X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=tests%2Fscripts%2Ftest028-idassert;h=3e8965439a0241f8b213325ab5c6f96028c699ae;hb=c8c34cdd43d3603f3b64a56841b4425379c98f45;hp=0f5e849fb2bb791d580c202cff2e4ee298d89bae;hpb=47e5f301f9cd305d022b11a43f700d28baaa3fb6;p=openldap
diff --git a/tests/scripts/test028-idassert b/tests/scripts/test028-idassert
index 0f5e849fb2..3e8965439a 100755
--- a/tests/scripts/test028-idassert
+++ b/tests/scripts/test028-idassert
@@ -2,7 +2,7 @@
# $OpenLDAP$
## This work is part of OpenLDAP Software .
##
-## Copyright 1998-2004 The OpenLDAP Foundation.
+## Copyright 1998-2011 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
@@ -16,11 +16,27 @@
echo "running defines.sh"
. $SRCDIR/scripts/defines.sh
+echo "### This test requires the LDAP backend and the rwm overlay."
+echo "### If available, and explicitly requested, it can use SASL bind;"
+echo "### note that SASL must be properly set up, and the requested"
+echo "### mechanism must be available. Define SLAPD_USE_SASL={yes|},"
+echo "### with \"yes\" defaulting to DIGEST-MD5 to enable SASL authc[/authz]."
+
if test $BACKLDAP = "ldapno" ; then
echo "LDAP backend not available, test skipped"
exit 0
fi
+if test $RWM = "rwmno" ; then
+ echo "Rewrite/remap overlay not available, test skipped"
+ exit 0
+fi
+
+if test $THREADS = "threadsno" ; then
+ echo "Need threads support, test skipped"
+ exit 0
+fi
+
if test $WITH_SASL = "yes" ; then
if test $USE_SASL != "no" ; then
if test $USE_SASL = "yes" ; then
@@ -28,13 +44,9 @@ if test $WITH_SASL = "yes" ; then
else
MECH="$USE_SASL"
fi
- echo "Using SASL authc/authz with mech=$MECH; unset SLAPD_USE_SASL to disable"
+ echo "Using SASL authc[/authz] with mech=$MECH; unset SLAPD_USE_SASL to disable"
else
echo "Using proxyAuthz with simple authc..."
- echo " set SLAPD_USE_SASL={yes|} to enable SASL authc/authz"
- echo " if SLAPD_USE_SASL=\"yes\", defaults to DIGEST-MD5"
- echo " FIXME: should be mandatory, right?"
- echo " FIXME: authz with CRAM-MD5 does not work..."
fi
else
echo "SASL not available; using proxyAuthz with simple authc..."
@@ -67,6 +79,8 @@ if test $WAIT != 0 ; then
fi
KILLPIDS="$PID"
+sleep 1
+
echo "Using ldapsearch to check that slapd is running..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
@@ -92,30 +106,30 @@ AUTHZID="u:it/jaj"
echo "Testing ldapwhoami as proxy US, $AUTHZID..."
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "cn=proxy US,ou=Admin,dc=example,dc=com" -w proxy -e\!"authzid=$AUTHZID"
RC=$?
-if test $RC != 0 ; then
+if test $RC != 0 && test $BACKEND != null ; then
echo "ldapwhoami failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
AUTHZID="u:bjorn"
-echo "Testing ldapwhoami as proxy US, $AUTHZID..."
+echo "Testing ldapwhoami as proxy US, $AUTHZID... (should fail)"
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "cn=proxy US,ou=Admin,dc=example,dc=com" -w proxy -e\!"authzid=$AUTHZID"
RC=$?
if test $RC != 1 ; then
echo "ldapwhoami should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
- exit $RC
+ exit 1
fi
AUTHZID="u:bjensen"
-echo "Testing ldapwhoami as proxy US, $AUTHZID..."
+echo "Testing ldapwhoami as proxy US, $AUTHZID... (should fail)"
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "cn=proxy US,ou=Admin,dc=example,dc=com" -w proxy -e\!"authzid=$AUTHZID"
RC=$?
if test $RC != 1 ; then
echo "ldapwhoami should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
- exit $RC
+ exit 1
fi
echo "Testing ldapwhoami as proxy IT..."
@@ -128,30 +142,30 @@ if test $RC != 0 ; then
fi
AUTHZID="u:it/jaj"
-echo "Testing ldapwhoami as proxy IT, $AUTHZID..."
+echo "Testing ldapwhoami as proxy IT, $AUTHZID... (should fail)"
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "cn=proxy IT,ou=Admin,dc=example,dc=com" -w proxy -e\!"authzid=$AUTHZID"
RC=$?
if test $RC != 1 ; then
echo "ldapwhoami should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
- exit $RC
+ exit 1
fi
AUTHZID="u:bjorn"
-echo "Testing ldapwhoami as proxy IT, $AUTHZID..."
+echo "Testing ldapwhoami as proxy IT, $AUTHZID... (should fail)"
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "cn=proxy IT,ou=Admin,dc=example,dc=com" -w proxy -e\!"authzid=$AUTHZID"
RC=$?
if test $RC != 1 ; then
echo "ldapwhoami should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
- exit $RC
+ exit 1
fi
AUTHZID="dn:cn=Sandbox,ou=Admin,dc=example,dc=com"
echo "Testing ldapwhoami as proxy IT, $AUTHZID..."
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "cn=proxy IT,ou=Admin,dc=example,dc=com" -w proxy -e\!"authzid=$AUTHZID"
RC=$?
-if test $RC != 0 ; then
+if test $RC != 0 && test $BACKEND != null ; then
echo "ldapwhoami failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
@@ -184,21 +198,22 @@ $LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASE" \
-D "$ID" -w jaj > $SEARCHOUT 2>&1
RC=$?
-if test $RC != 0 ; then
+if test $RC != 0 && test $BACKEND != null ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Filtering ldapsearch results..."
-. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+$LDIFFILTER -s ldif=e < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
-. $LDIFFILTER < $IDASSERTOUT > $LDIFFLT
+$LDIFFILTER -s ldif=e < $IDASSERTOUT > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
-
+
if test $? != 0 ; then
echo "comparison failed - search with identity assertion didn't succeed"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
fi
@@ -217,14 +232,15 @@ if test $USE_SASL != "no" ; then
fi
echo "Filtering ldapsearch results..."
- . $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+ $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
- . $LDIFFILTER < $IDASSERTOUT > $LDIFFLT
+ $LDIFFILTER < $IDASSERTOUT > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "comparison failed - search with SASL bind and identity assertion didn't succeed"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
fi
fi
@@ -232,5 +248,7 @@ fi
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo ">>>>> Test succeeded"
-exit 0
+test $KILLSERVERS != no && wait
+
+exit 0