Adding debian version 2.6.7+dfsg-1~exp1.debian/2.6.7+dfsg-1_exp1debian

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

9 files changed, 429 insertions, 0 deletions

diff --git a/debian/tests/check_upgradepath b/debian/tests/check_upgradepath
new file mode 100755
index 0000000..d1f2578
--- /dev/null
+++ b/debian/tests/check_upgradepath
@@ -0,0 +1,173 @@
+#! /bin/sh
+
+set -e
+
+# WARNING: This script is obsolete and will require a fair bit of work to get
+# working again.  It assumes woody, uses debconf questions that don't exist
+# any more, and probably doesn't check everything that you would want to
+# check.  Preserved just because I haven't done the work to see if puiparts
+# can now do the same thing in a cleaner way.
+
+# Setup
+: ${chroot_dir:=../chroot}
+: ${debmirror:=http://ftp.de.debian.org/debian}
+: ${proxy:=http://proxy.galaxy:3128/}
+unset LC_ALL
+unset LC_CTYPE
+unset LC_MESSAGES
+# XXX: comment out when testing new versions. Needed so libc6 does not
+# ask for restarting services.
+export DEBIAN_FRONTEND=noninteractive
+
+woodytar=$chroot_dir/woody_base.tar.gz
+
+# List our packages
+list_packages() {
+	local p ver
+	ver=`dpkg-parsechangelog|sed -ne 's/^Version: //p'`
+	for p in `dh_listpackages`; do
+		(cd .. && echo ${p}_$ver*deb)
+	done
+}
+
+# Run a command inside the chroot
+
+in_target() {
+	chroot $chroot_dir/woody "$@"
+}
+
+# Set a debconf variable inside the chroot
+
+debconf_set() {
+	local name=$1
+	shift
+	cat >>$chroot_dir/woody/var/cache/debconf/config.dat <<EOF
+Name: $name
+Template: $name
+Flags: seen
+Value: $@
+
+EOF
+}
+
+# Setup a woody chroot
+
+setup_chroot() {
+	# Kill an existing chroot
+	rm -Rf $chroot_dir/woody
+
+	# If there is a tar archive with a base system we use it
+	if [ -e $woodytar ]; then
+		mkdir $chroot_dir/woody
+		echo -n "Unpacking system from $woodytar"
+		tar -C $chroot_dir/woody -xzf $woodytar
+		echo "done."
+	# Otherwise we need to create a new base system and save it
+	# to a tar for the next time
+	else
+		debootstrap woody $chroot_dir/woody $debmirror | \
+		  shtool prop -p "Creating base system from $debmirror"
+		tar -C $chroot_dir/woody -czvf $woodytar . | \
+			shtool prop -p "Saving system to $woodytar"
+	fi
+
+	# Install a suitable apt configuration
+	echo "deb $debmirror woody main" \
+		> $chroot_dir/woody/etc/apt/sources.list
+	echo "Acquire::HTTP::Proxy \"$proxy\";" \
+		> $chroot_dir/woody/etc/apt/apt.conf
+	in_target apt-get update
+	in_target mount -t proc none /proc
+
+	# We don't want any debconf interaction
+	#debconf_set debconf/frontend Noninteractive
+}
+
+# These are our example configurations for testing the upgrade
+
+conf_domain_or_host() {
+	debconf_set slapd/fill_method auto
+	debconf_set slapd/suffix_type "domain or host"
+	debconf_set slapd/domain "some.example.net"
+	debconf_set slapd/replicate false
+	debconf_set shared/organization Some Organization
+}
+
+
+check_domain_or_host() {
+	sleep 2  # wait for slapd to startup
+	in_target ldapsearch -h localhost -b dc=some,dc=example,dc=net -x \
+		objectclass=\*
+}
+
+conf_location() {
+	debconf_set slapd/fill_method auto
+	debconf_set slapd/suffix_type "location"
