diff options
Diffstat (limited to '')
| -rwxr-xr-x | tests/scripts/lloadd-all | 116 | ||||
| -rwxr-xr-x | tests/scripts/lloadd/test000-rootdse | 118 | ||||
| -rwxr-xr-x | tests/scripts/lloadd/test001-backend-issues | 219 | ||||
| -rwxr-xr-x | tests/scripts/lloadd/test002-load | 175 | ||||
| -rwxr-xr-x | tests/scripts/lloadd/test003-cnconfig | 481 | ||||
| -rwxr-xr-x | tests/scripts/lloadd/test004-monitor | 365 | ||||
| -rwxr-xr-x | tests/scripts/lloadd/test005-tls | 272 | ||||
| -rwxr-xr-x | tests/scripts/lloadd/test006-sasl | 252 | ||||
| -rwxr-xr-x | tests/scripts/lloadd/test007-coherence | 508 |
9 files changed, 2506 insertions, 0 deletions
diff --git a/tests/scripts/lloadd-all b/tests/scripts/lloadd-all new file mode 100755 index 0000000..34a2d87 --- /dev/null +++ b/tests/scripts/lloadd-all @@ -0,0 +1,116 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +. $SRCDIR/scripts/defines.sh + +TB="" TN="" +if test -t 1 ; then + TB=`$SHTOOL echo -e "%B" 2>/dev/null` + TN=`$SHTOOL echo -e "%b" 2>/dev/null` +fi + +FAILCOUNT=0 +SKIPCOUNT=0 +SLEEPTIME=10 + +# check for BSD vs GNU date +date -j >/dev/null 2>&1 +RC=$? +if [ $RC -ne 0 ]; then + DATEOPT="-d @" +else + DATEOPT="-r " +fi + +echo ">>>>> $(timer) Executing all LDAP tests for the Load Balancer" + +if [ -n "$NOEXIT" ]; then + echo "Result Test" > $TESTWD/results +fi + +for CMD in $SRCDIR/scripts/lloadd/test*; do + case "$CMD" in + *~) continue;; + *.bak) continue;; + *.orig) continue;; + *.sav) continue;; + *) test -f "$CMD" || continue;; + esac + + # remove cruft from prior test + if test $PRESERVE = yes ; then + /bin/rm -rf $TESTDIR/db.* + else + /bin/rm -rf $TESTDIR + fi + + BCMD=`basename $CMD` + if [ -x "$CMD" ]; then + MSG=">>>>> $(timer) Starting ${TB}$BCMD${TN} for lloadd+$BACKEND..." + [ -n "$TESTINST" ] && echo "$MSG" >&2 + echo "$MSG" + START=`date +%s` + if [ -n "$TESTINST" ]; then + $CMD 2>&1 + else + $CMD + fi + RC=$? + END=`date +%s` + + if test $RC -eq 0 ; then + MSG=">>>>> $(timer) Finished $BCMD for lloadd+$BACKEND after $(( $END - $START )) seconds." + [ -n "$TESTINST" ] && echo "$MSG" >&2 + echo "$MSG" + else + MSG=">>>>> $(timer) Failed $BCMD for lloadd+$BACKEND after $(( $END - $START )) seconds" + [ -n "$TESTINST" ] && echo "$MSG" >&2 + echo "$MSG" + FAILCOUNT=`expr $FAILCOUNT + 1` + + if [ -n "$NOEXIT" ]; then + echo "Continuing." + else + echo "(exit $RC)" + exit $RC + fi + fi + else + MSG=">>>>> $(timer) Skipping ${TB}$BCMD${TN} for lloadd+$BACKEND." + [ -n "$TESTINST" ] && echo "$MSG" >&2 + echo "$MSG" + SKIPCOUNT=`expr $SKIPCOUNT + 1` + RC="-" + fi + + if [ -n "$NOEXIT" ]; then + echo "$RC $BCMD" >> $TESTWD/results + fi + +# echo ">>>>> waiting $SLEEPTIME seconds for things to exit" +# sleep $SLEEPTIME + echo "" +done + +if [ -n "$NOEXIT" ]; then + if [ "$FAILCOUNT" -gt 0 ]; then + cat $TESTWD/results + echo "$FAILCOUNT tests for $BACKEND ${TB}failed${TN}. Please review the test log." + else + echo "All executed tests for $BACKEND ${TB}succeeded${TN}." + fi +fi + +echo "$SKIPCOUNT tests for the Load Balancer were ${TB}skipped${TN}." diff --git a/tests/scripts/lloadd/test000-rootdse b/tests/scripts/lloadd/test000-rootdse new file mode 100755 index 0000000..9046b16 --- /dev/null +++ b/tests/scripts/lloadd/test000-rootdse @@ -0,0 +1,118 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +mkdir -p $TESTDIR $DBDIR1 $DBDIR2 $DBDIR3 + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +echo "Starting slapd on TCP/IP port $PORT2..." +. $CONFFILTER $BACKEND < $SCHEMACONF > $CONF2 +$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$PID" + +echo "Starting a second slapd on TCP/IP port $PORT3..." +sed -e "s,$DBDIR1,$DBDIR2," < $CONF2 > $CONF3 +$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$KILLPIDS $PID" + +echo "Starting a third slapd on TCP/IP port $PORT4..." +sed -e "s,$DBDIR1,$DBDIR3," < $CONF2 > $CONF4 +$SLAPD -f $CONF4 -h $URI4 -d $LVL > $LOG4 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$KILLPIDS $PID" + +echo "Starting lloadd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND < $LLOADDANONCONF > $CONF1.lloadd +if test $AC_lloadd = lloaddyes; then + $LLOADD -f $CONF1.lloadd -h $URI1 -d $LVL > $LOG1 2>&1 & +else + . $CONFFILTER $BACKEND < $SLAPDLLOADCONF > $CONF1.slapd + # FIXME: this won't work on Windows, but lloadd doesn't support Windows yet + $SLAPD -f $CONF1.slapd -h $URI6 -d $LVL > $LOG1 2>&1 & +fi +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$KILLPIDS $PID" + +sleep $SLEEP0 + +echo "Using ldapsearch to retrieve the root DSE..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -b "" -s base -H $URI1 \ + '@extensibleObject' > $SEARCHOUT 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for lloadd to start..." + sleep $SLEEP1 +done + +if test $RC = 0 ; then + echo "Using ldapsearch to retrieve the cn=Subschema..." + $LDAPSEARCH -b "cn=Subschema" -s base -H $URI1 \ + '(&(objectClasses=top)(objectClasses=2.5.6.0))' cn objectClass \ + >> $SEARCHOUT 2>&1 + RC=$? + +fi + +if test $RC = 0 ; then + echo "Using ldapsearch to retrieve the cn=Monitor..." + $LDAPSEARCH -b "cn=Monitor" -s base -H $URI1 \ + '@monitor' >> $SEARCHOUT 2>&1 + RC=$? +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +count=3 +if test $RC != 0 ; then + echo ">>>>> Test failed" +else + RC=`grep '^dn:' $SEARCHOUT | wc -l` + if test $RC != $count ; then + echo ">>>>> Test failed: expected $count entries, got" $RC + RC=1 + else + echo ">>>>> Test succeeded" + RC=0 + fi +fi + +test $KILLSERVERS != no && wait + +exit $RC diff --git a/tests/scripts/lloadd/test001-backend-issues b/tests/scripts/lloadd/test001-backend-issues new file mode 100755 index 0000000..b7f99fc --- /dev/null +++ b/tests/scripts/lloadd/test001-backend-issues @@ -0,0 +1,219 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +mkdir -p $TESTDIR $DBDIR1 $DBDIR2 + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +echo "Starting an empty slapd on TCP/IP port $PORT2..." +. $CONFFILTER $BACKEND < $SCHEMACONF > $CONF2 +$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID2="$PID" +KILLPIDS="$PID" + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $CONFTWO > $CONF3 +$SLAPADD -f $CONF3 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapindex to index slapd database..." +$SLAPINDEX -f $CONF3 +RC=$? +if test $RC != 0 ; then + echo "warning: slapindex failed ($RC)" + echo " assuming no indexing support" +fi + +echo "Starting second slapd on TCP/IP port $PORT3..." +$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID3="$PID" +KILLPIDS="$KILLPIDS $PID" + +sleep $SLEEP0 + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Starting lloadd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND < $LLOADDUNREACHABLECONF > $CONF1.lloadd +if test $AC_lloadd = lloaddyes; then + $LLOADD -f $CONF1.lloadd -h $URI1 -d $LVL > $LOG1 2>&1 & +else + . $CONFFILTER $BACKEND < $SLAPDLLOADCONF > $CONF1.slapd + $SLAPD -f $CONF1.slapd -h $URI6 -d $LVL > $LOG1 2>&1 & +fi +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$KILLPIDS $PID" + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for lloadd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing exact searching..." +echo "# Testing exact searching..." > $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing approximate searching..." +echo "# Testing approximate searching..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn~=jENSEN)' name >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing OR searching..." +echo "# Testing OR searching..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(|(givenname=Xx*yY*Z)(cn=)(undef=*)(objectclass=groupofnames)(sn=jones)(member=cn=Manager,dc=example,dc=com)(uniqueMember=cn=Manager,dc=example,dc=com))' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing AND matching and ends-with searching..." +echo "# Testing AND matching and ends-with searching..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "ou=groups,$BASEDN" -s one -H $URI1 \ + '(&(objectclass=groupofnames)(cn=A*)(member=cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com))' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing NOT searching..." +echo "# Testing NOT searching..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(!(objectclass=pilotPerson))' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing objectClass/attributeType inheritance ..." +echo "# Testing objectClass/attributeType inheritance ..." >> $SEARCHOUT +$LDAPSEARCH -M -a never -S "" -b "$BASEDN" -H $URI1 \ + '(&(objectClass=inetorgperson)(userid=uham))' \ + "2.5.4.0" "userid" >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +LDIF=$SEARCHOUTPROVIDER + +echo "Filtering ldapsearch results..." +$LDIFFILTER < $SEARCHOUT > $SEARCHFLT +echo "Filtering original ldif used to create database..." +$LDIFFILTER < $LDIF > $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "Comparison failed" + exit 1 +fi + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 diff --git a/tests/scripts/lloadd/test002-load b/tests/scripts/lloadd/test002-load new file mode 100755 index 0000000..2de04d6 --- /dev/null +++ b/tests/scripts/lloadd/test002-load @@ -0,0 +1,175 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +if test x$TESTLOOPS = x ; then + TESTLOOPS=50 +fi + +if test x$TESTCHILDREN = x ; then + TESTCHILDREN=20 +fi + +if test x$MAXRETRIES = x ; then + MAXRETRIES=5 +fi + +mkdir -p $TESTDIR $DBDIR1 $DBDIR2 + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $CONF > $CONF2 +$SLAPADD -f $CONF2 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + exit $RC +fi + +echo "Starting a slapd on TCP/IP port $PORT2..." +$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID2="$PID" +KILLPIDS="$PID" + +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $CONFTWO > $CONF3 +$SLAPADD -f $CONF3 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapindex to index slapd database..." +$SLAPINDEX -f $CONF3 +RC=$? +if test $RC != 0 ; then + echo "warning: slapindex failed ($RC)" + echo " assuming no indexing support" +fi + +echo "Starting second slapd on TCP/IP port $PORT3..." +$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID2="$PID" +KILLPIDS="$KILLPIDS $PID" + +sleep $SLEEP0 + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Starting lloadd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND < $LLOADDCONF > $CONF1.lloadd +if test $AC_lloadd = lloaddyes; then + $LLOADD -f $CONF1.lloadd -h $URI1 -d $LVL > $LOG1 2>&1 & +else + . $CONFFILTER $BACKEND < $SLAPDLLOADCONF > $CONF1.slapd + # FIXME: this won't work on Windows, but lloadd doesn't support Windows yet + $SLAPD -f $CONF1.slapd -h $URI6 -d $LVL > $LOG1 2>&1 & +fi +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$KILLPIDS $PID" + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for lloadd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +# fix test data to include back-monitor, if available +# NOTE: copies do_* files from $DATADIR to $TESTDIR +$MONITORDATA "$DATADIR" "$TESTDIR" + + +echo "Using tester for concurrent server access ($TESTCHILDREN x $TESTLOOPS ops)..." +$SLAPDTESTER -P "$PROGDIR" -d "$TESTDIR" \ + -H $URI1 -D "$MANAGERDN" -w $PASSWD \ + -t 1 -l $TESTLOOPS -r $MAXRETRIES -j $TESTCHILDREN \ + -i '*INVALID_CREDENTIALS,*BUSY,UNWILLING_TO_PERFORM' +RC=$? + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +if test $RC != 0 ; then + echo "slapd-tester failed ($RC)!" + exit $RC +fi + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 diff --git a/tests/scripts/lloadd/test003-cnconfig b/tests/scripts/lloadd/test003-cnconfig new file mode 100755 index 0000000..373b5bb --- /dev/null +++ b/tests/scripts/lloadd/test003-cnconfig @@ -0,0 +1,481 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +mkdir -p $TESTDIR $CONF1.d $DBDIR1 $DBDIR2 $CFDIR + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +if test $AC_lloadd = lloaddyes ; then + echo "Load balancer module not available, skipping..." + exit 0 +fi + +echo "Starting the first slapd on TCP/IP port $PORT2..." +. $CONFFILTER $BACKEND < $CONF > $CONF2 +$SLAPADD -f $CONF2 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + exit $RC +fi + +echo "Running slapindex to index slapd database..." +$SLAPINDEX -f $CONF2 +RC=$? +if test $RC != 0 ; then + echo "warning: slapindex failed ($RC)" + echo " assuming no indexing support" +fi + +$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID2="$PID" +KILLPIDS="$PID" + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $CONFTWO > $CONF3 +$SLAPADD -f $CONF3 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapindex to index slapd database..." +$SLAPINDEX -f $CONF3 +RC=$? +if test $RC != 0 ; then + echo "warning: slapindex failed ($RC)" + echo " assuming no indexing support" +fi + +echo "Starting second slapd on TCP/IP port $PORT3..." +$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID3="$PID" +KILLPIDS="$KILLPIDS $PID" + +sleep $SLEEP0 + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Starting lloadd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND < $LLOADDUNREACHABLECONF > $CONF1.lloadd +. $CONFFILTER $BACKEND < $SLAPDLLOADCONF > $CONF1.slapd +$SLAPD -Tt -f $CONF1.slapd -F $CONF1.d -d $LVL > $LOG1 2>&1 +$SLAPD -F $CONF1.d -h $URI6 -d $LVL >> $LOG1 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$KILLPIDS $PID" + +echo "Testing lloadd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for lloadd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + + +echo "Testing cn=config searching..." +$LDAPSEARCH -H $URI6 -D cn=config -y $CONFIGPWF \ + -s sub -b "olcBackend={0}lload,cn=config" '(objectclass=*)' > /dev/null 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Deleting backends" + +# weighted backends are sorted before we get to _cfadd to create their entries +for i in 3 2 4 1 ; do + echo "cn={0}server $i,cn={1}tier 2,olcBackend={0}lload,cn=config" + $LDAPDELETE -H $URI6 -D cn=config -y $CONFIGPWF \ + "cn={0}server $i,cn={1}tier 2,olcBackend={0}lload,cn=config" > /dev/null 2>&1 + RC=$? + if test $RC != 0 ; then + echo "deleting server failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + fi +done + +echo "Testing cn=config searching..." +$LDAPSEARCH -H $URI6 -D cn=config -y $CONFIGPWF \ + -s sub -b "olcBackend={0}lload,cn=config" '(objectclass=*)' > /dev/null 2>&1 + +echo "Deleting tiers" + +for i in 1 2; do + echo "cn={0}tier $i,olcBackend={0}lload,cn=config" + $LDAPDELETE -H $URI6 -D cn=config -y $CONFIGPWF \ + "cn={0}tier $i,olcBackend={0}lload,cn=config" > /dev/null 2>&1 + RC=$? + if test $RC != 0 ; then + echo "deleting server failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + fi +done + +echo "Testing cn=config searching..." +$LDAPSEARCH -H $URI6 -D cn=config -y $CONFIGPWF \ + -s sub -b "olcBackend={0}lload,cn=config" '(objectclass=*)' > /dev/null 2>&1 + + +echo "# Testing exact searching..." + +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 52 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing adding a tier" +$LDAPADD -D cn=config -H $URI6 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1 +dn: cn=roundrobin tier,olcBackend={0}lload,cn=config +objectClass: olcBkLloadTierConfig +olcBkLloadTierType: roundrobin +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed for cn=roundrobin tier ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing adding a weighted tier" +$LDAPADD -D cn=config -H $URI6 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1 +dn: cn=weighted tier,olcBackend={0}lload,cn=config +objectClass: olcBkLloadTierConfig +olcBkLloadTierType: weighted +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed for cn=weighted tier ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing adding a backend server" +$LDAPADD -D cn=config -H $URI6 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1 +dn: cn=server 7,cn={1}weighted tier,olcBackend={0}lload,cn=config +objectClass: olcBkLloadBackendConfig +cn: server 7 +olcBkLloadBackendUri: $URI3 +olcBkLloadBindconns: 2 +olcBkLloadMaxPendingConns: 3 +olcBkLloadMaxPendingOps: 5 +olcBkLloadNumconns: 3 +olcBkLloadRetry: 5000 +olcBkLloadWeight: 10 +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed for cn=server 7 ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Verifying balancer operation..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for backend to start..." + sleep $SLEEP1 +done + +echo "Testing bindconf modify" +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: olcBackend={0}lload,cn=config +changetype: modify +replace: olcBkLloadBindconf +olcBkLloadBindconf: bindmethod=simple timeout=0 network-timeout=0 binddn="cn=wrongmanager,dc=example,dc=com" credentials="secret" +EOF + +RC=$? +if test $RC != 0 ; then + echo "modify failed for bindconf ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "# Sending a search request..." + +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 52 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Restoring bindconf value" +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: olcBackend={0}lload,cn=config +changetype: modify +replace: olcBkLloadBindconf +olcBkLloadBindconf: bindmethod=simple timeout=0 network-timeout=0 binddn="cn=Manager,dc=example,dc=com" credentials="secret" +EOF + +RC=$? +if test $RC != 0 ; then + echo "modify failed for bindconf ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + + +echo "Verifying balancer operation..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for backend to start..." + sleep $SLEEP1 +done + +echo "Testing global attributes" +echo "Testing olcBkLloadMaxPDUPerCycle modify" +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: olcBackend={0}lload,cn=config +changetype: modify +replace: olcBkLloadMaxPDUPerCycle +olcBkLloadMaxPDUPerCycle: 0 +EOF + +RC=$? +if test $RC != 0 ; then + echo "modify failed for olcBkLloadMaxPDUPerCycle($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a search request..." +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing olcBkLloadSockbufMaxClient modify" +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: olcBackend={0}lload,cn=config +changetype: modify +replace: olcBkLloadSockbufMaxClient +olcBkLloadSockbufMaxClient: 20000 +EOF + +RC=$? +if test $RC != 0 ; then + echo "modify failed for olcBkLloadSockbufMaxClient($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a