3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 ## Copyright 1998-2017 The OpenLDAP Foundation.
6 ## All rights reserved.
8 ## Redistribution and use in source and binary forms, with or without
9 ## modification, are permitted only as authorized by the OpenLDAP
12 ## A copy of this license is available in the file LICENSE in the
13 ## top-level directory of the distribution or, alternatively, at
14 ## <http://www.OpenLDAP.org/license.html>.
16 echo "running defines.sh"
17 . $SRCDIR/scripts/defines.sh
19 if test $SYNCPROV = syncprovno; then
20 echo "Syncrepl provider overlay not available, test skipped"
25 echo " This test tracks a case where a consumer fails to replicate from the provider"
26 echo " when the provider is dynamically configured for replication."
27 echo " See http://www.openldap.org/its/index.cgi/?findid=8521 and"
28 echo " See http://www.openldap.org/its/index.cgi/?findid=8281 for more information."
36 mkdir -p $TESTDIR $DBDIR1 $DBDIR2 $PRODIR $CONDIR $CFPRO $CFCON
38 $SLAPPASSWD -g -n >$CONFIGPWF
41 ITSDIR=$DATADIR/regressions/its$ITS
43 echo "Starting provider slapd on TCP/IP port $PORT1..."
44 . $CONFFILTER $BACKEND $MONITORDB < $ITSDIR/slapd-provider.ldif > $CONFLDIF
45 $SLAPADD -F $CFPRO -n 0 -l $CONFLDIF
46 $SLAPD -F $CFPRO -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
48 if test $WAIT != 0 ; then
56 echo "Using ldapsearch to check that provider slapd is running..."
57 for i in 0 1 2 3 4 5; do
58 $LDAPSEARCH -s base -b "" -H $URI1 \
59 'objectclass=*' > /dev/null 2>&1
61 if test $RC = 0 ; then
64 echo "Waiting 5 seconds for slapd to start..."
68 if test $RC != 0 ; then
69 echo "ldapsearch failed ($RC)!"
70 test $KILLSERVERS != no && kill -HUP $KILLPIDS
74 echo "Starting consumer slapd on TCP/IP port $PORT2..."
75 . $CONFFILTER $BACKEND $MONITORDB < $ITSDIR/slapd-consumer.ldif > $CONFLDIF
76 $SLAPADD -F $CFCON -n 0 -l $CONFLDIF
77 $SLAPD -F $CFCON -h $URI2 -d $LVL $TIMING > $LOG2 2>&1 &
79 if test $WAIT != 0 ; then
80 echo SLAVEPID $SLAVEPID
83 KILLPIDS="$KILLPIDS $SLAVEPID"
87 echo "Using ldapsearch to check that consumer slapd is running..."
88 for i in 0 1 2 3 4 5; do
89 $LDAPSEARCH -s base -b "" -H $URI2 \
90 'objectclass=*' > /dev/null 2>&1
92 if test $RC = 0 ; then
95 echo "Waiting 5 seconds for slapd to start..."
99 if test $RC != 0 ; then
100 echo "ldapsearch failed ($RC)!"
101 test $KILLSERVERS != no && kill -HUP $KILLPIDS
105 echo "Setting serverID on provider..."
106 $LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
114 if test $RC != 0 ; then
115 echo "ldapmodify failed ($RC)!"
116 test $KILLSERVERS != no && kill -HUP $KILLPIDS
120 echo "Populating database on provider..."
121 $LDAPADD -D $MANAGERDN -H $URI1 -w $PASSWD << EOMODS >> $TESTOUT 2>&1
122 dn: dc=example,dc=com
128 dn: ou=LDAPRoles,dc=example,dc=com
130 objectClass: organizationalUnit
133 dn: dc=users,dc=example,dc=com
139 dn: uid=johndoe,dc=users,dc=example,dc=com
141 objectClass: inetOrgPerson
147 dn: cn=replicator,ou=LDAPRoles,dc=example,dc=com
149 objectClass: simpleSecurityObject
150 objectClass: organizationalRole
156 if test $RC != 0 ; then
157 echo "ldapadd failed ($RC)!"
158 test $KILLSERVERS != no && kill -HUP $KILLPIDS
162 if [ "$SYNCPROV" = syncprovmod ]; then
163 echo "Configuring syncprov module on the provider..."
164 $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1
165 dn: cn=module,cn=config
166 objectClass: olcModuleList
168 olcModulePath: $TESTWD/../servers/slapd/overlays
169 olcModuleLoad: syncprov.la
172 if test $RC != 0 ; then
173 echo "ldapadd failed for moduleLoad ($RC)!"
174 test $KILLSERVERS != no && kill -HUP $KILLPIDS
179 echo "Configuring replication on the provider..."
