From 7c28aa058c9d98147385c60729759d4c30734bfe Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Sun, 12 Dec 1999 18:45:06 +0000 Subject: [PATCH] Add password check and generation check. Modify tests to use -h "ldap://localhost:port/" instead of -p port. --- doc/man/man8/slapd.8 | 21 ----- servers/slapd/daemon.c | 19 ++--- servers/slapd/main.c | 56 +------------ servers/slapd/proto-slap.h | 2 +- servers/slapd/slap.h | 2 +- tests/data/passwd.ldif | 28 +++++++ tests/data/slapd-bdb2-pw.conf | 39 +++++++++ tests/data/slapd-pw.conf | 39 +++++++++ tests/scripts/defines.sh | 7 ++ tests/scripts/test001-slapadd | 2 +- tests/scripts/test002-populate | 2 +- tests/scripts/test003-search | 2 +- tests/scripts/test004-modify | 2 +- tests/scripts/test005-modrdn | 2 +- tests/scripts/test006-acls | 2 +- tests/scripts/test007-replication | 4 +- tests/scripts/test008-concurrency | 2 +- tests/scripts/test009-referral | 4 +- tests/scripts/test010-passwd | 131 ++++++++++++++++++++++++++++++ 19 files changed, 267 insertions(+), 99 deletions(-) create mode 100644 tests/data/passwd.ldif create mode 100644 tests/data/slapd-bdb2-pw.conf create mode 100644 tests/data/slapd-pw.conf create mode 100755 tests/scripts/test010-passwd diff --git a/doc/man/man8/slapd.8 b/doc/man/man8/slapd.8 index 77218f6f1c..07e33f710e 100644 --- a/doc/man/man8/slapd.8 +++ b/doc/man/man8/slapd.8 @@ -9,8 +9,6 @@ slapd \- Stand-alone LDAP Daemon .B [\-f slapd\-config\-file] .B [\-h URLs] .B [\-d debug\-level] -.B [\-p port\-number] -.B [\-P tls\-port\-number] .B [\-s syslog\-level] [\-l syslog\-local\-user] .B [\-u user] [\-g group] .B @@ -112,25 +110,6 @@ a DN or other optional parameters. Hosts may be specified in either Internet '.' format (preferred) or by name. Ports, if specfied, must be numeric. .TP -.BI \-p " port\-number" -.B slapd -will use on the default port (389) for LDAP URLs unless this -option is given to override the default. -A numeric port number is expected. -.TP -.BI \-P " tls\-port\-number" -.B slapd -will use on the default port (636) for LDAPS (LDAP over TLS) URLs -unless this option is given to override the default. A numeric port -number is expected. -.TP -.BI \-P " port\-number" -Changes the port where -.B slapd -will expect LDAP over raw TLS connections. If this option is not given, -the default port for this purpose (636) will be used. A numeric port -number is expected. -.TP .BI \-u " user" .B slapd will run slapd with the specified user name or id, and that user's diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c index f49a339689..bcae0d3fb6 100644 --- a/servers/slapd/daemon.c +++ b/servers/slapd/daemon.c @@ -177,17 +177,14 @@ static void slapd_close(ber_socket_t s) { } -static Listener * -open_listener( - const char* url, - int port, - int tls_port ) +static Listener * open_listener( const char* url ) { int tmp, rc; Listener l; Listener *li; LDAPURLDesc *lud; char *s; + int port; rc = ldap_url_parse( url, &lud ); @@ -208,14 +205,14 @@ open_listener( } if(! lud->lud_port ) { - lud->lud_port = port; + lud->lud_port = LDAP_PORT; } #else l.sl_is_tls = lud->lud_ldaps; if(! lud->lud_port ) { - lud->lud_port = lud->lud_ldaps ? tls_port : port; + lud->lud_port = lud->lud_ldaps ? LDAPS_PORT : LDAP_PORT; } #endif @@ -333,7 +330,7 @@ open_listener( static int