+	debconf_set shared/locale/countrycode de
+	debconf_set shared/organization "Sample Organization"
+	debconf_set slapd/replicate false
+	debconf_set shared/organization Some Organization
+}
+
+check_location() {
+	sleep 2  # wait for slapd to startup
+	in_target ldapsearch -h localhost -b "o=Some Organization, c=de" \
+		-x objectclass=\*
+}
+# Install slapd inside the chroot
+
+install_slapd() {
+	in_target apt-get -y install slapd ldap-utils
+}
+
+# Do an upgrade of our packages inside the chroot
+
+upgrade() {
+	# Link our packages into the chroot
+	for p in `list_packages`; do 
+		ln ../$p $chroot_dir/woody/root/
+	done
+
+	# Create a packages file
+	(cd $chroot_dir/woody/root && dpkg-scanpackages . /dev/null >Packages)
+
+	# Switch to unstable
+	echo "deb $debmirror unstable main" \
+		> $chroot_dir/woody/etc/apt/sources.list
+	echo "deb file:/root ./" >> $chroot_dir/woody/etc/apt/sources.list
+
+	# Update package lists
+	in_target apt-get update
+
+	# Tell our scripts to fix the config
+	debconf_set slapd/fix_directory true
+	debconf_set slapd/password1 foobar
+	debconf_set slapd/allow_ldap_v2
+
+	# Do an upgrade of our packages
+	in_target apt-get install -y `dh_listpackages`
+}
+
+# Checks if upgrading a woody system with slapd configured with the
+# command given works.
+
+check_upgrade() {
+	setup_chroot
+	conf_$1
+	debconf_set slapd/password1 foobar
+	debconf_set slapd/password2 foobar
+	install_slapd
+	check_$1
+	upgrade
+	check_$1
+	in_target /etc/init.d/slapd stop
+	in_target umount /proc
+}
+
+# Try upgrading our example setups
+
+for i in location domain_or_host; do
+	check_upgrade $i
+done
+
+echo "SUCCESS testing upgrading from woody"
diff --git a/debian/tests/control b/debian/tests/control
new file mode 100644
index 0000000..5359d16
--- /dev/null
+++ b/debian/tests/control
@@ -0,0 +1,15 @@
+Tests: slapd
+Depends: ldap-utils
+Restrictions: allow-stderr, isolation-container, needs-root, superficial
+
+Tests: slapd-tls
+Depends: ldap-utils, ssl-cert
+Restrictions: allow-stderr, isolation-container, needs-root, superficial
+
+Tests: smbk5pwd
+Depends: ldap-utils, slapd, slapd-contrib, heimdal-kdc, samba, schema2ldif
+Restrictions: allow-stderr, isolation-container, needs-root, superficial
+
+Tests: sha2-contrib
+Depends: slapd, openssl
+Restrictions: superficial
diff --git a/debian/tests/create_account b/debian/tests/create_account
new file mode 100755
index 0000000..a5051af
--- /dev/null
+++ b/debian/tests/create_account
@@ -0,0 +1,24 @@
+#! /usr/bin/perl -w
+
+# Shows how to create an entry on the LDAP server
+
+$host = "localhost";			# LDAP server
+$basedn = "dc=galaxy";			# Base DN
+$admindn = "cn=admin, $basedn";		# Admin entry
+$adminpass = "foo";			# Password
+
+use Net::LDAP;
+
+$ldap = Net::LDAP->new("$host", onerror => "die");
+$ldap->bind($admindn, password => $adminpass);
+
+# Create "ou=People" entry if not there
+
+$results = $ldap->search(base => "$basedn", 
+	filter => "ou=People", scope => "one");
+unless ($results->count > 0) {
+	$ldap->add("ou=People, $basedn", attr => [
+		  ou => "People", 
+		  objectClass => [ "top", "organizationalUnit" ]
+		]);
+}