180 $LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
181 dn: olcOverlay=syncprov,olcDatabase={1}$BACKEND,cn=config
183 objectClass: olcOverlayConfig
184 objectClass: olcConfig
186 objectClass: olcSyncprovConfig
188 olcSpSessionLog: 10000
189 olcSpCheckpoint: 100 10
191 dn: olcDatabase={1}$BACKEND,cn=config
194 olcLimits: dn.exact="cn=replicator,ou=LDAPRoles,dc=example,dc=com"
195 time.soft=unlimited time.hard=unlimited size.soft=unlimited
198 dn: olcDatabase={1}$BACKEND,cn=config
201 olcAccess: {0}to dn.subtree="dc=example,dc=com" by self write
202 by dn.exact="cn=replicator,ou=LDAPRoles,dc=example,dc=com" read
203 by anonymous auth by * read
207 if test $RC != 0 ; then
208 echo "ldapmodify failed ($RC)!"
209 test $KILLSERVERS != no && kill -HUP $KILLPIDS
213 echo "Configuring replication on the consumer..."
214 $LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
215 dn: olcDatabase={1}$BACKEND,cn=config
218 olcSyncrepl: rid=100 provider=$URI1 bindmethod=simple
219 binddn="cn=replicator,ou=LDAPRoles,dc=example,dc=com" credentials=secret
220 type=refreshAndPersist searchbase="dc=example,dc=com" filter="(objectclass=*)"
221 scope=sub schemachecking=on interval=5 retry="5 +" sizeLimit=unlimited
227 if test $RC != 0 ; then
228 echo "ldapmodify failed for olcSyncrepl configuration ($RC)!"
229 test $KILLSERVERS != no && kill -HUP $KILLPIDS
233 echo "Sleeping 10 seconds to allow replication to initiate..."
236 echo "Using ldapsearch to read all the entries from the provider..."
237 $LDAPSEARCH -S "" -D $MANAGERDN -w $PASSWD -b "$BASEDN" -H $URI1 \
238 '(objectclass=*)' '*' $OPATTRS > $MASTEROUT 2>&1
241 if test $RC != 0 ; then
242 echo "ldapsearch failed at provider ($RC)!"
243 test $KILLSERVERS != no && kill -HUP $KILLPIDS
247 echo "Using ldapsearch to read all the entries from the consumer..."
248 $LDAPSEARCH -S "" -D $MANAGERDN -w $PASSWD -b "$BASEDN" -H $URI2 \
249 '(objectclass=*)' '*' $OPATTRS > $SLAVEOUT 2>&1
252 if test $RC != 32 ; then
253 echo "ldapsearch should have failed with error 32. Got $RC instead!"
254 echo "This is a regression of ITS8281"
255 test $KILLSERVERS != no && kill -HUP $KILLPIDS
260 echo "Filtering provider results..."
261 $LDIFFILTER < $MASTEROUT > $MASTERFLT
262 echo "Filtering consumer results..."
263 $LDIFFILTER < $SLAVEOUT > $SLAVEFLT
265 echo "Comparing retrieved entries from provider and consumer..."
266 $CMP $MASTERFLT $SLAVEFLT > $CMPOUT
268 if test $? == 0 ; then
269 echo "test failed - provider and consumer databases match"
270 echo "This is a regression of ITS8281"
271 test $KILLSERVERS != no && kill -HUP $KILLPIDS
275 echo "Modifying provider to force generation of a contextCSN"
276 $LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \
277 $TESTOUT 2>&1 << EOMODS
278 dn: uid=Johndoe,dc=users,dc=example,dc=com
284 echo "Sleeping 30 seconds to allow consumer to reconnect and replicate..."
287 echo "Using ldapsearch to read all the entries from the provider..."
288 $LDAPSEARCH -S "" -D $MANAGERDN -w $PASSWD -b "$BASEDN" -H $URI1 \
289 '(objectclass=*)' '*' $OPATTRS > $MASTEROUT 2>&1
292 if test $RC != 0 ; then
293 echo "ldapsearch failed at provider ($RC)!"
294 test $KILLSERVERS != no && kill -HUP $KILLPIDS
298 echo "Using ldapsearch to read all the entries from the consumer..."
299 $LDAPSEARCH -S "" -D $MANAGERDN -w $PASSWD -b "$BASEDN" -H $URI2 \
300 '(objectclass=*)' '*' $OPATTRS > $SLAVEOUT 2>&1
303 if test $RC != 0 ; then
304 echo "ldapsearch failed at consumer ($RC)!"
305 test $KILLSERVERS != no && kill -HUP $KILLPIDS
310 echo "Filtering provider results..."
311 $LDIFFILTER < $MASTEROUT > $MASTERFLT
312 echo "Filtering consumer results..."
313 $LDIFFILTER < $SLAVEOUT > $SLAVEFLT
315 echo "Comparing retrieved entries from provider and consumer..."
316 $CMP $MASTERFLT $SLAVEFLT > $CMPOUT
318 if test $? != 0 ; then
319 echo "test failed - provider and consumer databases differ"
320 test $KILLSERVERS != no && kill -HUP $KILLPIDS
324 test $KILLSERVERS != no && kill -HUP $KILLPIDS
327 echo ">>>>> Test succeeded"
329 test $KILLSERVERS != no && wait