sockinit(void); static int sockdestroy(void); -int slapd_daemon_init(char *urls, int port, int tls_port ) +int slapd_daemon_init( char *urls ) { int i, rc; char **u; @@ -342,8 +339,8 @@ int slapd_daemon_init(char *urls, int port, int tls_port ) assert( tls_port == 0 ); #endif - Debug( LDAP_DEBUG_ARGS, "daemon_init: %s (%d/%d)\n", - urls ? urls : "", port, tls_port ); + Debug( LDAP_DEBUG_ARGS, "daemon_init: %s\n", + urls ? urls : "", 0, 0 ); if( (rc = sockinit()) != 0 ) { return rc; @@ -408,7 +405,7 @@ int slapd_daemon_init(char *urls, int port, int tls_port ) slap_listeners = ch_malloc( (i+1)*sizeof(Listener *) ); for(i = 0; u[i] != NULL; i++ ) { - slap_listeners[i] = open_listener( u[i], port, tls_port ); + slap_listeners[i] = open_listener( u[i] ); if( slap_listeners[i] == NULL ) { charray_free( u ); diff --git a/servers/slapd/main.c b/servers/slapd/main.c index 6d271d7438..3176411796 100644 --- a/servers/slapd/main.c +++ b/servers/slapd/main.c @@ -116,10 +116,6 @@ usage( char *name ) "\t-n NTserviceName\tNT service name\n" #endif - "\t-p port\tLDAP Port\n" -#ifdef HAVE_TLS - "\t-P port\tLDAP over TLS Port\n" -#endif "\t-s level\tSyslog Level\n" #ifdef SLAPD_BDB2 "\t-t\t\tEnable BDB2 timing\n" @@ -158,13 +154,6 @@ int main( int argc, char **argv ) char *serverName; int serverMode = SLAP_SERVER_MODE; - int port = LDAP_PORT; -#ifdef HAVE_TLS - int tls_port = LDAPS_PORT; -#else - int tls_port = 0; -#endif - #ifdef CSRIMALLOC FILE *leakfile; if( ( leakfile = fopen( "slapd.leak", "w" )) == NULL ) { @@ -184,20 +173,6 @@ int main( int argc, char **argv ) CommenceStartupProcessing( NTservice, slap_sig_shutdown ); } - i = (int*)getRegParam( NULL, "Port" ); - if ( i != NULL ) - { - port = *i; - Debug ( LDAP_DEBUG_ANY, "new port from registry is: %d\n", port, 0, 0 ); - } -#ifdef HAVE_TLS - i = (int*)getRegParam( NULL, "TLSPort" ); - if ( i != NULL ) - { - tls_port = *i; - Debug ( LDAP_DEBUG_ANY, "new TLS port from registry is: %d\n", tls_port, 0, 0 ); - } -#endif i = (int*)getRegParam( NULL, "DebugLevel" ); if ( i != NULL ) { @@ -214,7 +189,7 @@ int main( int argc, char **argv ) #endif while ( (i = getopt( argc, argv, - "d:f:h:p:s:" + "d:f:h:s:" #ifdef LOG_LOCAL4 "l:" #endif @@ -229,9 +204,6 @@ int main( int argc, char **argv ) #endif #ifdef HAVE_NT_EVENT_LOG "n:" -#endif -#ifdef HAVE_TLS - "P:" #endif )) != EOF ) { switch ( i ) { @@ -255,30 +227,6 @@ int main( int argc, char **argv ) configfile = ch_strdup( optarg ); break; - case 'p': { /* port on which to listen */ - int p = atoi( optarg ); - if(! p ) { - fprintf(stderr, "-p %s must be numeric\n", optarg); - } else if( p < 0 || p >= 1<<16) { - fprintf(stderr, "-p %s invalid\n", optarg); - } else { - port = p; - } - } break; - -#ifdef HAVE_TLS - case 'P': { /* port on which to listen for TLS */ - int p = atoi( optarg ); - if(! p ) { - fprintf(stderr, "-P %s must be numeric\n", optarg); - } else if( p < 0 || p >= 1<<16) { - fprintf(stderr, "-P %s invalid\n", optarg); - } else { - tls_port = p; - } - } break; -#endif - case 's': /* set syslog level */ ldap_syslog = atoi( optarg ); break; @@ -347,7 +295,7 @@ int main( int argc, char **argv ) openlog( serverName, OPENLOG_OPTIONS ); #endif - if( slapd_daemon_init( urls, port, tls_port ) != 0 ) { + if( slapd_daemon_init( urls ) != 0 ) { rc = 1; SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 16 ); goto stop; diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 3b977a22c0..b786933a0e 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -596,7 +596,7 @@ LIBSLAPD_F (int) slap_destroy LDAP_P((void)); struct sockaddr_in; -LIBSLAPD_F (int) slapd_daemon_init( char *urls, int port, int tls_port ); +LIBSLAPD_F (int) slapd_daemon_init( char *urls ); LIBSLAPD_F (int) slapd_daemon_destroy(void); LIBSLAPD_F (int) slapd_daemon(void); diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 88a0b6418e..7d0fd55dfa 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -522,7 +522,7 @@ struct slap_backend_db { slap_access_t be_dfltaccess; /* access given if no acl matches */ char **be_replica; /* replicas of this backend (in master) */ char *be_replogfile; /* replication log file (in master) */ - char *be_update_ndn; /* allowed to make changes (in replicas) */ + char *be_update_ndn; /* allowed to make changes (in replicas) */ struct berval **be_update_refs; /* where to refer modifying clients to */ int be_lastmod; /* keep track of lastmodified{by,time} */ diff --git a/tests/data/passwd.ldif b/tests/data/passwd.ldif new file mode 100644 index 0000000000..a405003ef7 --- /dev/null +++ b/tests/data/passwd.ldif @@ -0,0 +1,28 @@ +dn: o=University of Michigan, c=US +objectclass: top +objectclass: organization +o: University of Michigan + +dn: cn=md5, o=University of Michigan, c=US +objectclass: top +objectclass: person +cn: md5 +userpassword:: e01ENX1YcjRpbE96UTRQQ09xM2FRMHFidWFRPT0= + +dn: cn=smd5, o=University of Michigan, c=US +objectclass: top +objectclass: person +cn: smd5 +userpassword: secret + +dn: cn=sha, o=University of Michigan, c=US +objectclass: top +objectclass: person +cn: sha +userpassword:: e1NIQX01ZW42RzZNZXpScm9UM1hLcWtkUE9tWS9CZlE9 + +dn: cn=ssha, o=University of Michigan, c=US +objectclass: top +objectclass: person +cn: ssha +userpassword: secret diff --git a/tests/data/slapd-bdb2-pw.conf b/tests/data/slapd-bdb2-pw.conf new file mode 100644 index 0000000000..bc8761f26e --- /dev/null +++ b/tests/data/slapd-bdb2-pw.conf @@ -0,0 +1,39 @@ +# $OpenLDAP$ +# +# master slapd config -- for testing +# +include ./data/slapd.at.conf +include ./data/slapd.oc.conf +schemacheck off +pidfile ./test-db/slapd.pid +argsfile ./test-db/slapd.args + +# password-hash {md5} + +####################################################################### +# ldbm database definitions +####################################################################### + +database ldbm +cachesize 0 +suffix "o=University of Michigan, c=US" +directory ./test-db +rootdn "cn=Manager, o=University of Michigan, c=US" +rootpw secret +index cn,sn,uid pres,eq,approx +index default none +lastmod on +defaultaccess none + +# +# normal installations should protect root dse, +# cn=monitor, cn=schema, and cn=config +# + +access to attr=userpassword + by anonymous auth + by self write + +access to * + by self write + by * read diff --git a/tests/data/slapd-pw.conf b/tests/data/slapd-pw.conf new file mode 100644 index 0000000000..bc8761f26e --- /dev/null +++ b/tests/data/slapd-pw.conf @@ -0,0 +1,39 @@ +# $OpenLDAP$ +# +# master slapd config -- for testing +# +include ./data/slapd.at.conf +include ./data/slapd.oc.conf +schemacheck