search request..." +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing olcBkLloadSockbufMaxUpstream modify" +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: olcBackend={0}lload,cn=config +changetype: modify +replace: olcBkLloadSockbufMaxUpstream +olcBkLloadSockbufMaxUpstream: 200000 +EOF + +RC=$? +if test $RC != 0 ; then + echo "modify failed for olcBkLloadSockbufMaxUpstream($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a search request..." +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing olcBkLloadIOTimeout modify" +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: olcBackend={0}lload,cn=config +changetype: modify +replace: olcBkLloadIOTimeout +olcBkLloadIOTimeout: 20000 +EOF + +RC=$? +if test $RC != 0 ; then + echo "modify failed for olcBkLloadWriteTimeout($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a search request..." +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing backend attributes" +echo "Testing olcBkLloadBindconns modify" +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: cn={0}server 7,cn={1}weighted tier,olcBackend={0}lload,cn=config +changetype: modify +replace: olcBkLloadBindconns +olcBkLloadBindconns: 20 +EOF + +RC=$? +if test $RC != 0 ; then + echo "modify failed for olcBkLloadBindconns($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing exact searching..." +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + + +echo "Testing olcBkLloadMaxPendingConns modify" +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: cn={0}server 7,cn={1}weighted tier,olcBackend={0}lload,cn=config +changetype: modify +replace: olcBkLloadMaxPendingConns +olcBkLloadMaxPendingConns: 30 +EOF + +RC=$? +if test $RC != 0 ; then + echo "modify failed for olcBkLloadMaxPendingConns($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing exact searching..." +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + '(sn=jENSEN)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 diff --git a/tests/scripts/lloadd/test004-monitor b/tests/scripts/lloadd/test004-monitor new file mode 100755 index 0000000..ef308b2 --- /dev/null +++ b/tests/scripts/lloadd/test004-monitor @@ -0,0 +1,365 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +mkdir -p $TESTDIR $DBDIR1 $DBDIR2 + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +if test $AC_lloadd = lloaddyes ; then + echo "Load balancer module not available, skipping..." + exit 0 +fi + +# Monitor counts are unstable in the face of concurrency, since different +# clients may get different upstreams assigned for their operations. This might +# also change later when tiered load balancing is available. +# Another constraint is that some global counts are updated by the statistics +# collection task scheduled to run every second. +# +# This test assumes current round-robin policy: +# - default backend is rotated every time we successfully pick an upstream +# - upstream connections within the same backend are rotated in the same way +# - the monitor entry order for upstream connections reflects the connection +# order within its CIRCLEQ_ + +echo "Starting the first slapd on TCP/IP port $PORT2..." +. $CONFFILTER $BACKEND < $CONF > $CONF2 +$SLAPADD -f $CONF2 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + exit $RC +fi + +echo "Running slapindex to index slapd database..." +$SLAPINDEX -f $CONF2 +RC=$? +if test $RC != 0 ; then + echo "warning: slapindex failed ($RC)" + echo " assuming no indexing support" +fi + +$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID2="$PID" +KILLPIDS="$PID" + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $CONFTWO > $CONF3 +$SLAPADD -f $CONF3 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapindex to index slapd database..." +$SLAPINDEX -f $CONF3 +RC=$? +if test $RC != 0 ; then + echo "warning: slapindex failed ($RC)" + echo " assuming no indexing support" +fi + +echo "Starting second slapd on TCP/IP port $PORT3..." +$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID3="$PID" +KILLPIDS="$KILLPIDS $PID" + +sleep $SLEEP0 + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Starting lloadd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND < $LLOADDEMPTYCONF > $CONF1.lloadd +. $CONFFILTER $BACKEND < $SLAPDLLOADCONF > $CONF1.slapd +$SLAPD -f $CONF1.slapd -h $URI6 -d $LVL > $LOG1 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$KILLPIDS $PID" + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI6 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for lloadd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a search request to prime the counters..." +$LDAPSEARCH -b "$BASEDN" -s base -H $URI1 >> $TESTOUT 2>&1 +RC=$? +if test $RC != 52 ; then + echo "ldapsearch should have failed ($RC != 52)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Retrieving data from cn=monitor..." +echo "# Retrieving data from an empty lload's cn=monitor..." >>$SEARCHOUT +echo "# Operations received:" >>$SEARCHOUT +echo "# Bind: 1 (0 forwarded)" >>$SEARCHOUT +echo "# Search: 0" >>$SEARCHOUT +echo "# Unbind: 1" >>$SEARCHOUT +$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Adding first tier..." +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: cn=first,olcBackend={0}lload,cn=config +changetype: add +objectClass: olcBkLloadTierConfig +olcBkLloadTierType: roundrobin +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed for backend ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Adding first backend server..." +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: cn=backend,cn={0}first,olcBackend={0}lload,cn=config +changetype: add +objectClass: olcBkLloadBackendConfig +olcBkLloadBackendUri: $URI2 +olcBkLloadMaxPendingConns: 3 +olcBkLloadMaxPendingOps: 5 +olcBkLloadRetry: 1000 +olcBkLloadNumconns: 2 +olcBkLloadBindconns: 2 +olcBkLloadWeight: 1 +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed for backend ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +# At the moment, the global counters are updated by a recurring job, +# wait for it to settle +echo "Waiting until connections