#! /bin/sh
# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2022 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.

echo "running defines.sh"
. $SRCDIR/scripts/defines.sh

mkdir -p $TESTDIR $DBDIR1 $DBDIR2

$SLAPPASSWD -g -n >$CONFIGPWF
echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf

# Cannot assess where operations went without monitor yet
if test $AC_lloadd = lloaddyes ; then
	echo "Load balancer module not available, skipping..."
	exit 0
fi

# Monitor counts are unstable in the face of concurrency, since different
# clients may get different upstreams assigned for their operations.
# Another constraint is that some global counts are updated by the statistics
# collection task scheduled to run every second.
#
# This test assumes current round-robin policy:
# - default backend is rotated every time we successfully pick an upstream
#   (except when already linked)
# - upstream connections within the same backend are rotated in the same way
# - the monitor entry order for upstream connections reflects the connection
#   order within its CIRCLEQ_

echo "Starting the first slapd on TCP/IP port $PORT2..."
. $CONFFILTER $BACKEND < $CONF > $CONF2
$SLAPADD -f $CONF2 -l $LDIFORDERED
RC=$?
if test $RC != 0 ; then
	echo "slapadd failed ($RC)!"
	exit $RC
fi

echo "Running slapindex to index slapd database..."
$SLAPINDEX -f $CONF2
RC=$?
if test $RC != 0 ; then
	echo "warning: slapindex failed ($RC)"
	echo "  assuming no indexing support"
fi

$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 &
PID=$!
if test $WAIT != 0 ; then
	echo PID $PID
	read foo
fi
PID2="$PID"
KILLPIDS="$PID"

echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
	$LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \
		'(objectclass=*)' > /dev/null 2>&1
	RC=$?
	if test $RC = 0 ; then
		break
	fi
	echo "Waiting $SLEEP1 seconds for slapd to start..."
	sleep $SLEEP1
done
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Running slapadd to build slapd database..."
. $CONFFILTER $BACKEND < $CONFTWO > $CONF3
$SLAPADD -f $CONF3 -l $LDIFORDERED
RC=$?
if test $RC != 0 ; then
	echo "slapadd failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Running slapindex to index slapd database..."
$SLAPINDEX -f $CONF3
RC=$?
if test $RC != 0 ; then
	echo "warning: slapindex failed ($RC)"
	echo "  assuming no indexing support"
fi

echo "Starting second slapd on TCP/IP port $PORT3..."
$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 &
PID=$!
if test $WAIT != 0 ; then
	echo PID $PID
	read foo
fi
PID3="$PID"
KILLPIDS="$KILLPIDS $PID"

sleep $SLEEP0

echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
	$LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \
		'(objectclass=*)' > /dev/null 2>&1
	RC=$?
	if test $RC = 0 ; then
		break
	fi
	echo "Waiting $SLEEP1 seconds for slapd to start..."
	sleep $SLEEP1
done
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Starting lloadd on TCP/IP port $PORT1..."
. $CONFFILTER $BACKEND < $LLOADDEMPTYCONF > $CONF1.lloadd
. $CONFFILTER $BACKEND < $SLAPDLLOADCONF > $CONF1.slapd
$SLAPD -f $CONF1.slapd -h $URI6 -d $LVL > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
	echo PID $PID
	read foo
fi
KILLPIDS="$KILLPIDS $PID"

echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
	$LDAPSEARCH -s base -b "$MONITOR" -H $URI6 \
		'(objectclass=*)' > /dev/null 2>&1
	RC=$?
	if test $RC = 0 ; then
		break
	fi
	echo "Waiting $SLEEP1 seconds for lloadd to start..."
	sleep $SLEEP1
done

if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Setting up restrictions..."
$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
dn: olcBackend={0}lload,cn=config
changetype: modify
replace: olcBkLloadWriteCoherence
olcBkLloadWriteCoherence: 3
-
add: olcBkLloadRestrictExop
# Modify Password Exop
olcBkLloadRestrictExop: 1.3.6.1.4.1.4203.1.11.1 write
# LDAP Transaction Exop
olcBkLloadRestrictExop: 1.3.6.1.1.21.1 connection
# Cancel Exop
olcBkLloadRestrictExop: 1.3.6.1.1.8 reject
-
add: olcBkLloadRestrictControl
# assert control
olcBkLloadRestrictControl: 1.3.6.1.1.12 backend
# paged results control
olcBkLloadRestrictControl: 1.2.840.113556.1.4.319 connection
# dontUseCopy control
olcBkLloadRestrictControl: 1.3.6.1.1.22 reject
EOF
RC=$?
if test $RC != 0 ; then
	echo "ldapmodify failed for backend ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Sending a search request to prime the counters..."
$LDAPSEARCH -b "$BASEDN" -s base -H $URI1 >> $TESTOUT 2>&1
RC=$?
if test $RC != 52 ; then
	echo "ldapsearch should have failed ($RC != 52)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Adding first tier..."
$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
dn: cn=first,olcBackend={0}lload,cn=config
changetype: add
objectClass: olcBkLloadTierConfig
olcBkLloadTierType: roundrobin
EOF
RC=$?
if test $RC != 0 ; then
	echo "ldapadd failed for backend ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Adding first backend server..."
$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
dn: cn=backend,cn={0}first,olcBackend={0}lload,cn=config
changetype: add
objectClass: olcBkLloadBackendConfig
olcBkLloadBackendUri: $URI2
olcBkLloadMaxPendingConns: 3
olcBkLloadMaxPendingOps: 5
olcBkLloadRetry: 1000
olcBkLloadNumconns: 2
olcBkLloadBindconns: 2
EOF
RC=$?
if test $RC != 0 ; then
	echo "ldapadd failed for backend ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

