everything works without any need for changes in syncrepl code; only modifications...

diff --git a/tests/data/slapd-repl-slave-remote.conf b/tests/data/slapd-repl-slave-remote.conf
new file mode 100644 (file)
index 0000000..1f2badf
--- /dev/null
+++ b/tests/data/slapd-repl-slave-remote.conf
@@ -0,0 +1,76 @@
+# slave slapd config -- for testing of replication
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 1998-2005 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+
+include                @SCHEMADIR@/core.schema
+include                @SCHEMADIR@/cosine.schema
+include                @SCHEMADIR@/inetorgperson.schema
+include                @SCHEMADIR@/openldap.schema
+include                @SCHEMADIR@/nis.schema
+#
+pidfile                @TESTDIR@/slapd.2.pid
+argsfile       @TESTDIR@/slapd.2.args
+
+#mod#modulepath        ../servers/slapd/back-@BACKEND@/
+#mod#moduleload        back_@BACKEND@.la
+#monitormod#modulepath ../servers/slapd/back-monitor/
+#monitormod#moduleload back_monitor.la
+#ldapmod#modulepath ../servers/slapd/back-ldap/
+#ldapmod#moduleload back_ldap.la
+
+#ldapyes#overlay               chain
+#ldapyes#chain-uri             @URI1@
+#ldapyes#chain-idassert-bind   bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials=secret mode=self
+#ldapmod#overlay               chain
+#ldapmod#chain-uri             @URI1@
+#ldapmod#chain-idassert-bind   bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials=secret mode=self
+
+#######################################################################
+# database definitions
+#######################################################################
+
+access to *
+       by * read
+
+database       @BACKEND@
+#ldbm#cachesize        0
+suffix         "dc=example,dc=com"
+directory      @TESTDIR@/db.2.a
+rootdn         "cn=Replica,dc=example,dc=com"
+rootpw         secret
+# HACK: use the RootDN of the monitor database as UpdateDN so ACLs apply
+# whithout the need to write the UpdateDN before starting replication
+updatedn       "cn=Monitor"
+updateref      @URI1@
+#bdb#index             objectClass     eq
+#bdb#index             cn,sn,uid       pres,eq,sub
+#bdb#index             entryUUID       pres,eq
+#hdb#index             objectClass     eq
+#hdb#index             cn,sn,uid       pres,eq,sub
+#hdb#index             entryUUID       pres,eq
+
+# Need to strip hasSubordinates from internal searches otherwise
+# syncrepl will try to delete it, since syncprov is not sending
+# it because it's generated
+access to dn.subtree="dc=example,dc=com" attrs=hasSubordinates
+       by dn.exact="cn=Monitor" none
+       by * read
+
+access to dn.subtree="dc=example,dc=com"
+       by dn.exact="cn=Monitor" write
+       by * read
+
+#monitor#database      monitor
+#monitor#rootdn                "cn=Monitor"
+#monitor#rootpw                monitor

diff --git a/tests/data/slapd-syncrepl-slave-persist-ldap.conf b/tests/data/slapd-syncrepl-slave-persist-ldap.conf
index e3beda58bdf103c58ed2a3a2147490883fac3382..f94fcd7c33a25a9470a87028237b05e6e6073c7c 100644 (file)
--- a/tests/data/slapd-syncrepl-slave-persist-ldap.conf
+++ b/tests/data/slapd-syncrepl-slave-persist-ldap.conf
@@ -36,15 +36,21 @@ argsfile    @TESTDIR@/slapd.3.args
 #######################################################################
 
 database       ldap
-#restrict      all
+restrict       all
 suffix         "dc=example,dc=com"
-rootdn         "cn=Replica,dc=example,dc=com"
+rootdn         "cn=Whoever"
 uri            @URI2@
+
+# HACK: use the RootDN of the monitor database as UpdateDN so ACLs apply
+# whithout the need to write the UpdateDN before starting replication
 acl-bind       bindmethod=simple
-               binddn="cn=Replica,dc=example,dc=com"
-               credentials=secret
+               binddn="cn=Monitor"
+               credentials=monitor
 