diff --git a/debian/tests/find_unused_functions b/debian/tests/find_unused_functions
new file mode 100755
index 0000000..bd31d45
--- /dev/null
+++ b/debian/tests/find_unused_functions
@@ -0,0 +1,30 @@
+#! /usr/bin/perl -w
+
+use autouse Data::Dumper, qw{Dumper};
+
+# Script to find the unused shell functions in slapd.scripts-common
+
+our @code;
+
+# Get all shell code from maintainer scripts
+
+foreach my $file ((<slapd.*rm>, <slapd.*inst>, <slapd.config>, 
+	<slapd.scripts-common>)) {
+	open SCRIPT, "<$file" or
+		die "Can't open $file: $!";
+	push @code, <SCRIPT>;
+	close SCRIPT;
+}
+
+# Find all function declarations
+
+our @functions = map { /^(\w+)\s*\(\).*$/;  } @code;
+
+# Find unused functions
+
+foreach $function (@functions) {
+	@occurences  = grep /$function/, @code;
+	@invocations = grep { !/^$function\s*\(\)/ and !/#.*$function/ }
+				@occurences;
+	print "$function\n" if @invocations == 0;
+}
diff --git a/debian/tests/hammer_slapd b/debian/tests/hammer_slapd
new file mode 100755
index 0000000..9ad7f99
--- /dev/null
+++ b/debian/tests/hammer_slapd
@@ -0,0 +1,98 @@
+#! /usr/bin/perl -w
+
+use Net::LDAP;
+use Data::Dumper;
+
+$host = "localhost";			# LDAP server
+$basedn = "dc=galaxy";			# Base DN
+$admindn = "cn=admin, $basedn";		# Admin entry
+$adminpass = "foo";			# Password
+$group = $ARGV[0] || "People";
+
+$ldap = Net::LDAP->new("$host", onerror => "die");
+$ldap->bind($admindn, password => $adminpass);
+
+sub create_group {
+	$results = $ldap->search(base => "$basedn", 
+		filter => "ou=$group", scope => "one");
+	unless ($results->count > 0) {
+		$ldap->add("ou=$group, $basedn", attr => [
+			  ou => "$group", 
+			  objectClass => [ "top", "organizationalUnit" ]
+			]);
+	}
+}
+
+sub invent_name {
+	our @words;
+	unless (@words) {
+		open WORDS, "/usr/share/dict/british-english-large";
+		@words = grep /^[A-Z]\w{0,11}$/, <WORDS>;
+		map { chomp } @words;
+		close WORDS;
+	}
+
+	my $index = int(rand(@words));
+	$index = int(rand(@words)) while not defined $words[$index];
+	my $word = $words[$index];
+	delete $words[$index];
+	return $word;
+}
+
+sub invent_names {
+	our @names;
+
+	foreach (1..1000) {
+		push @names, { cn => invent_name, sn => invent_name };
+	}
+}
+
+sub create_entries {
+	foreach my $name (@names) {
+		create_account(%$name);
+	}
+}
+
+sub create_account {
+	our $uid; 
+	$uid = 1000 if not defined $uid;
+
+	my %id = @_;
+	my $login = $id{cn};
+	$login =~ tr/A-Z/a-z/;
+	$ldap->add("uid=$login, ou=$group, $basedn", attr => [
+		%id, 
+		objectClass => [ "top", "person", "posixAccount" ], 
+		uid => $login, 
+		uidNumber => $uid++, 
+		gidNumber => 1000, 
+		homeDirectory => "/home/$login" ]);
+}
+
+sub delete_entries {
+	foreach my $name (@names) {
+		delete_account(%$name);
+	}
+}
+
+sub delete_account {
+	my %id = @_;
+	my $login = $id{cn};
+	$login =~ tr/A-Z/a-z/;
+	$ldap->delete("uid=$login, ou=$group, $basedn");
+}
+
+sub search_entries {
+	foreach (1..10000) {
+		my $num = int(rand(@names));
+		$login = $names[$num]->{cn};
+		$login =~ tr/A-Z/a-z/;
+		$ldap->search(base => "$basedn", filter => "uid=$login");
+	}
+}
+
+create_group;
+invent_names;
+create_entries;
+search_entries;
