#! /bin/sh
# $OpenLDAP$
## This work is part of OpenLDAP Software .
##
## Copyright 1998-2017 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## .
echo "running defines.sh"
. $SRCDIR/scripts/defines.sh
if test $BACKLDAP = "ldapno" ; then
echo "LDAP backend not available, test skipped"
exit 0
fi
rm -rf $TESTDIR
mkdir -p $TESTDIR $DBDIR1 $DBDIR2
echo "Running slapadd to build slapd database..."
. $CONFFILTER $BACKEND $MONITORDB < $CHAINCONF1 > $ADDCONF
. $CONFFILTER < $LDIFCHAIN1 > $SEARCHOUT
$SLAPADD -f $ADDCONF -l $SEARCHOUT
RC=$?
if test $RC != 0 ; then
echo "slapadd 1 failed ($RC)!"
exit $RC
fi
. $CONFFILTER $BACKEND $MONITORDB < $CHAINCONF2 > $ADDCONF
. $CONFFILTER < $LDIFCHAIN2 > $SEARCHOUT
$SLAPADD -f $ADDCONF -l $SEARCHOUT
RC=$?
if test $RC != 0 ; then
echo "slapadd 2 failed ($RC)!"
exit $RC
fi
echo "Starting first slapd on TCP/IP port $PORT1..."
. $CONFFILTER $BACKEND $MONITORDB < $CHAINCONF1 > $CONF1
$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
PID1=$!
if test $WAIT != 0 ; then
echo PID $PID1
read foo
fi
KILLPIDS="$PID1"
echo "Starting second slapd on TCP/IP port $PORT2..."
. $CONFFILTER $BACKEND $MONITORDB < $CHAINCONF2 > $CONF2
$SLAPD -f $CONF2 -h $URI2 -d $LVL $TIMING > $LOG2 2>&1 &
PID2=$!
if test $WAIT != 0 ; then
echo PID $PID2
read foo
fi
KILLPIDS="$KILLPIDS $PID2"
sleep 1
echo "Using ldapsearch to check that first slapd is running..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
'objectclass=*' > /dev/null 2>&1
RC=$?
if test $RC = 0 ; then
break
fi
echo "Waiting 5 seconds for slapd to start..."
sleep 5
done
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Using ldapsearch to check that second slapd is running..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT2 \
'objectclass=*' > /dev/null 2>&1
RC=$?
if test $RC = 0 ; then
break
fi
echo "Waiting 5 seconds for slapd to start..."
sleep 5
done
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
for P in $PORT1 $PORT2 ; do
echo "Testing ldapsearch as anonymous for \"$BASEDN\" on port $P..."
$LDAPSEARCH -h $LOCALHOST -p $P -b "$BASEDN" -S "" \
> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Filtering ldapsearch results..."
$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
$LDIFFILTER < $CHAINOUT > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "comparison failed - chained search didn't succeed"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
fi
echo "Reading the referral entry \"ou=Other,$BASEDN\" as anonymous on port $P..."
$LDAPSEARCH -h $LOCALHOST -p $P -b "ou=Other,$BASEDN" -S "" \
> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Filtering ldapsearch results..."
$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
$LDIFFILTER < $CHAINREFOUT > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "comparison failed - chained search didn't succeed"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
fi
DN="cn=Mark Elliot,ou=Alumni Association,ou=People,$BASEDN"
echo "Comparing \"$DN\" on port $P..."
$LDAPCOMPARE -h $LOCALHOST -p $P "$DN" "cn:Mark Elliot" \
> $TESTOUT 2>&1
RC=$?
if test $RC != 6 && test $RC,$BACKEND != 5,null ; then
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
fi
DN="ou=Other,$BASEDN"
echo "Comparing \"$DN\" on port $P with manageDSAit control..."
$LDAPCOMPARE -h $LOCALHOST -p $P -M "$DN" "ou:Other" \
> $TESTOUT 2>&1
RC=$?
if test $RC != 6 && test $RC,$BACKEND != 5,null ; then
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
fi
done
#
# Testing writes to first server
#
echo "Writing to first server with scope on second server..."
$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \
$TESTOUT 2>&1 << EOMODS
dn: cn=New Group,ou=Groups,dc=example,dc=com
changetype: add
objectClass: groupOfNames
cn: New Group
member:
dn: cn=New Group,ou=Groups,dc=example,dc=com
changetype: modify
add: description
description: testing chain overlay writes...
-
replace: member
member: cn=New Group,ou=Groups,dc=example,dc=com
member: cn=Manager,dc=example,dc=com
-
add: owner
owner: cn=Manager,dc=example,dc=com
-
dn: cn=New Group,ou=Groups,dc=example,dc=com
changetype: modrdn
newrdn: cn=Renamed Group
deleteoldrdn: 1
dn: cn=All Staff,ou=Groups,dc=example,dc=com
changetype: delete
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
#
# Testing writes to second server
#
echo "Writing to second server with scope on first server..."
$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT2 -w $PASSWD > \
$TESTOUT 2>&1 << EOMODS
dn: cn=New User,ou=People,dc=example,dc=com
changetype: add
objectClass: person
cn: New User
sn: User
seeAlso: cn=New Group,ou=Groups,dc=example,dc=com
dn: cn=New User,ou=People,dc=example,dc=com
changetype: modify
add: description
description: testing chain overlay writes...
-
replace: seeAlso
seeAlso: cn=Renamed Group,ou=Groups,dc=example,dc=com
-
dn: cn=New User,ou=People,dc=example,dc=com
changetype: modrdn
newrdn: cn=Renamed User
deleteoldrdn: 1
dn: cn=Ursula Hampster,ou=Alumni Association,ou=People,dc=example,dc=com
changetype: delete
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
for P in $PORT1 $PORT2 ; do
echo "Testing ldapsearch as anonymous for \"$BASEDN\" on port $P..."
$LDAPSEARCH -h $LOCALHOST -p $P -b "$BASEDN" -S "" \
> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Filtering ldapsearch results..."
$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
$LDIFFILTER < $CHAINMODOUT > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "comparison failed - chained search didn't succeed"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
fi
done
NEWPW=newsecret
echo "Using ldappasswd on second server with scope on first server..."
$LDAPPASSWD -h $LOCALHOST -p $PORT2 \
-w secret -s $NEWPW \
-D "$MANAGERDN" "$BJORNSDN" >> $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldappasswd failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Binding with newly changed password on first server..."
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 \
-D "$BJORNSDN" -w $NEWPW
RC=$?
if test $RC != 0 ; then
echo "ldapwhoami failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
# ITS#57??
$LDAPADD -h $LOCALHOST -p $PORT1 \
-D "$MANAGERDN" -w secret \
>> $TESTOUT 2>&1 \
<< EOMODS
dn: ou=Can't Contact,dc=example,dc=com
changetype: add
objectclass: referral
objectclass: extensibleobject
ou: Can't Contact
# invalid URI to test broken connectivity handling (search only)
ref: ${URI3}ou=Can't%20Contact,dc=example,dc=com
EOMODS
echo "Reading the referral entry \"ou=Can't Contact,$BASEDN\" as anonymous on port $PORT1..."
$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" -S "" "(cn=Can't Contact)" \
> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo ">>>>> Test succeeded"
test $KILLSERVERS != no && wait
exit 0