 # Don't change syncrepl spec yet
+
+# HACK: use the RootDN of the monitor database as UpdateDN so ACLs apply
+# whithout the need to write the UpdateDN before starting replication
 syncrepl       rid=1
                provider=@URI1@
                binddn="cn=Manager,dc=example,dc=com"

diff --git a/tests/scripts/defines.sh b/tests/scripts/defines.sh
index 0f45229c4832729ea70c595e63a69f8a5a0d0604..035d9e71dd1268e845f7c19364032a31c0ebfa26 100755 (executable)
--- a/tests/scripts/defines.sh
+++ b/tests/scripts/defines.sh
@@ -104,6 +104,7 @@ GLUELDAPCONF=$DATADIR/slapd-glue-ldap.conf
 ACICONF=$DATADIR/slapd-aci.conf
 VALSORTCONF=$DATADIR/slapd-valsort.conf
 DYNLISTCONF=$DATADIR/slapd-dynlist.conf
+RSLAVECONF=$DATADIR/slapd-repl-slave-remote.conf
 PLSRSLAVECONF=$DATADIR/slapd-syncrepl-slave-persist-ldap.conf
 
 CONF1=$TESTDIR/slapd.1.conf

diff --git a/tests/scripts/test045-syncreplication-proxied b/tests/scripts/test045-syncreplication-proxied
index 6d2be1e1fb01dd569efd2fea1785f0f570be4b8c..85bd1622bd358912c5b23d4e67b4b8c817314b28 100755 (executable)
--- a/tests/scripts/test045-syncreplication-proxied
+++ b/tests/scripts/test045-syncreplication-proxied
@@ -36,6 +36,11 @@ if test $SYNCPROV = syncprovno; then
        exit 0
 fi 
 
+if test $MONITORDB = no; then 
+       echo "Monitor backend not available, test skipped"
+       exit 0
+fi 
+
 mkdir -p $TESTDIR $DBDIR1 $DBDIR2
 
 #
@@ -63,7 +68,7 @@ sleep 1
 echo "Using ldapsearch to check that master slapd is running..."
 for i in 0 1 2 3 4 5; do
        $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
-               'objectclass=*' > /dev/null 2>&1
+               '(objectClass=*)' > /dev/null 2>&1
        RC=$?
        if test $RC = 0 ; then
                break
@@ -89,7 +94,7 @@ if test $RC != 0 ; then
 fi
 
 echo "Starting slave slapd on TCP/IP port $PORT2..."
-. $CONFFILTER $BACKEND $MONITORDB < $SLAVECONF > $CONF2
+. $CONFFILTER $BACKEND $MONITORDB < $RSLAVECONF > $CONF2
 $SLAPD -f $CONF2 -h $URI2 -d $LVL $TIMING > $LOG2 2>&1 &
 SLAVEPID=$!
 if test $WAIT != 0 ; then
@@ -103,7 +108,7 @@ sleep 1
 echo "Using ldapsearch to check that slave slapd is running..."
 for i in 0 1 2 3 4 5; do
        $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT2 \
-               'objectclass=*' > /dev/null 2>&1
+               '(objectClass=*)' > /dev/null 2>&1
        RC=$?
        if test $RC = 0 ; then
                break
@@ -133,7 +138,7 @@ sleep 1
 echo "Using ldapsearch to check that proxy slapd is running..."
 for i in 0 1 2 3 4 5; do
        $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT3 \
-               'objectclass=*' > /dev/null 2>&1
+               '(objectClass=*)' > /dev/null 2>&1
        RC=$?
        if test $RC = 0 ; then
                break
@@ -164,7 +169,7 @@ sleep 15
 # first check
 #echo "Using ldapsearch to read all the entries from the master..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
-       'objectclass=*' > $MASTEROUT 2>&1
+       '(objectClass=*)' > $MASTEROUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -175,7 +180,7 @@ fi
 
