diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 11:11:40 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 11:11:40 +0000 |
commit | 7731832751ab9f3c6ddeb66f186d3d7fa1934a6d (patch) | |
tree | e91015872543a59be2aad26c2fea02e41b57005d /tests/scripts/test032-chain | |
parent | Initial commit. (diff) | |
download | openldap-1a00339458686feff01d4a8e157da4800292a9af.tar.xz openldap-1a00339458686feff01d4a8e157da4800292a9af.zip |
Adding upstream version 2.4.57+dfsg.upstream/2.4.57+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'tests/scripts/test032-chain')
-rwxr-xr-x | tests/scripts/test032-chain | 338 |
1 files changed, 338 insertions, 0 deletions
diff --git a/tests/scripts/test032-chain b/tests/scripts/test032-chain new file mode 100755 index 0000000..9611dd9 --- /dev/null +++ b/tests/scripts/test032-chain @@ -0,0 +1,338 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2021 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +if test $BACKLDAP = "ldapno" ; then + echo "LDAP backend not available, test skipped" + exit 0 +fi + +rm -rf $TESTDIR + +mkdir -p $TESTDIR $DBDIR1 $DBDIR2 + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND $MONITORDB < $CHAINCONF1 > $ADDCONF +. $CONFFILTER < $LDIFCHAIN1 > $SEARCHOUT +$SLAPADD -f $ADDCONF -l $SEARCHOUT +RC=$? +if test $RC != 0 ; then + echo "slapadd 1 failed ($RC)!" + exit $RC +fi + +. $CONFFILTER $BACKEND $MONITORDB < $CHAINCONF2 > $ADDCONF +. $CONFFILTER < $LDIFCHAIN2 > $SEARCHOUT +$SLAPADD -f $ADDCONF -l $SEARCHOUT +RC=$? +if test $RC != 0 ; then + echo "slapadd 2 failed ($RC)!" + exit $RC +fi + +echo "Starting first slapd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND $MONITORDB < $CHAINCONF1 > $CONF1 +$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 & +PID1=$! +if test $WAIT != 0 ; then + echo PID $PID1 + read foo +fi +KILLPIDS="$PID1" + +echo "Starting second slapd on TCP/IP port $PORT2..." +. $CONFFILTER $BACKEND $MONITORDB < $CHAINCONF2 > $CONF2 +$SLAPD -f $CONF2 -h $URI2 -d $LVL $TIMING > $LOG2 2>&1 & +PID2=$! +if test $WAIT != 0 ; then + echo PID $PID2 + read foo +fi + +KILLPIDS="$KILLPIDS $PID2" + +sleep 1 + +echo "Using ldapsearch to check that first slapd is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting 5 seconds for slapd to start..." + sleep 5 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Using ldapsearch to check that second slapd is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT2 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting 5 seconds for slapd to start..." + sleep 5 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +for P in $PORT1 $PORT2 ; do + echo "Testing ldapsearch as anonymous for \"$BASEDN\" on port $P..." + $LDAPSEARCH -h $LOCALHOST -p $P -b "$BASEDN" -S "" \ + > $SEARCHOUT 2>&1 + + RC=$? + if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + fi + + echo "Filtering ldapsearch results..." + $LDIFFILTER < $SEARCHOUT > $SEARCHFLT + echo "Filtering original ldif used to create database..." + $LDIFFILTER < $CHAINOUT > $LDIFFLT + echo "Comparing filter output..." + $CMP $SEARCHFLT $LDIFFLT > $CMPOUT + + if test $? != 0 ; then + echo "comparison failed - chained search didn't succeed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + fi + + echo "Reading the referral entry \"ou=Other,$BASEDN\" as anonymous on port $P..." + $LDAPSEARCH -h $LOCALHOST -p $P -b "ou=Other,$BASEDN" -S "" \ + > $SEARCHOUT 2>&1 + + RC=$? + if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + fi + + echo "Filtering ldapsearch results..." + $LDIFFILTER < $SEARCHOUT > $SEARCHFLT + echo "Filtering original ldif used to create database..." + $LDIFFILTER < $CHAINREFOUT > $LDIFFLT + echo "Comparing filter output..." + $CMP $SEARCHFLT $LDIFFLT > $CMPOUT + + if test $? != 0 ; then + echo "comparison failed - chained search didn't succeed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + fi + + DN="cn=Mark Elliot,ou=Alumni Association,ou=People,$BASEDN" + echo "Comparing \"$DN\" on port $P..." + $LDAPCOMPARE -h $LOCALHOST -p $P "$DN" "cn:Mark Elliot" \ + > $TESTOUT 2>&1 + + RC=$? + if test $RC != 6 && test $RC,$BACKEND != 5,null ; then + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + fi + + DN="ou=Other,$BASEDN" + echo "Comparing \"$DN\" on port $P with manageDSAit control..." + $LDAPCOMPARE -h $LOCALHOST -p $P -M "$DN" "ou:Other" \ + > $TESTOUT 2>&1 + + RC=$? + if test $RC != 6 && test $RC,$BACKEND != 5,null ; then + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + fi +done + +# +# Testing writes to first server +# +echo "Writing to first server with scope on second server..." +$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ + $TESTOUT 2>&1 << EOMODS +dn: cn=New Group,ou=Groups,dc=example,dc=com +changetype: add +objectClass: groupOfNames +cn: New Group +member: + +dn: cn=New Group,ou=Groups,dc=example,dc=com +changetype: modify +add: description +description: testing chain overlay writes... +- +replace: member +member: cn=New Group,ou=Groups,dc=example,dc=com +member: cn=Manager,dc=example,dc=com +- +add: owner +owner: cn=Manager,dc=example,dc=com +- + +dn: cn=New Group,ou=Groups,dc=example,dc=com +changetype: modrdn +newrdn: cn=Renamed Group +deleteoldrdn: 1 + +dn: cn=All Staff,ou=Groups,dc=example,dc=com +changetype: delete +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +# +# Testing writes to second server +# +echo "Writing to second server with scope on first server..." +$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT2 -w $PASSWD > \ + $TESTOUT 2>&1 << EOMODS +dn: cn=New User,ou=People,dc=example,dc=com +changetype: add +objectClass: person +cn: New User +sn: User +seeAlso: cn=New Group,ou=Groups,dc=example,dc=com + +dn: cn=New User,ou=People,dc=example,dc=com +changetype: modify +add: description +description: testing chain overlay writes... +- +replace: seeAlso +seeAlso: cn=Renamed Group,ou=Groups,dc=example,dc=com +- + +dn: cn=New User,ou=People,dc=example,dc=com +changetype: modrdn +newrdn: cn=Renamed User +deleteoldrdn: 1 + +dn: cn=Ursula Hampster,ou=Alumni Association,ou=People,dc=example,dc=com +changetype: delete +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +for P in $PORT1 $PORT2 ; do + echo "Testing ldapsearch as anonymous for \"$BASEDN\" on port $P..." + $LDAPSEARCH -h $LOCALHOST -p $P -b "$BASEDN" -S "" \ + > $SEARCHOUT 2>&1 + + RC=$? + if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + fi + + echo "Filtering ldapsearch results..." + $LDIFFILTER < $SEARCHOUT > $SEARCHFLT + echo "Filtering original ldif used to create database..." + $LDIFFILTER < $CHAINMODOUT > $LDIFFLT + echo "Comparing filter output..." + $CMP $SEARCHFLT $LDIFFLT > $CMPOUT + + if test $? != 0 ; then + echo "comparison failed - chained search didn't succeed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + fi +done + +NEWPW=newsecret +echo "Using ldappasswd on second server with scope on first server..." +$LDAPPASSWD -h $LOCALHOST -p $PORT2 \ + -w secret -s $NEWPW \ + -D "$MANAGERDN" "$BJORNSDN" >> $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldappasswd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Binding with newly changed password on first server..." +$LDAPWHOAMI -h $LOCALHOST -p $PORT1 \ + -D "$BJORNSDN" -w $NEWPW +RC=$? +if test $RC != 0 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +# ITS#57?? +$LDAPADD -h $LOCALHOST -p $PORT1 \ + -D "$MANAGERDN" -w secret \ + >> $TESTOUT 2>&1 \ + << EOMODS +dn: ou=Can't Contact,dc=example,dc=com +changetype: add +objectclass: referral +objectclass: extensibleobject +ou: Can't Contact +# invalid URI to test broken connectivity handling (search only) +ref: ${URI3}ou=Can't%20Contact,dc=example,dc=com +EOMODS + +echo "Reading the referral entry \"ou=Can't Contact,$BASEDN\" as anonymous on port $PORT1..." +$LDAPSEARCH -h $LOCALHOST -p $PORT1 -b "$BASEDN" -S "" "(cn=Can't Contact)" \ + > $SEARCHOUT 2>&1 + +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 |