diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 17:54:12 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 17:54:12 +0000 |
commit | b527294153be3b79563c82c66102adc0004736c0 (patch) | |
tree | 9b423a224848441885190b5ea7cf0feb23510c9d /contrib/slapd-modules/ciboolean | |
parent | Initial commit. (diff) | |
download | openldap-b527294153be3b79563c82c66102adc0004736c0.tar.xz openldap-b527294153be3b79563c82c66102adc0004736c0.zip |
Adding upstream version 2.6.7+dfsg.upstream/2.6.7+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'contrib/slapd-modules/ciboolean')
11 files changed, 792 insertions, 0 deletions
diff --git a/contrib/slapd-modules/ciboolean/Makefile b/contrib/slapd-modules/ciboolean/Makefile new file mode 100644 index 0000000..86fbf06 --- /dev/null +++ b/contrib/slapd-modules/ciboolean/Makefile @@ -0,0 +1,80 @@ +# $OpenLDAP$ +# This work is part of OpenLDAP Software <http://www.openldap.org/>. +# +# Copyright 1998-2022 The OpenLDAP Foundation. +# Copyright 2022 Symas Corp. All Rights Reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted only as authorized by the OpenLDAP +# Public License. +# +# A copy of this license is available in the file LICENSE in the +# top-level directory of the distribution or, alternatively, at +# <http://www.OpenLDAP.org/license.html>. + +LDAP_SRC = ../../.. +LDAP_BUILD = $(LDAP_SRC) +LDAP_INC = -I$(LDAP_BUILD)/include -I$(LDAP_SRC)/include -I$(LDAP_SRC)/servers/slapd +LDAP_LIB = $(LDAP_BUILD)/libraries/libldap/libldap.la \ + $(LDAP_BUILD)/libraries/liblber/liblber.la + +SRCDIR = ./ + +PLAT = UNIX +NT_LIB = -L$(LDAP_BUILD)/servers/slapd -lslapd +NT_LDFLAGS = -no-undefined -avoid-version +UNIX_LDFLAGS = -version-info $(LTVER) + +LIBTOOL = $(LDAP_BUILD)/libtool +INSTALL = /usr/bin/install +CC = gcc +OPT = -g -O2 +DEFS = -DSLAPD_MOD_CIBOOLEAN=SLAPD_MOD_DYNAMIC +INCS = $(LDAP_INC) +LIBS = $($(PLAT)_LIB) $(LDAP_LIB) +LD_FLAGS = $(LDFLAGS) $($(PLAT)_LDFLAGS) -rpath $(moduledir) -module + +PROGRAMS = ciboolean.la +MANPAGES = slapo-ciboolean.5 +LTVER = 0:0:0 +CLEAN = *.o *.lo *.la .libs +prefix=/usr/local +exec_prefix=$(prefix) +ldap_subdir=/openldap + +libdir=$(exec_prefix)/lib +libexecdir=$(exec_prefix)/libexec +moduledir = $(libexecdir)$(ldap_subdir) +mandir = $(exec_prefix)/share/man +man5dir = $(mandir)/man5 + +.SUFFIXES: .c .o .lo + +.c.lo: + $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(OPT) $(CPPFLAGS) $(DEFS) $(INCS) -c $< + +all: $(PROGRAMS) + +d := +sp := +dir := tests +include $(dir)/Rules.mk + + +ciboolean.la: ciboolean.lo + $(LIBTOOL) --mode=link $(CC) $(LD_FLAGS) -o $@ $? $(LIBS) + +clean: + rm -rf $(CLEAN) + +install: install-lib install-man + +install-lib: $(PROGRAMS) + mkdir -p $(DESTDIR)$(moduledir) + for p in $(PROGRAMS) ; do \ + $(LIBTOOL) --mode=install cp $$p $(DESTDIR)$(moduledir) ; \ + done + +install-man: $(MANPAGES) + mkdir -p $(DESTDIR)$(man5dir) + $(INSTALL) -m 644 $(MANPAGES) $(DESTDIR)$(man5dir) diff --git a/contrib/slapd-modules/ciboolean/ciboolean.c b/contrib/slapd-modules/ciboolean/ciboolean.c new file mode 100644 index 0000000..21e0f1a --- /dev/null +++ b/contrib/slapd-modules/ciboolean/ciboolean.c @@ -0,0 +1,110 @@ +/* ciboolean.c - enable case-insensitive boolean values */ +/* $OpenLDAP$ */ +/* This work is part of OpenLDAP Software <http://www.openldap.org/>. + * + * Copyright 1998-2022 The OpenLDAP Foundation. + * Copyright 