off +pidfile ./test-db/slapd.pid +argsfile ./test-db/slapd.args + +# password-hash {md5} + +####################################################################### +# ldbm database definitions +####################################################################### + +database ldbm +cachesize 0 +suffix "o=University of Michigan, c=US" +directory ./test-db +rootdn "cn=Manager, o=University of Michigan, c=US" +rootpw secret +index cn,sn,uid pres,eq,approx +index default none +lastmod on +defaultaccess none + +# +# normal installations should protect root dse, +# cn=monitor, cn=schema, and cn=config +# + +access to attr=userpassword + by anonymous auth + by self write + +access to * + by self write + by * read diff --git a/tests/scripts/defines.sh b/tests/scripts/defines.sh index b10db01358..864692e605 100755 --- a/tests/scripts/defines.sh +++ b/tests/scripts/defines.sh @@ -6,6 +6,7 @@ PROGDIR=./progs if test "$BACKEND" = "bdb2" ; then CONF=$DATADIR/slapd-bdb2-master.conf + PWCONF=$DATADIR/slapd-bdb2-pw.conf ACLCONF=$DATADIR/slapd-bdb2-acl.conf MASTERCONF=$DATADIR/slapd-bdb2-repl-master.conf SLAVECONF=$DATADIR/slapd-bdb2-repl-slave.conf @@ -13,6 +14,7 @@ if test "$BACKEND" = "bdb2" ; then TIMING="-t" else CONF=$DATADIR/slapd-master.conf + PWCONF=$DATADIR/slapd-pw.conf ACLCONF=$DATADIR/slapd-acl.conf MASTERCONF=$DATADIR/slapd-repl-master.conf SLAVECONF=$DATADIR/slapd-repl-slave.conf @@ -32,6 +34,7 @@ LDIF2LDBM="../servers/slapd/tools/slapadd $LDAP_VERBOSE" SLAPD=../servers/slapd/slapd SLURPD=../servers/slurpd/slurpd +LDAPPASSWD="$CLIENTDIR/ldappasswd" LDAPSEARCH="$CLIENTDIR/ldapsearch $PROTO -LLL" LDAPMODIFY="$CLIENTDIR/ldapmodify $PROTO" LDAPADD="$CLIENTDIR/ldapadd $PROTO" @@ -41,10 +44,14 @@ LVL=${SLAPD_DEBUG-5} ADDR=127.0.0.1 PORT=9009 SLAVEPORT=9010 +MASTERURI="ldap://localhost:$PORT/" +SLAVEURI="ldap://localhost:$SLAVEPORT/" DBDIR=./test-db REPLDIR=./test-repl LDIF=$DATADIR/test.ldif LDIFORDERED=$DATADIR/test-ordered.ldif +LDIFPASSWD=$DATADIR/passwd.ldif +LDIFPASSWDOUT=$DATADIR/passwd-out.ldif MONITOR="cn=monitor" BASEDN="o=University of Michigan, c=US" MANAGERDN="cn=Manager, o=University of Michigan, c=US" diff --git a/tests/scripts/test001-slapadd b/tests/scripts/test001-slapadd index 36b3b116cb..dc6d9fc2b0 100755 --- a/tests/scripts/test001-slapadd +++ b/tests/scripts/test001-slapadd @@ -29,7 +29,7 @@ if test $RC != 0 ; then fi echo "Starting slapd on TCP/IP port $PORT..." -$SLAPD -f $CONF -p $PORT -d $LVL $TIMING > $MASTERLOG 2>&1 & +$SLAPD -f $CONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 & PID=$! echo "Using ldapsearch to retrieve all the entries..." diff --git a/tests/scripts/test002-populate b/tests/scripts/test002-populate index dc358a980e..74f0579e23 100755 --- a/tests/scripts/test002-populate +++ b/tests/scripts/test002-populate @@ -18,7 +18,7 @@ echo "Cleaning up in $DBDIR..." rm -f $DBDIR/[!C]* echo "Starting slapd on TCP/IP port $PORT..." -$SLAPD -f $CONF -p $PORT -d $LVL $TIMING > $MASTERLOG 2>&1 & +$SLAPD -f $CONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 & PID=$! echo "Using ldapsearch to check that slapd is running..." diff --git a/tests/scripts/test003-search b/tests/scripts/test003-search index 9fcf18b711..7a061dba83 100755 --- a/tests/scripts/test003-search +++ b/tests/scripts/test003-search @@ -26,7 +26,7 @@ if test $RC != 0 ; then fi echo "Starting slapd on TCP/IP port $PORT..." -$SLAPD -f $CONF -p $PORT -d $LVL $TIMING > $MASTERLOG 2>&1 & +$SLAPD -f $CONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 & PID=$! echo "Testing slapd searching..." diff --git a/tests/scripts/test004-modify b/tests/scripts/test004-modify index beb69b038f..42cfdb2ea3 100755 --- a/tests/scripts/test004-modify +++ b/tests/scripts/test004-modify @@ -26,7 +26,7 @@ if test $RC != 0 ; then fi echo "Starting slapd on TCP/IP port $PORT..." -$SLAPD -f $CONF -p $PORT -d $LVL $TIMING > $MASTERLOG 2>&1 & +$SLAPD -f $CONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 & PID=$! echo "Testing slapd modify operations..." diff --git a/tests/scripts/test005-modrdn b/tests/scripts/test005-modrdn index d53673ed1c..f4dedf48fc 100755 --- a/tests/scripts/test005-modrdn +++ b/tests/scripts/test005-modrdn @@ -26,7 +26,7 @@ if test $RC != 0 ; then fi echo "Starting slapd on TCP/IP port $PORT..." -$SLAPD -f $CONF -p $PORT -d $LVL $TIMING > $MASTERLOG 2>&1 & +$SLAPD -f $CONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 & PID=$! echo "Testing slapd modrdn operations..." diff --git a/tests/scripts/test006-acls b/tests/scripts/test006-acls index 4b2f5b5fc0..d4d1b49003 100755 --- a/tests/scripts/test006-acls +++ b/tests/scripts/test006-acls @@ -26,7 +26,7 @@ if test $RC != 0 ; then fi echo "Starting slapd on TCP/IP port $PORT..." -$SLAPD -f $ACLCONF -p $PORT -d $LVL $TIMING > $MASTERLOG 2>&1 & +$SLAPD -f $ACLCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 & PID=$! echo "Testing slapd access control..." diff --git a/tests/scripts/test007-replication b/tests/scripts/test007-replication index 3dd64a892d..0a26dafbcb 100755 --- a/tests/scripts/test007-replication +++ b/tests/scripts/test007-replication @@ -35,11 +35,11 @@ echo "Cleaning up in $REPLDIR..." rm -f $REPLDIR/[!C]* echo "Starting master slapd on TCP/IP port $PORT..." -$SLAPD -f $MASTERCONF -p $PORT -d $LVL $TIMING > $MASTERLOG 2>&1 & +$SLAPD -f $MASTERCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 & PID=$! echo "Starting slave slapd on TCP/IP port $SLAVEPORT..." -$SLAPD -f $SLAVECONF -p $SLAVEPORT -d $LVL $TIMING > $SLAVELOG 2>&1 & +$SLAPD -f $SLAVECONF -h $SLAVEURI -d $LVL $TIMING > $SLAVELOG 2>&1 & SLAVEPID=$! echo "Using ldapsearch to check that master slapd is running..." diff --git a/tests/scripts/test008-concurrency b/tests/scripts/test008-concurrency index ce874511aa..e221bbed98 100755 --- a/tests/scripts/test008-concurrency +++ b/tests/scripts/test008-concurrency @@ -32,7 +32,7 @@ echo "Waiting 5 seconds for slapadd to build slapd database..." sleep 5 echo "Starting slapd on TCP/IP port $PORT..." -$SLAPD -f $CONF -p $PORT -d $LVL $TIMING > $MASTERLOG 2>&1 & +$SLAPD -f $CONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 & PID=$! echo "Using ldapsearch to check that slapd is running..." diff --git a/tests/scripts/test009-referral b/tests/scripts/test009-referral index ccd848444e..cf339e7615 100755 --- a/tests/scripts/test009-referral +++ b/tests/scripts/test009-referral @@ -31,11 +31,11 @@ if test $RC != 0 ; then fi echo "Starting master slapd on TCP/IP port $PORT..." -$SLAPD -f $CONF -p $PORT -d $LVL $TIMING > $MASTERLOG 2>&1 & +$SLAPD -f $CONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 & PID=$! echo "Starting slave slapd on TCP/IP port $SLAVEPORT..." -$SLAPD -f $REFSLAVECONF -p $SLAVEPORT -d $LVL $TIMING > $SLAVELOG 2>&1 & +$SLAPD -f $REFSLAVECONF -h $SLAVEURI -d $LVL $TIMING > $SLAVELOG 2>&1 & SLAVEPID=$! echo "Testing for master slapd..." diff --git a/tests/scripts/test010-passwd b/tests/scripts/test010-passwd new file mode 100755 index 0000000000..3d71698224 --- /dev/null +++ b/tests/scripts/test010-passwd @@ -0,0 +1,131 @@ +#! /bin/sh +# $OpenLDAP$ + +if test $# -eq 0 ; then + SRCDIR="." +else + SRCDIR=$1; shift +fi +if test $# -eq 1 ; then + BACKEND=$1; shift +fi + +echo "running defines.sh $SRCDIR $BACKEND" +. $SRCDIR/scripts/defines.sh + +echo "Cleaning up in $DBDIR..." + +rm -f $DBDIR/[!C]* + +echo "Starting slapd on TCP/IP port $PORT..." +$SLAPD -f $PWCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 & +PID=$! + +echo "Using ldapsearch to check that slapd is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -h localhost -p $PORT \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 1 ; then + echo "Waiting 5 seconds for slapd to start..." + sleep 5 + fi +done + +echo "Using ldapadd to populate the database..." +$LDAPADD -D "$MANAGERDN" -h localhost -p $PORT -w $PASSWD < \ + $LDIFPASSWD > $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed!" + kill -HUP $PID + exit $RC +fi + +echo > $SEARCHOUT +echo > $TESTOUT + +echo "Using ldapsearch to verify population ..." +echo "++ Initial search" >> $SEARCHOUT +$LDAPSEARCH -h localhost -p $PORT \ + -D "$MANAGERDN" -w $PASSWD \ + -b "$BASEDN" \ + 'objectclass=*' >> $SEARCHOUT 2>&1 + +echo "Using ldappasswd (PASS 1) ..." +echo "Pass 1" >> $TESTOUT +$LDAPPASSWD -h localhost -p $PORT \ + -w secret -s newsecret \ + "cn=md5, $BASEDN" >> $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldappasswd failed!" + kill -HUP $PID + exit $RC +fi +$LDAPPASSWD -h localhost -p $PORT \ + -w secret -s newsecret \ + "cn=smd5, $BASEDN" >> $TESTOUT 2>&1 +if test $RC != 0 ; then + echo "ldappasswd failed!" + kill -HUP $PID + exit $RC +fi +$LDAPPASSWD -h localhost -p $PORT \ + -w secret -s newsecret \ + "cn=sha, $BASEDN" >> $TESTOUT 2>&1 +if test $RC != 0 ; then + echo "ldappasswd failed!" + kill -HUP $PID + exit $RC +fi +$LDAPPASSWD -h localhost -p $PORT \ + -w secret -s newsecret \ + "cn=ssha, $BASEDN" >> $TESTOUT 2>&1 +if test $RC != 0 ; then + echo "ldappasswd failed!" + kill -HUP $PID + exit $RC +fi + +echo "" >> $TESTOUT +echo "Pass 2" >> $TESTOUT +echo "Using ldappasswd (PASS 2) ..." +$LDAPPASSWD -h localhost -p $PORT \ + -w newsecret \ + "cn=md5, $BASEDN" >> $TESTOUT 2>&1 +if test $RC != 0 ; then + echo "ldappasswd failed!" + kill -HUP $PID + exit $RC +fi +$LDAPPASSWD -h localhost -p $PORT \ + -w newsecret \ + "cn=smd5, $BASEDN" >> $TESTOUT 2>&1 +if test $RC != 0 ; then + echo "ldappasswd failed!" + kill -HUP $PID + exit $RC +fi +$LDAPPASSWD -h localhost -p $PORT \ + -w newsecret \ + "cn=sha, $BASEDN" >> $TESTOUT 2>&1 +if test $RC != 0 ; then + echo "ldappasswd failed!" + kill -HUP $PID + exit $RC +fi +$LDAPPASSWD -h localhost -p $PORT \ + -w newsecret \ + "cn=ssha, $BASEDN" >> $TESTOUT 2>&1 +if test $RC != 0 ; then + echo "ldappasswd failed!" + kill -HUP $PID + exit $RC +fi + +kill -HUP $PID + +echo ">>>>> Test succeeded" + +exit 0 -- 2.39.5