X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=tests%2Fscripts%2Ftest014-whoami;h=a41c8ba1f412f3a6e6b480b581e25133d462db11;hb=e625581af399028f22f5f6e2cb37ff4eae4a24b0;hp=ae9fd28191b95d278fb9537e651b9cdfa40b2e5f;hpb=35643b0425b19b721c90859d166d8282002c7dad;p=openldap diff --git a/tests/scripts/test014-whoami b/tests/scripts/test014-whoami index ae9fd28191..a41c8ba1f4 100755 --- a/tests/scripts/test014-whoami +++ b/tests/scripts/test014-whoami @@ -2,7 +2,7 @@ # $OpenLDAP$ ## This work is part of OpenLDAP Software . ## -## Copyright 1998-2004 The OpenLDAP Foundation. +## Copyright 1998-2011 The OpenLDAP Foundation. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without @@ -37,6 +37,8 @@ if test $WAIT != 0 ; then fi KILLPIDS="$PID" +sleep 1 + echo "Using ldapsearch to check that slapd is running..." for i in 0 1 2 3 4 5; do $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \ @@ -102,7 +104,7 @@ if test $RC != 0 ; then exit $RC fi -# authzFrom: someone else => njorn +# authzFrom: someone else => bjorn echo "Testing authzFrom..." BINDDN="cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" @@ -133,8 +135,8 @@ if test $RC != 0 ; then exit $RC fi -BINDDN="cn=Jane Doe,ou=Alumni Association,ou=People,dc=example,dc=com" -BINDPW=jdoe +BINDDN="cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com" +BINDPW=jen AUTHZID="u:bjorn" echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI)..." $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ @@ -225,11 +227,20 @@ $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ -e \!authzid="$AUTHZID" RC=$? -if test $RC != 1 ; then +case $RC in +1) + ;; +0) + echo "ldapwhoami should have failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) echo "ldapwhoami failed ($RC)!" test $KILLSERVERS != no && kill -HUP $KILLPIDS exit $RC -fi + ;; +esac BINDDN="cn=Must Fail,dc=example,dc=com" BINDPW=fail @@ -239,11 +250,20 @@ $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ -e \!authzid="$AUTHZID" RC=$? -if test $RC != 1 ; then +case $RC in +1) + ;; +0) + echo "ldapwhoami should have failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) echo "ldapwhoami failed ($RC)!" test $KILLSERVERS != no && kill -HUP $KILLPIDS exit $RC -fi + ;; +esac # authzTo: bjorn => someone else echo "Testing authzTo..." @@ -368,11 +388,20 @@ $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ -e \!authzid="$AUTHZID" RC=$? -if test $RC != 1 ; then +case $RC in +1) + ;; +0) + echo "ldapwhoami should have failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) echo "ldapwhoami failed ($RC)!" test $KILLSERVERS != no && kill -HUP $KILLPIDS exit $RC -fi + ;; +esac BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" BINDPW=bjorn @@ -381,8 +410,45 @@ echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..." $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ -e \!authzid="$AUTHZID" +RC=$? +case $RC in +1) + ;; +0) + echo "ldapwhoami should have failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac + +BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" +BINDPW=bjorn +AUTHZID="dn:cn=don't!" +echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (no authzTo; should fail)..." +$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ + -e \!authzid="$AUTHZID" + RC=$? if test $RC != 1 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + +BINDDN="dc=example,dc=com" +BINDPW=example +AUTHZID="dn:" +echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID}\"\" (dn.exact; should succeed)..." +$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ + -e \!authzid="$AUTHZID" + +RC=$? +if test $RC != 0 ; then echo "ldapwhoami failed ($RC)!" test $KILLSERVERS != no && kill -HUP $KILLPIDS exit $RC @@ -391,9 +457,12 @@ fi test $KILLSERVERS != no && kill -HUP $KILLPIDS echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + exit 0 -## Note to developers: the command -## awk '/^do_extended$/ {if (c) {print c} c=0} /<===slap_sasl_match:/ {c++} END {print c}' testrun/slapd.1.log -## must return consecutive numbers from 1 to 9 twice to indicate -## that the authzFrom and authzTo rules applied in the right order. +## Note to developers: when SLAPD_DEBUG=-1 the command +## awk '/^do_extended$/ {if (c) {print c} c=0} /<===slap_sasl_match:/ {c++} END {print c}' $TESTDIR/slapd.1.log +## must return the sequence 1 2 3 4 5 6 7 8 8 8 1 2 3 4 5 6 7 8 8 8 8 1 +## to indicate that the authzFrom and authzTo rules applied in the right order.