2022 Symas Corp. All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted only as authorized by the OpenLDAP + * Public License. + * + * A copy of this license is available in the file LICENSE in the + * top-level directory of the distribution or, alternatively, at + * <http://www.OpenLDAP.org/license.html>. + */ +/* ACKNOWLEDGEMENTS: + * This work was developed in 2022 by Nadezhda Ivanova for Symas Corp. + */ + +#include "portable.h" + +#ifdef SLAPD_MOD_CIBOOLEAN + +#include "slap.h" +#include "ac/ctype.h" + +static int +cibooleanValidate( + Syntax *syntax, + struct berval *in ) +{ + /* Allow for case insensitive comparison with TRUE and FALSE */ + + struct berval bv; + int i; + + if( in->bv_len == slap_true_bv.bv_len ) { + bv = slap_true_bv; + } else if( in->bv_len == slap_false_bv.bv_len ) { + bv = slap_false_bv; + } else { + return LDAP_INVALID_SYNTAX; + } + + if ( ber_bvstrcasecmp( in, &bv ) != 0 ) { + return LDAP_INVALID_SYNTAX; + } + return LDAP_SUCCESS; +} + +static int +cibooleanMatchNormalize( + slap_mask_t use, + Syntax *syntax, + MatchingRule *mr, + struct berval *val, + struct berval *normalized, + void *ctx ) +{ + struct berval nvalue; + ber_len_t i; + + assert( SLAP_MR_IS_VALUE_OF_SYNTAX( use ) != 0 ); + + if ( BER_BVISNULL( val ) ) { + return LDAP_INVALID_SYNTAX; + } + + nvalue.bv_len = val->bv_len; + nvalue.bv_val = slap_sl_malloc( nvalue.bv_len + 1, ctx ); + nvalue.bv_val[nvalue.bv_len] = '\0'; + for ( i = 0; i < nvalue.bv_len; i++ ) { + nvalue.bv_val[i] = TOUPPER( val->bv_val[i] ); + } + + *normalized = nvalue; + return LDAP_SUCCESS; +} + + +int ciboolean_initialize() +{ + + MatchingRule *bm = mr_find( "2.5.13.13" ); + Syntax *syn = syn_find( "1.3.6.1.4.1.1466.115.121.1.7" ); + if ( bm == NULL ) { + Debug( LDAP_DEBUG_ANY, + "ciboolean_initialize: unable to find booleanMatch matching rule\n"); + return -1; + } + + if ( syn == NULL ) { + Debug( LDAP_DEBUG_ANY, + "ciboolean_initialize: unable to find Boolean syntax\n"); + return -1; + } + + bm->smr_normalize = cibooleanMatchNormalize; + syn->ssyn_validate = cibooleanValidate; + return 0; +} + +#if SLAPD_MOD_CIBOOLEAN == SLAPD_MOD_DYNAMIC +int init_module(int argc, char *argv[]) +{ + return ciboolean_initialize(); +} +#endif + +#endif /* SLAPD_MOD_CIBOOLEAN */ diff --git a/contrib/slapd-modules/ciboolean/slapo-ciboolean.5 b/contrib/slapd-modules/ciboolean/slapo-ciboolean.5 new file mode 100644 index 0000000..134b8a8 --- /dev/null +++ b/contrib/slapd-modules/ciboolean/slapo-ciboolean.5 @@ -0,0 +1,75 @@ +.TH SLAPO-CIBOOLEAN 5 "RELEASEDATE" "OpenLDAP" +.\" Copyright 1998-2022 The OpenLDAP Foundation. +.\" Copyright 2022 Symas Corp. All Rights Reserved. +.\" Copying restrictions apply. See LICENSE. +.SH NAME +slapo\-ciboolean \- enable support for case-insensitive boolean values +.SH SYNOPSIS +By default +.BR slapd (8) +is strictly compliant with +.B RFC4517 +and the only accepted values for a Boolean attribute are +.B TRUE +and +.B FALSE. +This module allows for case-insensitive comparison and syntax-checking. +.SH DESCRIPTION +The +.B ciboolean +module to +.BR slapd (8) +allows Boolean-type attributes to have values such as +.B True, False, true, false, +and any other combination of upper and lower-case values. Comparison is also case-insensitive, so a search filter of +.B (attribute=false) +will return objects with all versions of +.B FALSE. +When