+delete_entries;
diff --git a/debian/tests/sha2-contrib b/debian/tests/sha2-contrib
new file mode 100755
index 0000000..32f7637
--- /dev/null
+++ b/debian/tests/sha2-contrib
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -e
+
+reference_hash="{SHA256}$(echo -n secret | openssl dgst -sha256 -binary | openssl enc -base64)"
+test_hash=$(/usr/sbin/slappasswd -s secret -h '{SHA256}' -o module-load=pw-sha2)
+
+echo "Reference hash of \"secret\" (openssl): ${reference_hash}"
+echo "slapd's pw-sha2 hash:                 ${test_hash}"
+
+if [ "${reference_hash}" != "${test_hash}" ]; then
+    echo "ERROR: hashes differ"
+    exit 1
+else
+    echo "PASS: hashes are identical"
+fi
diff --git a/debian/tests/slapd b/debian/tests/slapd
new file mode 100755
index 0000000..d79e225
--- /dev/null
+++ b/debian/tests/slapd
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -eux
+
+export DEBIAN_FRONTEND=noninteractive
+
+debconf-set-selections << eof
+slapd slapd/password1 password secret
+slapd slapd/password2 password secret
+slapd slapd/domain string example.com
+slapd slapd/organization string example.com
+eof
+
+apt-get -y install slapd
+
+test "$(ldapwhoami -x -D 'cn=admin,dc=example,dc=com' -w secret)" = 'dn:cn=admin,dc=example,dc=com'
diff --git a/debian/tests/slapd-tls b/debian/tests/slapd-tls
new file mode 100755
index 0000000..a5e387e
--- /dev/null
+++ b/debian/tests/slapd-tls
@@ -0,0 +1,32 @@
+#!/bin/sh
+set -eux
+
+SSL_CERT=/etc/ssl/certs/ssl-cert-snakeoil.pem
+SSL_KEY=/etc/ssl/private/ssl-cert-snakeoil.key
+SSL_PRIVATE_DIR=/etc/ssl/private
+
+export DEBIAN_FRONTEND=noninteractive
+
+debconf-set-selections << eof
+slapd slapd/password1 password secret
+slapd slapd/password2 password secret
+slapd slapd/domain string example.com
+slapd slapd/organization string example.com
+eof
+
+apt-get -y install slapd
+
+chgrp openldap "$SSL_PRIVATE_DIR" "$SSL_KEY"
+chmod g+r "$SSL_KEY"
+
+ldapmodify -H ldapi:// -Y EXTERNAL << EOF
+dn: cn=config
+add: olcTLSCertificateFile
+olcTLSCertificateFile: $SSL_CERT
+-
+add: olcTLSCertificateKeyFile
+olcTLSCertificateKeyFile: $SSL_KEY
+
+EOF
+
+test "$(ldapwhoami -ZZ -o tls_cacert="$SSL_CERT" -x -D 'cn=admin,dc=example,dc=com' -w secret)" = 'dn:cn=admin,dc=example,dc=com'
diff --git a/debian/tests/smbk5pwd b/debian/tests/smbk5pwd
new file mode 100755
index 0000000..aeb5f81
--- /dev/null
+++ b/debian/tests/smbk5pwd
@@ -0,0 +1,26 @@
+#!/bin/sh
+set -e
+
+# Import the Samba and Heimdal schemas
+ldapadd -H ldapi:// -Y EXTERNAL -f /usr/share/doc/samba/examples/LDAP/samba.ldif
+schema2ldif /etc/ldap/schema/hdb.schema | ldapadd -H ldapi:// -Y EXTERNAL
+
+# Grant slapd access to the Heimdal master key
+chgrp openldap /var/lib/heimdal-kdc /var/lib/heimdal-kdc/*key
+chmod g+rX /var/lib/heimdal-kdc /var/lib/heimdal-kdc/*key
+
+# Instantiate the smbk5pwd overlay
+ldapmodify -H ldapi:// -Y EXTERNAL << eof
+dn: cn=module{0},cn=config
+changetype: modify
+add: olcModuleLoad
+olcModuleLoad: smbk5pwd
+
+dn: olcOverlay=smbk5pwd,olcDatabase={1}mdb,cn=config
+changetype: add
+objectClass: olcSmbK5PwdConfig
+olcSmbK5PwdEnable: krb5
+olcSmbK5PwdEnable: samba
+olcSmbK5PwdEnable: shadow
+
+eof