl \
368 if test $RC != 0 ; then
369 echo "ldapsearch failed ($RC)!"
370 test $KILLSERVERS != no && kill -HUP $KILLPIDS
375 echo "Waiting $SLEEP seconds for remaining entry to expire..."
378 SEARCH=`expr $SEARCH + 1`
380 echo "# [$SEARCH] Searching the dynamic portion of the database..." >> $SEARCHOUT
381 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
382 '(objectClass=dynamicObject)' '*' entryTtl \
385 if test $RC != 0 ; then
386 echo "ldapsearch failed ($RC)!"
387 test $KILLSERVERS != no && kill -HUP $KILLPIDS
392 MEETINGDN="cn=Meeting,ou=Groups,dc=example,dc=com"
393 echo "Creating a meeting as $BJORNSDN..."
394 $LDAPMODIFY -D "$BJORNSDN" -w bjorn -h $LOCALHOST -p $PORT1 \
395 >> $TESTOUT 2>&1 << EOMODS
398 objectClass: groupOfNames
399 objectClass: dynamicObject
409 if test $RC != 0 ; then
410 echo "ldapmodify failed ($RC)!"
411 test $KILLSERVERS != no && kill -HUP $KILLPIDS
415 echo "Refreshing the meeting as $BJORNSDN..."
416 $LDAPEXOP -D "$BJORNSDN" -w bjorn -h $LOCALHOST -p $PORT1 \
417 "refresh" "$MEETINGDN" "120" \
420 if test $RC != 0 ; then
421 echo "ldapexop failed ($RC)!"
422 test $KILLSERVERS != no && kill -HUP $KILLPIDS
426 echo "Joining the meeting as $BABSDN..."
427 $LDAPMODIFY -D "$BABSDN" -w bjensen -h $LOCALHOST -p $PORT1 \
428 >> $TESTOUT 2>&1 << EOMODS
435 if test $RC != 0 ; then
436 echo "ldapmodify failed ($RC)!"
437 test $KILLSERVERS != no && kill -HUP $KILLPIDS
441 echo "Trying to add a member as $BABSDN (should fail)..."
442 $LDAPMODIFY -D "$BABSDN" -w bjensen -h $LOCALHOST -p $PORT1 \
443 >> $TESTOUT 2>&1 << EOMODS
452 echo "ldapmodify should have failed ($RC)!"
453 test $KILLSERVERS != no && kill -HUP $KILLPIDS
457 echo "ldapmodify failed ($RC)"
460 echo "ldapmodify failed ($RC)!"
461 test $KILLSERVERS != no && kill -HUP $KILLPIDS
466 echo "Refreshing the meeting as $BABSDN..."
467 $LDAPEXOP -D "$BABSDN" -w bjensen -h $LOCALHOST -p $PORT1 \
468 "refresh" "$MEETINGDN" "180" \
471 if test $RC != 0 ; then
472 echo "ldapexop failed ($RC)!"
473 test $KILLSERVERS != no && kill -HUP $KILLPIDS
477 echo "Trying to refresh the meeting anonymously (should fail)..."
478 $LDAPEXOP -h $LOCALHOST -p $PORT1 \
479 "refresh" "$MEETINGDN" "240" \
482 if test $RC = 0 ; then
483 echo "ldapexop should have failed ($RC)!"
484 test $KILLSERVERS != no && kill -HUP $KILLPIDS
488 echo "Trying to refresh the meeting as $JAJDN (should fail)..."
489 $LDAPEXOP -D "$JAJDN" -w "jaj" -h $LOCALHOST -p $PORT1 \
490 "refresh" "$MEETINGDN" "240" \
493 if test $RC = 0 ; then
494 echo "ldapexop should have failed ($RC)!"
495 test $KILLSERVERS != no && kill -HUP $KILLPIDS
499 echo "Trying to delete the meeting as $BABSDN (should fail)..."
500 $LDAPMODIFY -D "$BABSDN" -w bjensen -h $LOCALHOST -p $PORT1 \
501 >> $TESTOUT 2>&1 << EOMODS
508 echo "ldapdelete should have failed ($RC)!"
509 test $KILLSERVERS != no && kill -HUP $KILLPIDS
513 echo "ldapdelete failed ($RC)"
516 echo "ldapdelete failed ($RC)!"
517 test $KILLSERVERS != no && kill -HUP $KILLPIDS
522 echo "Deleting the meeting as $BJORNSDN..."
523 $LDAPMODIFY -D "$BJORNSDN" -w bjorn -h $LOCALHOST -p $PORT1 \
524 >> $TESTOUT 2>&1 << EOMODS
529 if test $RC != 0 ; then
530 echo "ldapdelete failed ($RC)!"
531 test $KILLSERVERS != no && kill -HUP $KILLPIDS
535 test $KILLSERVERS != no && kill -HUP $KILLPIDS
539 # dds removes entryTtl and re-adds it, changing the order of attributes
540 echo "Filtering ldapsearch results..."
541 $LDIFFILTER -s a < $SEARCHOUT > $SEARCHFLT
542 grep -i -v -e '^entryttl: ' < $SEARCHFLT > $SEARCHFLT2
543 echo "Filtering original ldif used to create database..."
544 $LDIFFILTER -s a < $LDIF > $LDIFFLT
545 grep -i -v -e '^entryttl: ' < $LDIFFLT > $LDIFFLT2
546 echo "Comparing filter output..."
547 $CMP $SEARCHFLT2 $LDIFFLT2 > $CMPOUT
549 if test $? != 0 ; then
550 echo "Comparison failed"
554 echo "Listing entryTtl values from ldapsearch results..."
555 grep -i -e '^entryttl: ' < $SEARCHFLT | awk '{ print $2 }' > $SEARCHFLT2
556 echo "Listing entryTtl values from original ldif used to create database..."
557 grep -i -e '^entryttl: ' < $LDIFFLT | awk '{ print $2 }' > $LDIFFLT2
559 if ! type paste >/dev/null 2>&1; then
560 echo "Cannot find 'paste' command, skipping entryTtl checks..."
562 echo "Checking entryTtl appears to decrease with time..."
563 paste $SEARCHFLT2 $LDIFFLT2 | while read resultTTL savedTTL; do
564 if [ `expr $savedTTL - $resultTTL` -lt $SLEEP0 ]; then
565 echo "TTL has not reduced accordingly"
571 echo ">>>>> Test succeeded"
573 test $KILLSERVERS != no && wait