the module is loaded, it installs a new syntax-checker and a new normalizer in the +.B Boolean +syntax. + + +.SH CONFIGURATION + +The +.B ciboolean +module does not have any configuration directives. To enable it, instruct the server to load it with the +.B moduleload +directive in +.B slapd.conf: + +.TP +.B moduleload /usr/local/libexec/openldap/ciboolean.la + +.SH LIMITATIONS + +Adding a normalizer to the syntax changes value storage format in most backend types. +Removing the +.B ciboolean +module from +.BR slapd(8) +configuration will not automatically convert any non-standard values to +.B TRUE +or +.B FALSE, +or update value storage format. Therefore, if +.B ciboolean +is added or removed in configuration, all databases that have been in use before the change need to be fully reloaded to ensure correct operation, including +.B cn=config. + + +.SH FILES +.TP +ETCDIR/slapd.conf +default slapd configuration file +.TP +ETCDIR/slapd.d +default slapd configuration directory +.SH SEE ALSO +.BR slapd-config (5), +.BR slapd.conf (5), +.BR slapd (8) + +.SH ACKNOWLEDGEMENTS +This module was developed in 2022 by Nadezhda Ivanova for Symas Corp. diff --git a/contrib/slapd-modules/ciboolean/tests/Rules.mk b/contrib/slapd-modules/ciboolean/tests/Rules.mk new file mode 100644 index 0000000..e64d925 --- /dev/null +++ b/contrib/slapd-modules/ciboolean/tests/Rules.mk @@ -0,0 +1,23 @@ +sp := $(sp).x +dirstack_$(sp) := $(d) +d := $(dir) + +.PHONY: test + +CLEAN += clients servers tests/progs tests/schema tests/testdata tests/testrun + +test: all clients servers tests/progs + +test: + cd tests; \ + SRCDIR=$(abspath $(LDAP_SRC)) \ + LDAP_BUILD=$(abspath $(LDAP_BUILD)) \ + TOPDIR=$(abspath $(SRCDIR)) \ + LIBTOOL=$(abspath $(LIBTOOL)) \ + $(abspath $(SRCDIR))/tests/run test001-ciboolean + +servers clients tests/progs: + ln -s $(abspath $(LDAP_BUILD))/$@ $@ + +d := $(dirstack_$(sp)) +sp := $(basename $(sp)) diff --git a/contrib/slapd-modules/ciboolean/tests/data/booleantest.schema b/contrib/slapd-modules/ciboolean/tests/data/booleantest.schema new file mode 100644 index 0000000..134516f --- /dev/null +++ b/contrib/slapd-modules/ciboolean/tests/data/booleantest.schema @@ -0,0 +1,10 @@ +attributetype (1.3.6.1.4.1.4203.1.12.1.1.7 NAME 'IsBusy' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE) + + +objectclass ( 1.3.6.1.4.1.4203.1.12.1.2.3 NAME 'BusyClass' + SUP top + AUXILIARY + MAY ( IsBusy )) diff --git a/contrib/slapd-modules/ciboolean/tests/data/slapd.conf b/contrib/slapd-modules/ciboolean/tests/data/slapd.conf new file mode 100644 index 0000000..2c90dbd --- /dev/null +++ b/contrib/slapd-modules/ciboolean/tests/data/slapd.conf @@ -0,0 +1,36 @@ +# provider slapd config -- for testing +# $OpenLDAP$ + +include @SCHEMADIR@/core.schema +include @SCHEMADIR@/cosine.schema +include @SCHEMADIR@/inetorgperson.schema +include data/booleantest.schema + +pidfile @TESTDIR@/slapd.m.pid + +argsfile @TESTDIR@/slapd.m.args + +moduleload ../ciboolean.la + + + +pidfile testrun/slapd.pid + + +####################################################################### +# database definitions +####################################################################### +database mdb +suffix "dc=example,dc=com" + +directory testrun +# root or superuser +rootdn "cn=Manager,dc=example,dc=com" +rootpw secret + + +database config +rootdn "cn=manager,cn=config" +rootpw