X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=tests%2Fscripts%2Ftest022-ppolicy;h=3a3b3ded3ac2e2add427c0f3fa437c0f831321a4;hb=d8fbe2d32cc5885698215234758d45610d132411;hp=fee6d155fd340b13672cac36e081bd0231f39a9e;hpb=1d9fa315acbd90a71cf7f234807a43b5ec264896;p=openldap diff --git a/tests/scripts/test022-ppolicy b/tests/scripts/test022-ppolicy index fee6d155fd..3a3b3ded3a 100755 --- a/tests/scripts/test022-ppolicy +++ b/tests/scripts/test022-ppolicy @@ -2,7 +2,7 @@ # $OpenLDAP$ ## This work is part of OpenLDAP Software . ## -## Copyright 1998-2004 The OpenLDAP Foundation. +## Copyright 1998-2005 The OpenLDAP Foundation. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without @@ -21,11 +21,6 @@ if test $PPOLICY = ppolicyno; then exit 0 fi -if test "$BACKEND" = "ldbm" ; then - echo "Test does not support $BACKEND" - exit 0 -fi - mkdir -p $TESTDIR $DBDIR1 echo "Starting slapd on TCP/IP port $PORT1..." @@ -38,7 +33,7 @@ if test $WAIT != 0 ; then fi KILLPIDS="$PID" -USER="uid=nd, ou=People, o=University of Michigan, c=US" +USER="uid=nd, ou=People, dc=example, dc=com" PASS=testpassword echo "Using ldapsearch to check that slapd is running..." @@ -84,8 +79,8 @@ if test $COUNT != 2 ; then exit 1 fi -echo "Waiting 30 seconds for lockout to reset..." -sleep 30 +echo "Waiting 20 seconds for lockout to reset..." +sleep 20 $LDAPSEARCH -e ppolicy -h $LOCALHOST -p $PORT1 -D "$USER" -w $PASS \ -b "$BASEDN" -s base >> $SEARCHOUT 2>&1 @@ -96,23 +91,21 @@ if test $RC != 0 ; then exit $RC fi -echo "Testing password expiration..." -$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ - $TESTOUT 2>&1 << EOMODS -dn: uid=nd, ou=People, o=University of Michigan, c=US -changetype: modify -replace: pwdChangedTime -pwdChangedTime: 20031231000001Z - -EOMODS +echo "Testing password expiration" +echo "Waiting 20 seconds for password to expire..." +sleep 20 -$LDAPSEARCH -e ppolicy -h $LOCALHOST -p $PORT1 -D "$USER" -w $PASS > $SEARCHOUT 2>&1 +$LDAPSEARCH -e ppolicy -h $LOCALHOST -p $PORT1 -D "$USER" -w $PASS \ + -b "$BASEDN" -s base > $SEARCHOUT 2>&1 sleep 2 -$LDAPSEARCH -e ppolicy -h $LOCALHOST -p $PORT1 -D "$USER" -w $PASS >> $SEARCHOUT 2>&1 +$LDAPSEARCH -e ppolicy -h $LOCALHOST -p $PORT1 -D "$USER" -w $PASS \ + -b "$BASEDN" -s base >> $SEARCHOUT 2>&1 sleep 2 -$LDAPSEARCH -e ppolicy -h $LOCALHOST -p $PORT1 -D "$USER" -w $PASS >> $SEARCHOUT 2>&1 +$LDAPSEARCH -e ppolicy -h $LOCALHOST -p $PORT1 -D "$USER" -w $PASS \ + -b "$BASEDN" -s base >> $SEARCHOUT 2>&1 sleep 2 -$LDAPSEARCH -e ppolicy -h $LOCALHOST -p $PORT1 -D "$USER" -w $PASS >> $SEARCHOUT 2>&1 +$LDAPSEARCH -e ppolicy -h $LOCALHOST -p $PORT1 -D "$USER" -w $PASS \ + -b "$BASEDN" -s base >> $SEARCHOUT 2>&1 RC=$? if test $RC = 0 ; then echo "Password expiration failed ($RC)!" @@ -141,7 +134,7 @@ fi echo "Filling password history..." $LDAPMODIFY -v -D "$USER" -h $LOCALHOST -p $PORT1 -w $PASS > \ $TESTOUT 2>&1 << EOMODS -dn: uid=nd, ou=People, o=University of Michigan,c=US +dn: uid=nd, ou=People, dc=example, dc=com changetype: modify delete: userpassword userpassword: testpassword @@ -149,7 +142,7 @@ userpassword: testpassword replace: userpassword userpassword: 20urgle12-1 -dn: uid=nd, ou=People, o=University of Michigan,c=US +dn: uid=nd, ou=People, dc=example, dc=com changetype: modify delete: userpassword userpassword: 20urgle12-1 @@ -157,7 +150,7 @@ userpassword: 20urgle12-1 replace: userpassword userpassword: 20urgle12-2 -dn: uid=nd, ou=People, o=University of Michigan,c=US +dn: uid=nd, ou=People, dc=example, dc=com changetype: modify delete: userpassword userpassword: 20urgle12-2 @@ -165,7 +158,7 @@ userpassword: 20urgle12-2 replace: userpassword userpassword: 20urgle12-3 -dn: uid=nd, ou=People, o=University of Michigan,c=US +dn: uid=nd, ou=People, dc=example, dc=com changetype: modify delete: userpassword userpassword: 20urgle12-3 @@ -173,7 +166,7 @@ userpassword: 20urgle12-3 replace: userpassword userpassword: 20urgle12-4 -dn: uid=nd, ou=People, o=University of Michigan,c=US +dn: uid=nd, ou=People, dc=example, dc=com changetype: modify delete: userpassword userpassword: 20urgle12-4 @@ -181,7 +174,7 @@ userpassword: 20urgle12-4 replace: userpassword userpassword: 20urgle12-5 -dn: uid=nd, ou=People, o=University of Michigan,c=US +dn: uid=nd, ou=People, dc=example, dc=com changetype: modify delete: userpassword userpassword: 20urgle12-5 @@ -199,7 +192,7 @@ fi echo "Testing password history..." $LDAPMODIFY -v -D "$USER" -h $LOCALHOST -p $PORT1 -w 20urgle12-6 > \ $TESTOUT 2>&1 << EOMODS -dn: uid=nd, ou=People, o=University of Michigan, c=US +dn: uid=nd, ou=People, dc=example, dc=com changetype: modify delete: userPassword userPassword: 20urgle12-6 @@ -219,7 +212,7 @@ echo "Testing forced reset..." $LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ $TESTOUT 2>&1 << EOMODS -dn: uid=nd, ou=People, o=University of Michigan, c=US +dn: uid=nd, ou=People, dc=example, dc=com changetype: modify replace: userPassword userPassword: testpassword @@ -255,7 +248,7 @@ echo "Clearing forced reset..." $LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ $TESTOUT 2>&1 << EOMODS -dn: uid=nd, ou=People, o=University of Michigan, c=US +dn: uid=nd, ou=People, dc=example, dc=com changetype: modify delete: pwdReset @@ -318,6 +311,32 @@ if test $COUNT != 1 ; then exit 1 fi +echo "Testing hashed length requirement..." + +$LDAPMODIFY -h $LOCALHOST -p $PORT1 -D "$USER" -w failexpect > \ + $TESTOUT 2>&1 << EOMODS +dn: $USER +changetype: modify +delete: userPassword +userPassword: failexpect +- +add: userPassword +userPassword: {MD5}xxxxxx + +EOMODS +RC=$? +if test $RC = 0 ; then + echo "Hashed length requirement test failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi +COUNT=`grep "Password fails quality" $TESTOUT | wc -l` +if test $COUNT != 1 ; then + echo "Hashed length requirement test failed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + test $KILLSERVERS != no && kill -HUP $KILLPIDS echo ">>>>> Test succeeded"