are established..." +for i in 0 1 2 3 4 5; do + $LDAPCOMPARE "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + 'olmOutgoingConnections:4' > /dev/null 2>&1 + RC=$? + if test $RC = 6 ; then + break + fi + echo "Waiting $SLEEP1 seconds until connections are established..." + sleep $SLEEP1 +done +if test $RC != 6 ; then + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Retrieving data from cn=monitor again..." +echo >>$SEARCHOUT +echo "# Retrieving data from lload's cn=monitor..." >>$SEARCHOUT +$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Adding another backend server..." +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: cn=server 2,cn={0}first,olcBackend={0}lload,cn=config +changetype: add +objectClass: olcBkLloadBackendConfig +olcBkLloadBackendUri: $URI3 +olcBkLloadMaxPendingConns: 3 +olcBkLloadMaxPendingOps: 5 +olcBkLloadRetry: 1000 +olcBkLloadNumconns: 4 +olcBkLloadBindconns: 5 +olcBkLloadWeight: 1 +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed for backend ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +# At the moment, the global counters are updated by a recurring job, +# wait for it to settle +echo "Waiting until connections are established..." +for i in 0 1 2 3 4 5; do + $LDAPCOMPARE "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + 'olmOutgoingConnections:13' > /dev/null 2>&1 + RC=$? + if test $RC = 6 ; then + break + fi + echo "Waiting $SLEEP1 seconds until connections are established..." + sleep $SLEEP1 +done +if test $RC != 6 ; then + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending another search request..." +$LDAPSEARCH -b "$BASEDN" -s base -H $URI1 >> $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a WhoAmI? request..." +$LDAPWHOAMI -D "$BABSDN" -w bjensen -H $URI1 >> $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +# At the moment, the global counters are updated by a recurring job, +# wait for it to settle +echo "Waiting until global counters are updated..." +for i in 0 1 2 3 4 5; do + $LDAPCOMPARE "cn=Other,cn=Operations,cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + 'olmCompletedOps:2' > /dev/null 2>&1 + RC=$? + if test $RC = 6 ; then + break + fi + echo "Waiting $SLEEP1 seconds until counters are updated..." + sleep $SLEEP1 +done +if test $RC != 6 ; then + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Retrieving data from cn=monitor again..." +echo >>$SEARCHOUT +echo "# Retrieving data after a search+WhoAmI?..." >>$SEARCHOUT +echo "# Operations received:" >>$SEARCHOUT +echo "# Bind: 3 (2 forwarded)" >>$SEARCHOUT +echo "# Search: 1" >>$SEARCHOUT +echo "# Extended: 1 (WhoAmI?)" >>$SEARCHOUT +echo "# Unbind: 3" >>$SEARCHOUT +$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +LDIF=$DATADIR/lloadd/monitor.ldif + +echo "Filtering ldapsearch results..." +$LDIFFILTER -s e < $SEARCHOUT > $SEARCHFLT +echo "Filtering original ldif used to create database..." +$LDIFFILTER -s e < $LDIF | sed \ + -e "s|@URI2@|$URI2|g" \ + -e "s|@URI3@|$URI3|g" \ + > $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "Comparison failed" + exit 1 +fi + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 diff --git a/tests/scripts/lloadd/test005-tls b/tests/scripts/lloadd/test005-tls new file mode 100755 index 0000000..7d6f87c --- /dev/null +++ b/tests/scripts/lloadd/test005-tls @@ -0,0 +1,272 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +if test $WITH_TLS = no ; then + echo "TLS support not available, test skipped" + exit 0 +fi + +mkdir -p $TESTDIR $DBDIR1 $DBDIR2 +cp -r $DATADIR/tls $TESTDIR + +cd $TESTWD + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $TLSSASLCONF > $CONF2 +$SLAPADD -f $CONF2 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + exit $RC +fi + +echo "Starting a slapd on TCP/IP port $PORT3..." +$SLAPD -f $CONF2 -h $URI3 -d $LVL > $LOG2 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID2="$PID" +KILLPIDS="$PID" + +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $CONFTWO > $CONF3 +# FIXME: Hack! +echo "TLSCertificateKeyFile $TESTDIR/tls/private/localhost.key" >>$CONF3 +echo "TLSCertificateFile $TESTDIR/tls/certs/localhost.crt" >>$CONF3 +echo 'authz-regexp "email=([^,]*),cn=[^,]*,ou=OpenLDAP,o=OpenLDAP Foundation,st=CA,c=US" ldap:///ou=People,dc=example,dc=com??sub?(mail=$1)' >>$CONF3 +$SLAPADD -f $CONF3 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapindex to index slapd database..." +$SLAPINDEX -f $CONF3 +RC=$? +if test $RC != 0 ; then + echo "warning: slapindex failed ($RC)" + echo " assuming no indexing support" +fi + +echo "Starting second slapd on TCP/IP port $PORT4 w/ ldaps..." +$SLAPD -f $CONF3 -h $SURI4 -d $LVL > $LOG3 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID2="$PID" +KILLPIDS="$KILLPIDS $PID" + +sleep $SLEEP0 + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -o tls-reqcert=never -s base -b "$MONITOR" -H $SURI4 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Starting lloadd on TCP/IP port $PORT1 and ldaps $PORT2..." +. $CONFFILTER $BACKEND < $LLOADDTLSCONF > $CONF1.lloadd +if test $AC_lloadd = lloaddyes; then + $LLOADD -f $CONF1.lloadd -h "$URI1 $SURI2" -d $LVL > $LOG1 2>&1 & +else + . $CONFFILTER $BACKEND < $SLAPDLLOADCONF | sed -e "s,listen.