secret + +database monitor diff --git a/contrib/slapd-modules/ciboolean/tests/data/test001-add.ldif b/contrib/slapd-modules/ciboolean/tests/data/test001-add.ldif new file mode 100644 index 0000000..456ab89 --- /dev/null +++ b/contrib/slapd-modules/ciboolean/tests/data/test001-add.ldif @@ -0,0 +1,111 @@ +dn: dc=example,dc=com +objectClass: top +objectClass: organization +objectClass: domainRelatedObject +objectClass: dcObject +dc: example +l: Anytown, Michigan +st: Michigan +o: Example, Inc. +o: EX +o: Ex. +description: The Example, Inc. at Anytown +postalAddress: Example, Inc. $ 535 W. William St. $ Anytown, MI 48109 $ US +telephoneNumber: +1 313 555 1817 +associatedDomain: example.com + +dn: ou=people,dc=example,dc=com +objectClass: organizationalUnit +ou: people +description: All domain members + +dn: cn=user01,ou=people,dc=example,dc=com +cn: user01 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 101 +carLicense: 1234ha +sn: user01 +mobile: 12345678 +mobile: 987654321 +IsBusy: FaLse +ou: people +preferredLanguage: English +description: This is user user01 + +dn: cn=user02,ou=people,dc=example,dc=com +cn: user02 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 102 +carLicense: 1234hb +sn: user02 +mobile: 12345678 +mobile: 987654321 +IsBusy: False +ou: people +preferredLanguage: English +description: This is user user02 + +dn: cn=user03,ou=people,dc=example,dc=com +cn: user03 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 103 +carLicense: 1234hc +sn: user03 +mobile: 12345678 +mobile: 987654321 +IsBusy: FALSE +ou: people +preferredLanguage: English +description: This is user user03 + +dn: cn=user04,ou=people,dc=example,dc=com +cn: user04 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 104 +carLicense: 1234ha +sn: user04 +mobile: 12345678 +mobile: 987654321 +IsBusy: TRue +ou: people +preferredLanguage: English +description: This is user user04 + +dn: cn=user05,ou=people,dc=example,dc=com +cn: user05 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 105 +carLicense: 1234hb +sn: user05 +mobile: 12345678 +mobile: 987654321 +IsBusy: True +ou: people +preferredLanguage: English +description: This is user user05 + +dn: cn=user06,ou=people,dc=example,dc=com +cn: user06 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 106 +carLicense: 1234hc +sn: user06 +mobile: 12345678 +mobile: 987654321 +IsBusy: TRUE +ou: people +preferredLanguage: English +description: This is user user03 + diff --git a/contrib/slapd-modules/ciboolean/tests/data/test001-search_1.ldif b/contrib/slapd-modules/ciboolean/tests/data/test001-search_1.ldif new file mode 100644 index 0000000..63aac4d --- /dev/null +++ b/contrib/slapd-modules/ciboolean/tests/data/test001-search_1.ldif @@ -0,0 +1,45 @@ +dn: cn=user02,ou=people,dc=example,dc=com +cn: user02 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 102 +carLicense: 1234hb +sn: user02 +mobile: 12345678 +mobile: 987654321 +IsBusy: False +ou: people +preferredLanguage: English +description: This is user user02 + +dn: cn=user03,ou=people,dc=example,dc=com +cn: user03 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 103 +carLicense: 1234hc +sn: user03 +mobile: 12345678 +mobile: 987654321 +IsBusy: FALSE +ou: people +preferredLanguage: English +description: This is user user03 + +dn: cn=user06,ou=people,dc=example,dc=com +cn: user06 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 