 #echo "Using ldapsearch to read all the entries from the slave..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
-       'objectclass=*' > $SLAVEOUT 2>&1
+       '(objectClass=*)' > $SLAVEOUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -215,7 +220,7 @@ sleep 1
 echo "Using ldapsearch to check that master slapd is running..."
 for i in 0 1 2 3 4 5; do
        $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
-               'objectclass=*' > /dev/null 2>&1
+               '(objectClass=*)' > /dev/null 2>&1
        RC=$?
        if test $RC = 0 ; then
                break
@@ -323,7 +328,7 @@ sleep 15
 # second check
 #echo "Using ldapsearch to read all the entries from the master..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
-       'objectclass=*' > $MASTEROUT 2>&1
+       '(objectClass=*)' > $MASTEROUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -334,7 +339,7 @@ fi
 
 #echo "Using ldapsearch to read all the entries from the slave..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
-       'objectclass=*' > $SLAVEOUT 2>&1
+       '(objectClass=*)' > $SLAVEOUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -373,9 +378,16 @@ dn: cn=James T. Kirk, ou=Retired, ou=People, dc=example,dc=com
 changetype: add
 objectclass: OpenLDAPperson
 sn: Kirk
-uid: jkirk
+uid: jtk
 cn: James T. Kirk
 
+dn: cn=Tiberius J. Hooker, ou=Retired, ou=People, dc=example,dc=com
+changetype: add
+objectclass: OpenLDAPperson
+sn: Hooker
+uid: tjh
+cn: Tiberius J. Hooker
+
 EOMODS
 
 echo "Restarting proxy..."
@@ -394,7 +406,7 @@ sleep 25
 # third check
 #echo "Using ldapsearch to read all the entries from the master..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
-       'objectclass=*' > $MASTEROUT 2>&1
+       '(objectClass=*)' > $MASTEROUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -405,7 +417,7 @@ fi
 
 #echo "Using ldapsearch to read all the entries from the slave..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
-       'objectclass=*' > $SLAVEOUT 2>&1
+       '(objectClass=*)' > $SLAVEOUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -454,7 +466,7 @@ fi
 # fourth check
 #echo "Using ldapsearch to read all the entries from the master..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
-       'objectclass=*' > $MASTEROUT 2>&1
+       '(objectClass=*)' > $MASTEROUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -465,7 +477,7 @@ fi
 
 #echo "Using ldapsearch to read all the entries from the slave..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
-       'objectclass=*' > $SLAVEOUT 2>&1
+       '(objectClass=*)' > $SLAVEOUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -518,7 +530,7 @@ sleep 25
 # fifth check
 #echo "Using ldapsearch to read all the entries from the master..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
-       'objectclass=*' > $MASTEROUT 2>&1
+       '(objectClass=*)' > $MASTEROUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -529,7 +541,7 @@ fi
 
 #echo "Using ldapsearch to read all the entries from the slave..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
-       'objectclass=*' > $SLAVEOUT 2>&1
+       '(objectClass=*)' > $SLAVEOUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -556,7 +568,7 @@ fi
 #
 # Modifications known to fail
 #
-
+echo "(DEVEL) Performing modifications that are known to fail..."
 $LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \
        $TESTOUT 2>&1 << EOMODS
 # First, back out previous change
@@ -565,7 +577,7 @@ changetype: modify
 delete: drink
 drink: Mad Dog 20/20
 
-# From now on, place modifications that are known to fail
+# From now on, perform modifications that are known to fail
 dn: cn=All Staff,ou=Groups,dc=example,dc=com
 changetype: modify
 delete: description
@@ -585,7 +597,7 @@ sleep 15
 # sixth check
 #echo "Using ldapsearch to read all the entries from the master..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
-       'objectclass=*' > $MASTEROUT 2>&1
+       '(objectClass=*)' > $MASTEROUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then
@@ -596,7 +608,7 @@ fi
 
 #echo "Using ldapsearch to read all the entries from the slave..."
 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
-       'objectclass=*' > $SLAVEOUT 2>&1
+       '(objectClass=*)' > $SLAVEOUT 2>&1
 RC=$?
 
 if test $RC != 0 ; then