*,listen \"$URI1 $SURI2\"," > $CONF1.slapd + $SLAPD -f $CONF1.slapd -h $URI6 -d $LVL > $LOG1 2>&1 & +fi +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$KILLPIDS $PID" + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for lloadd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo -n "Using ldapsearch with startTLS with no server cert validation...." +$LDAPSEARCH -o tls-reqcert=never -ZZ -b "" -s base -H $URIP1 \ + '@extensibleObject' > $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch (startTLS) failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +else + echo "success" +fi + +echo -n "Using ldapsearch with startTLS with hard require cert...." +$LDAPSEARCH -o tls-cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt -o tls-reqcert=hard -ZZ -b "" -s base -H $URIP1 \ + '@extensibleObject' > $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch (startTLS) failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +else + echo "success" +fi + +if test $WITH_TLS_TYPE = openssl ; then + echo -n "Using ldapsearch with startTLS and specific protocol version...." + $LDAPSEARCH -o tls-cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt -o tls-reqcert=hard -o tls-protocol-min=3.3 -ZZ -b "" -s base -H $URIP1 \ + '@extensibleObject' > $SEARCHOUT 2>&1 + RC=$? + if test $RC != 0 ; then + echo "ldapsearch (protocol-min) failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + else + echo "success" + fi +fi + +echo -n "Using ldapsearch on $SURI2 with no server cert validation..." +$LDAPSEARCH -o tls-reqcert=never -b "cn=Subschema" -s base -H $SURIP2 \ + '(&(objectClasses=top)(objectClasses=2.5.6.0))' cn objectClass \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch (ldaps) failed($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +else + echo "success" +fi + +echo -n "Using ldapsearch on $SURI2 with reqcert HARD and no CA cert. Should fail..." +$LDAPSEARCH -o tls-reqcert=hard -b "cn=Subschema" -s base -H $SURIP2 \ + '(&(objectClasses=top)(objectClasses=2.5.6.0))' cn objectClass \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC = 0 ; then + echo "ldapsearch (ldaps) succeeded when it should have failed($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +else + echo "failed correctly with error code ($RC)" +fi + +echo -n "Using ldapsearch on $SURI2 with CA cert and reqcert HARD..." +$LDAPSEARCH -o tls-cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt \ + -o tls-reqcert=hard -b "cn=Subschema" -s base -H $SURIP2 \ + '(&(objectClasses=top)(objectClasses=2.5.6.0))' cn objectClass \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch (ldaps) failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +else + echo "success" +fi + +if test $WITH_SASL = no ; then + echo "SASL support not available, skipping client cert authentication" +else + echo -n "Using ldapwhoami with SASL/EXTERNAL...." + $LDAPSASLWHOAMI -o tls-cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt -o tls-reqcert=hard \ + -o tls-cert=$TESTDIR/tls/certs/bjensen@mailgw.example.com.crt \ + -o tls-key=$TESTDIR/tls/private/bjensen@mailgw.example.com.key \ + -ZZ -Y EXTERNAL -H $URIP1 \ + > $TESTOUT 2>&1 + RC=$? + if test $RC != 0 ; then + echo "ldapwhoami (startTLS) failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + else + echo "success" + fi + + echo -n "Validating mapped SASL ID..." + echo 'dn:cn=barbara jensen,ou=information technology division,ou=people,dc=example,dc=com' > $TESTDIR/dn.out + $CMP $TESTDIR/dn.out $TESTOUT > $CMPOUT + + RC=$? + if test $RC != 0 ; then + echo "Comparison failed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + else + echo "success" + fi +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +if test $RC != 0 ; then + echo ">>>>> Test failed" +else + echo ">>>>> Test succeeded" + RC=0 +fi + +test $KILLSERVERS != no && wait + +exit $RC diff --git a/tests/scripts/lloadd/test006-sasl b/tests/scripts/lloadd/test006-sasl new file mode 100755 index 0000000..a49dbbb --- /dev/null +++ b/tests/scripts/lloadd/test006-sasl @@ -0,0 +1,252 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +if test $WITH_SASL = "yes" ; then + if test $USE_SASL = "no" ; then + echo "Not asked to test SASL, skipping test, set SLAPD_USE_SASL to enable..." + exit 0 + fi + if test $USE_SASL = "yes" ; then + MECH="DIGEST-MD5" + else + MECH="$USE_SASL" + fi + echo "Using SASL authc[/authz] with mech=$MECH; unset SLAPD_USE_SASL to disable" +else + echo "SASL support not available, test skipped" + exit 0 +fi + +mkdir -p $TESTDIR $DBDIR1 $DBDIR2 +cp -r $DATADIR/tls $TESTDIR + +cd $TESTWD + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $TLSSASLCONF > $CONF2 +echo 'authz-regexp "^uid=([^,]*),.+" ldap:///dc=example,dc=com??sub?(|(cn=$1)(uid=$1))' >>$CONF2 +$SLAPADD -f $CONF2 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + exit $RC +fi + +echo "Starting a slapd on TCP/IP port $PORT2..." +$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID2="$PID" +KILLPIDS="$PID" + +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $CONFTWO > $CONF3 +echo 'authz-regexp "^uid=([^,]*),.+" ldap:///dc=example,dc=com??sub?(|(cn=$1)(uid=$1))' >>$CONF3 +$SLAPADD -f $CONF3 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapindex to index slapd database..." +$SLAPINDEX -f $CONF3 +RC=$? +if test $RC != 0 ; then + echo "warning: slapindex failed ($RC)" + echo " assuming no indexing support" +fi + +echo "Starting second slapd on TCP/IP port $PORT3..." +$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID2="$PID" +KILLPIDS="$KILLPIDS $PID" + +sleep $SLEEP0 + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Starting lloadd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND < $LLOADDSASLCONF > $CONF1.lloadd +if test $AC_lloadd = lloaddyes; then + $LLOADD -f $CONF1.lloadd -h $URI1 -d $LVL > $LOG1 2>&1 & +else + . $CONFFILTER $BACKEND < $SLAPDLLOADCONF > $CONF1.slapd + $SLAPD -f $CONF1.slapd -h $URI6 -d $LVL > $LOG1 2>&1 & +fi +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$KILLPIDS $PID" + +echo "Testing lloadd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for lloadd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Checking whether $MECH is supported..." +$LDAPSEARCH -s base -b "" -H $URI1 \ + 'objectClass=*' supportedSASLMechanisms > $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +grep "supportedSASLMechanisms: $MECH" $SEARCHOUT > $TESTOUT +RC=$? +if test $RC != 0 ; then + echo "SASL mechanism $MECH is not available, test skipped" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 0 +fi + +AUTHZID="u:bjorn" +echo "Testing lloadd's identity can assert any authzid..." +$LDAPWHOAMI -D "$MANAGERDN" -H $URI1 -w $PASSWD \ + -e\!"authzid=$AUTHZID" > $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +AUTHZID="u:bjorn" +echo "Testing a different identity cannot do the same thing..." +$LDAPWHOAMI -D "$BABSDN" -H $URI1 -w bjensen \ + -e\!"authzid=$AUTHZID" >> $TESTOUT 2>/dev/null +RC=$? +if test $RC != 1 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Validating WhoAmI? results..." +echo 'dn:cn=bjorn jensen,ou=information technology division,ou=people,dc=example,dc=com' > $TESTDIR/whoami.out +echo 'Result: Protocol error (2) +Additional info: proxy authorization control specified multiple times' >> $TESTDIR/whoami.out +$CMP $TESTDIR/whoami.out $TESTOUT > $CMPOUT + +RC=$? +if test $RC != 0 ; then + echo "Comparison failed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +else + echo "Success" +fi + + +ID="jaj" +echo "Testing ldapsearch as $ID for \"$BASEDN\" with SASL bind and identity assertion..." +$LDAPSASLSEARCH -H $URI1 -b "$BASEDN" \ + -Q -Y $MECH -O maxbufsize=0 -U "$ID" -w jaj > $SEARCHOUT 2>&1 + +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Filtering ldapsearch results..." +$LDIFFILTER -s e < $SEARCHOUT > $SEARCHFLT +echo "Filtering original ldif used to create database..." +$LDIFFILTER -s e < $LDIF > $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "comparison failed - search with SASL bind and identity assertion didn't succeed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +if test $RC != 0 ; then + echo ">>>>> Test failed" +else + echo ">>>>> Test succeeded" + RC=0 +fi + +test $KILLSERVERS != no && wait + +exit $RC diff --git a/tests/scripts/lloadd/test007-coherence b/tests/scripts/lloadd/test007-coherence new file mode 100755 index 0000000..cda6dea --- /dev/null +++ b/tests/scripts/lloadd/test007-coherence @@ -0,0 +1,508 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +mkdir -p $TESTDIR $DBDIR1 $DBDIR2 + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +# Cannot assess where operations went without monitor yet +if test $AC_lloadd = lloaddyes ; then + echo "Load balancer module not available, skipping..." + exit 0 +fi + +# Monitor counts are unstable in the face of concurrency, since different +# clients may get different upstreams assigned for their operations. +# Another constraint is that some global counts are updated by the statistics +# collection task scheduled to run every second. +# +# This test assumes current round-robin policy: +# - default backend is rotated every time we successfully pick an upstream +# (except when already linked) +# - upstream connections within the same backend are rotated in the same way +# - the monitor entry order for upstream connections reflects the connection +# order within its CIRCLEQ_ + +echo "Starting the first slapd on TCP/IP port $PORT2..." +. $CONFFILTER $BACKEND < $CONF > $CONF2 +$SLAPADD -f $CONF2 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + exit $RC +fi + +echo "Running slapindex to index slapd database..." +$SLAPINDEX -f $CONF2 +RC=$? +if test $RC != 0 ; then + echo "warning: slapindex failed ($RC)" + echo " assuming no indexing support" +fi + +$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID2="$PID" +KILLPIDS="$PID" + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $CONFTWO > $CONF3 +$SLAPADD -f $CONF3 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Running slapindex to index slapd database..." +$SLAPINDEX -f $CONF3 +RC=$? +if test $RC != 0 ; then + echo "warning: slapindex failed ($RC)" + echo " assuming no indexing support" +fi + +echo "Starting second slapd on TCP/IP port $PORT3..." +$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +PID3="$PID" +KILLPIDS="$KILLPIDS $PID" + +sleep $SLEEP0 + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Starting lloadd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND < $LLOADDEMPTYCONF > $CONF1.lloadd +. $CONFFILTER $BACKEND < $SLAPDLLOADCONF > $CONF1.slapd +$SLAPD -f $CONF1.slapd -h $URI6 -d $LVL > $LOG1 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$KILLPIDS $PID" + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI6 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for lloadd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Setting up restrictions..." +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: olcBackend={0}lload,cn=config +changetype: modify +replace: olcBkLloadWriteCoherence +olcBkLloadWriteCoherence: 3 +- +add: olcBkLloadRestrictExop +# Modify Password Exop +olcBkLloadRestrictExop: 1.3.6.1.4.1.4203.1.11.1 write +# LDAP Transaction Exop +olcBkLloadRestrictExop: 1.3.6.1.1.21.1 connection +# Cancel Exop +olcBkLloadRestrictExop: 1.3.6.1.1.8 reject +- +add: olcBkLloadRestrictControl +# assert control +olcBkLloadRestrictControl: 1.3.6.1.1.12 backend +# paged results control +olcBkLloadRestrictControl: 1.2.840.113556.1.4.319 connection +# dontUseCopy control +olcBkLloadRestrictControl: 1.3.6.1.1.22 reject +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed for backend ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a search request to prime the counters..." +$LDAPSEARCH -b "$BASEDN" -s base -H $URI1 >> $TESTOUT 2>&1 +RC=$? +if test $RC != 52 ; then + echo "ldapsearch should have failed ($RC != 52)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Adding first tier..." +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: cn=first,olcBackend={0}lload,cn=config +changetype: add +objectClass: olcBkLloadTierConfig +olcBkLloadTierType: roundrobin +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed for backend ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Adding first backend server..." +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: cn=backend,cn={0}first,olcBackend={0}lload,cn=config +changetype: add +objectClass: olcBkLloadBackendConfig +olcBkLloadBackendUri: $URI2 +olcBkLloadMaxPendingConns: 3 +olcBkLloadMaxPendingOps: 5 +olcBkLloadRetry: 1000 +olcBkLloadNumconns: 2 +olcBkLloadBindconns: 2 +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed for backend ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +# At the moment, the global counters are updated by a recurring job, +# wait for it to settle +echo "Waiting until connections are established..." +for i in 0 1 2 3 4 5; do + $LDAPCOMPARE "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + 'olmOutgoingConnections:4' > /dev/null 2>&1 + RC=$? + if test $RC = 6 ; then + break + fi + echo "Waiting $SLEEP1 seconds until connections are established..." + sleep $SLEEP1 +done +if test $RC != 6 ; then + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Retrieving data from cn=monitor..." +echo "# Retrieving data from lload's cn=monitor..." >>$SEARCHOUT +echo "# Operations received:" >>$SEARCHOUT +echo "# Bind: 1 (0 forwarded)" >>$SEARCHOUT +echo "# Unbind: 1" >>$SEARCHOUT +$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Adding another backend server..." +$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 +dn: cn=server 2,cn={0}first,olcBackend={0}lload,cn=config +changetype: add +objectClass: olcBkLloadBackendConfig +olcBkLloadBackendUri: $URI3 +olcBkLloadMaxPendingConns: 3 +olcBkLloadMaxPendingOps: 5 +olcBkLloadRetry: 1000 +olcBkLloadNumconns: 4 +olcBkLloadBindconns: 5 +EOF +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed for backend ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +# At the moment, the global counters are updated by a recurring job, +# wait for it to settle +echo "Waiting until connections are established..." +for i in 0 1 2 3 4 5; do + $LDAPCOMPARE "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + 'olmOutgoingConnections:13' > /dev/null 2>&1 + RC=$? + if test $RC = 6 ; then + break + fi + echo "Waiting $SLEEP1 seconds until connections are established..." + sleep $SLEEP1 +done +if test $RC != 6 ; then + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a search request with dontUseCopy (fails with Unwilling to Perform)..." +$LDAPSEARCH -b "$BASEDN" -s base -H $URI1 -E '!dontUseCopy' >> $TESTOUT 2>&1 +RC=$? +if test $RC != 53 ; then + echo "ldapsearch should have failed ($RC != 53)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a search request with paged results=1 (19 requests forwarded over the same connection)..." +$LDAPSEARCH -b "$BASEDN" -H $URI1 -E '!pr=1/noprompt' >> $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a passmod request..." +$LDAPPASSWD -H $URI1 -D "$MANAGERDN" -w $PASSWD \ + -s bjensen2 "$BABSDN" >> $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldappasswd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +# At the moment, the global counters are updated by a recurring job, +# wait for it to settle +echo "Waiting until global counters are updated..." +for i in 0 1 2 3 4 5; do + $LDAPCOMPARE "cn=Other,cn=Operations,cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + 'olmCompletedOps:20' > /dev/null 2>&1 + RC=$? + if test $RC = 6 ; then + break + fi + echo "Waiting $SLEEP1 seconds until counters are updated..." + sleep $SLEEP1 +done +if test $RC != 6 ; then + echo "ldapcompare failed ($RC)!" + echo >>$SEARCHOUT + $LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1 + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Retrieving data from cn=monitor again..." +echo >>$SEARCHOUT +echo "# Retrieving data after recent ops..." >>$SEARCHOUT +echo "# Operations now received:" >>$SEARCHOUT +echo "# Bind: +3 (+3 forwarded)" >>$SEARCHOUT +echo "# Search: +20" >>$SEARCHOUT +echo "# Extended: +1 (Password modify)" >>$SEARCHOUT +echo "# Unbind: +3" >>$SEARCHOUT +$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a few writes (some of them will stick to the same backend)..." +{ +cat <<EOMOD +dn: $BABSDN +changetype: modify +replace: description +description: changed + +dn: $BJORNSDN +changetype: modify +replace: description +description: changed too + +EOMOD +# If we had full control over the connection, we'd know when the last operation +# finished and so when the grace period ends. We only write to a pipe, just +# have to wait a bit longer than necessary... +sleep 5 +cat <<EOMOD +dn: $JAJDN +changetype: modify +replace: description +description: modified + +EOMOD +} | \ +$LDAPMODIFY -D "$MANAGERDN" -w $PASSWD -H $URI1 >> $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Sending a few writes within a TXN..." +{ +cat <<EOMOD +dn: $BABSDN +changetype: modify +replace: description +description: changed + +dn: $BJORNSDN +changetype: modify +replace: description +description: changed too + +EOMOD +sleep 4 +cat <<EOMOD +dn: $JAJDN +changetype: modify +replace: description +description: modified + +EOMOD +} | \ +$LDAPMODIFY -D "$MANAGERDN" -w $PASSWD -H $URI1 \ + -e assert='(objectclass=*)' -E txn=abort >> $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +# At the moment, the global counters are updated by a recurring job, +# wait for it to settle +echo "Waiting until global counters are updated..." +for i in 0 1 2 3 4 5; do + $LDAPCOMPARE "cn=Other,cn=Operations,cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + 'olmCompletedOps:28' > /dev/null 2>&1 + RC=$? + if test $RC = 6 ; then + break + fi + echo "Waiting $SLEEP1 seconds until counters are updated..." + sleep $SLEEP1 +done +if test $RC != 6 ; then + echo "ldapcompare failed ($RC)!" + echo >>$SEARCHOUT + $LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1 + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Retrieving data from cn=monitor again..." +echo >>$SEARCHOUT +echo "# Retrieving data after recent writes..." >>$SEARCHOUT +echo "# Operations received:" >>$SEARCHOUT +echo "# Bind: +2 (+2 forwarded)" >>$SEARCHOUT +echo "# Modify: +6" >>$SEARCHOUT +echo "# Extended: +2 (TXN+TXN Abort)" >>$SEARCHOUT +echo "# Unbind: +2" >>$SEARCHOUT +$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \ + olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +LDIF=$DATADIR/lloadd/test007-monitor.ldif + +echo "Filtering ldapsearch results..." +# For now, we don't make sure olmIncomingConnections is reflective of current +# state (=no connections open) since olmIncomingConnections can be != 0 for a +# second after it's closed +$LDIFFILTER < $SEARCHOUT | grep -v '^olmIncomingConnections:' > $SEARCHFLT +echo "Filtering original ldif used to create database..." +$LDIFFILTER < $LDIF | sed \ + -e "s|@URI2@|$URI2|g" \ + -e "s|@URI3@|$URI3|g" \ + > $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "Comparison failed" + exit 1 +fi + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 |