106 +carLicense: 1234hc +sn: user06 +mobile: 12345678 +mobile: 987654321 +ou: people +preferredLanguage: English +description: This is user user03 +IsBusy: false + diff --git a/contrib/slapd-modules/ciboolean/tests/data/test001-search_2.ldif b/contrib/slapd-modules/ciboolean/tests/data/test001-search_2.ldif new file mode 100644 index 0000000..c89aa71 --- /dev/null +++ b/contrib/slapd-modules/ciboolean/tests/data/test001-search_2.ldif @@ -0,0 +1,45 @@ +dn: cn=user01,ou=people,dc=example,dc=com +cn: user01 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 101 +carLicense: 1234ha +sn: user01 +mobile: 12345678 +mobile: 987654321 +ou: people +preferredLanguage: English +description: This is user user01 +IsBusy: TRUE + +dn: cn=user04,ou=people,dc=example,dc=com +cn: user04 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 104 +carLicense: 1234ha +sn: user04 +mobile: 12345678 +mobile: 987654321 +IsBusy: TRue +ou: people +preferredLanguage: English +description: This is user user04 + +dn: cn=user05,ou=people,dc=example,dc=com +cn: user05 +objectClass: inetOrgPerson +objectClass: BusyClass +userPassword:: UEBzc3cwcmQ= +roomNumber: 105 +carLicense: 1234hb +sn: user05 +mobile: 12345678 +mobile: 987654321 +IsBusy: True +ou: people +preferredLanguage: English +description: This is user user05 + diff --git a/contrib/slapd-modules/ciboolean/tests/run b/contrib/slapd-modules/ciboolean/tests/run new file mode 100755 index 0000000..239bff7 --- /dev/null +++ b/contrib/slapd-modules/ciboolean/tests/run @@ -0,0 +1,17 @@ +#!/bin/sh +## $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +TOPSRCDIR="$SRCDIR" OBJDIR="${LDAP_BUILD}" SRCDIR="${SRCDIR}/tests" DEFSDIR="${SRCDIR}/scripts" SCRIPTDIR="${TOPDIR}/tests/scripts" "${LDAP_BUILD}/tests/run" $* + diff --git a/contrib/slapd-modules/ciboolean/tests/scripts/test001-ciboolean b/contrib/slapd-modules/ciboolean/tests/scripts/test001-ciboolean new file mode 100755 index 0000000..bc6f229 --- /dev/null +++ b/contrib/slapd-modules/ciboolean/tests/scripts/test001-ciboolean @@ -0,0 +1,240 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## Copyright 2022 Symas Corp. +## +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. +## +## ACKNOWLEDGEMENTS: +## This work was developed in 2022 by Nadezhda Ivanova for Symas Corp. +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +echo "" + +rm -rf $TESTDIR + +mkdir -p $TESTDIR $DBDIR1 + +echo "Starting slapd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND < data/slapd.conf > $CONF1 +$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$PID" + +sleep 1 + +echo "Using ldapsearch to check that slapd is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting 5 seconds for slapd to start..." + sleep 5 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Using ldapadd to populate the database..." +$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \ + data/test001-add.ldif > $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +cat /dev/null > $SEARCHOUT + +echo "Searching base=\"$BASEDN\"..." +echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT +$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" >> $SEARCHOUT 2>&1 +RC=$? + +if test $RC != 0 ; then + echo "Search failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Filtering ldapsearch results..." +$LDIFFILTER < $SEARCHOUT > $SEARCHFLT +echo "Filtering original ldif used to create database..." +$LDIFFILTER < data/test001-add.ldif > $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "comparison failed - database population didn't succeed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + +# +# Do some modifications +# + +echo "Modifying database \"$BASEDN\" with TRUE..." +$LDAPMODIFY -v -D "cn=Manager,$BASEDN" -H $URI1 -w $PASSWD \ + -M >> $TESTOUT 2>&1 << EOMODS +dn: cn=user01,ou=people,$BASEDN +changetype: modify +replace: IsBusy +IsBusy: TRUE +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "Modify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Modifying database \"$BASEDN\" with false..." +$LDAPMODIFY -v -D "cn=Manager,$BASEDN" -H $URI1 -w $PASSWD \ + -M >> $TESTOUT 2>&1 << EOMODS +dn: cn=user06,ou=people,$BASEDN +changetype: modify +replace: IsBusy +IsBusy: false +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "Modify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Modifying database \"$BASEDN\"with TRUA..." +$LDAPMODIFY -v -D "cn=Manager,$BASEDN" -H $URI1 -w $PASSWD \ + -M >> $TESTOUT 2>&1 << EOMODS +dn: cn=user02,ou=people,$BASEDN +changetype: modify +replace: IsBusy +IsBusy: TRUA + +EOMODS + +RC=$? +if test $RC != 21 ; then + echo "Modify with an incorrect value failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +cat /dev/null > $SEARCHOUT + +echo " base=\"$BASEDN\"..." +echo "# base=\"$BASEDN\"..." >> $SEARCHOUT +$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" -M "(IsBusy=false)" '*' ref \ + >> $SEARCHOUT 2>&1 + +RC=$? +if test $RC != 0 ; then + echo "Search failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + + +echo "Filtering ldapsearch results..." +$LDIFFILTER < $SEARCHOUT > $SEARCHFLT +echo "Filtering partial ldif used to create database..." +$LDIFFILTER < data/test001-search_1.ldif > $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "comparison failed - search for (IsBusy=false) didn't succeed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + +cat /dev/null > $SEARCHOUT + +echo " base=\"$BASEDN\"..." +echo "# base=\"$BASEDN\"..." >> $SEARCHOUT +$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" -M "(IsBusy=TRUE)" '*' ref \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "Search failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + + +echo "Filtering ldapsearch results..." +$LDIFFILTER < $SEARCHOUT > $SEARCHFLT +echo "Filtering partial ldif used to create database..." +$LDIFFILTER < data/test001-search_2.ldif > $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "comparison failed - search for (IsBusy=TRUE) didn't succeed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + +echo "Modifying cn=config, setting olcReadOnly to True" +$LDAPMODIFY -v -D "cn=manager,cn=config" -H $URI1 -w $PASSWD \ + -M >> $TESTOUT 2>&1 << EOMODS +dn: olcDatabase={1}mdb,cn=config +changetype: modify +replace: olcReadOnly +olcReadOnly: True +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "Modify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Modifying database \"$BASEDN\" to verify olcReadOnly value" +$LDAPMODIFY -v -D "cn=Manager,$BASEDN" -H $URI1 -w $PASSWD \ + -M >> $TESTOUT 2>&1 << EOMODS +dn: cn=user06,ou=people,$BASEDN +changetype: modify +replace: IsBusy +IsBusy: false +EOMODS + +RC=$? +if test $RC != 53 ; then + echo "Modify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 |