# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
-## Copyright 1998-2005 The OpenLDAP Foundation.
+## Copyright 1998-2006 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## If you use this script then
## Make sure that you turn on LDAP_COMP_MATCH in slapd source codes
-## and --enable-modules is configured yes
+## and --enable-modules is configured yes
if test "$AC_WITH_MODULES_ENABLED" != "yes" ; then
- echo "dynamic module disabled "
- exit
+ echo "dynamic module disabled, test skipped"
+ exit 0
fi
mkdir -p $TESTDIR $DBDIR1
echo "slapadd failed ($RC)!"
echo "Be sure to have a certificate module in tests/data/comp_libs "
echo "The module is in openldap/contrib/slapd-modules/comp_match"
- exit
+ echo "Test skipped."
+ exit 0
fi
echo "Running slapindex to index slapd database..."
fi
KILLPIDS="$PID"
+sleep 1
+
echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
exit $RC
fi
-FILTER="(userCertificate:componentFilterMatch:=item:{component \"toBeSigned.extensions.\2a.extnID\",rule allComponentsMatch, value 2.5.29.14 })"
+FILTER="(userCertificate:componentFilterMatch:=item:{ component \"toBeSigned.extensions.\2a.extnID\", rule allComponentsMatch, value 2.5.29.14 })"
echo " f=$FILTER ..."
echo "# f=$FILTER ..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
exit $RC
fi
-FILTER="(userCertificate:componentFilterMatch:=not:item:{component \"toBeSigned.extensions.\2a\",rule allComponentsMatch, value { extnID 2.5.29.19 , extnValue '30030101FF'H })"
+FILTER="(userCertificate:componentFilterMatch:=not:item:{ component \"toBeSigned.extensions.\2a\", rule allComponentsMatch, value { extnID 2.5.29.19 , extnValue '30030101FF'H })"
echo " f=$FILTER ..."
echo "# f=$FILTER ..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
exit $RC
fi
+# extraction filter
FILTER="(x509CertificateIssuer=c=US)"
echo " f=$FILTER ..."
echo "# f=$FILTER ..." >> $SEARCHOUT
exit $RC
fi
+# extraction filter
FILTER="(x509CertificateSerial=0)"
echo " f=$FILTER ..."
echo "# f=$FILTER ..." >> $SEARCHOUT
exit $RC
fi
+# extraction filter
FILTER="(x509CertificateSerialAndIssuer:certificateExactMatch:=0\$c=US)"
echo " f=$FILTER ..."
echo "# f=$FILTER ..." >> $SEARCHOUT
exit $RC
fi
+FILTER="(certificateRevocationList:componentFilterMatch:=item:{ component \"tbsCertList.revokedCertificates.\2a.userCertificate\", rule integerMatch, value 952069669 })"
+echo " f=$FILTER ..."
+echo "# f=$FILTER ..." >> $SEARCHOUT
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+ "$FILTER" >> $SEARCHOUT 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo "Filtering ldapsearch results..."
fi
echo ">>>>> Test succeeded"
+
+test $KILLSERVERS != no && wait
+
exit 0