# At the moment, the global counters are updated by a recurring job,
# wait for it to settle
echo "Waiting until connections are established..."
for i in 0 1 2 3 4 5; do
	$LDAPCOMPARE "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \
		'olmOutgoingConnections:4' > /dev/null 2>&1
	RC=$?
	if test $RC = 6 ; then
		break
	fi
	echo "Waiting $SLEEP1 seconds until connections are established..."
	sleep $SLEEP1
done
if test $RC != 6 ; then
	echo "ldapcompare failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Retrieving data from cn=monitor..."
echo "# Retrieving data from lload's cn=monitor..." >>$SEARCHOUT
echo "# Operations received:" >>$SEARCHOUT
echo "#	 Bind: 1 (0 forwarded)" >>$SEARCHOUT
echo "#	 Unbind: 1" >>$SEARCHOUT
$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \
	olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Adding another backend server..."
$LDAPMODIFY -D cn=config -H $URI6 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
dn: cn=server 2,cn={0}first,olcBackend={0}lload,cn=config
changetype: add
objectClass: olcBkLloadBackendConfig
olcBkLloadBackendUri: $URI3
olcBkLloadMaxPendingConns: 3
olcBkLloadMaxPendingOps: 5
olcBkLloadRetry: 1000
olcBkLloadNumconns: 4
olcBkLloadBindconns: 5
EOF
RC=$?
if test $RC != 0 ; then
	echo "ldapadd failed for backend ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

# At the moment, the global counters are updated by a recurring job,
# wait for it to settle
echo "Waiting until connections are established..."
for i in 0 1 2 3 4 5; do
	$LDAPCOMPARE "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \
		'olmOutgoingConnections:13' > /dev/null 2>&1
	RC=$?
	if test $RC = 6 ; then
		break
	fi
	echo "Waiting $SLEEP1 seconds until connections are established..."
	sleep $SLEEP1
done
if test $RC != 6 ; then
	echo "ldapcompare failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Sending a search request with dontUseCopy (fails with Unwilling to Perform)..."
$LDAPSEARCH -b "$BASEDN" -s base -H $URI1 -E '!dontUseCopy' >> $TESTOUT 2>&1
RC=$?
if test $RC != 53 ; then
	echo "ldapsearch should have failed ($RC != 53)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Sending a search request with paged results=1 (19 requests forwarded over the same connection)..."
$LDAPSEARCH -b "$BASEDN" -H $URI1 -E '!pr=1/noprompt' >> $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Sending a passmod request..."
$LDAPPASSWD -H $URI1 -D "$MANAGERDN" -w $PASSWD \
	-s bjensen2 "$BABSDN" >> $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldappasswd failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

# At the moment, the global counters are updated by a recurring job,
# wait for it to settle
echo "Waiting until global counters are updated..."
for i in 0 1 2 3 4 5; do
	$LDAPCOMPARE "cn=Other,cn=Operations,cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \
		'olmCompletedOps:20' > /dev/null 2>&1
	RC=$?
	if test $RC = 6 ; then
		break
	fi
	echo "Waiting $SLEEP1 seconds until counters are updated..."
	sleep $SLEEP1
done
if test $RC != 6 ; then
	echo "ldapcompare failed ($RC)!"
	echo >>$SEARCHOUT
	$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \
		olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Retrieving data from cn=monitor again..."
echo >>$SEARCHOUT
echo "# Retrieving data after recent ops..." >>$SEARCHOUT
echo "# Operations now received:" >>$SEARCHOUT
echo "#	 Bind: +3 (+3 forwarded)" >>$SEARCHOUT
echo "#	 Search: +20" >>$SEARCHOUT
echo "#	 Extended: +1 (Password modify)" >>$SEARCHOUT
echo "#	 Unbind: +3" >>$SEARCHOUT
$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \
	olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Sending a few writes (some of them will stick to the same backend)..."
{
cat <<EOMOD
dn: $BABSDN
changetype: modify
replace: description
description: changed

dn: $BJORNSDN
changetype: modify
replace: description
description: changed too

EOMOD
# If we had full control over the connection, we'd know when the last operation
# finished and so when the grace period ends. We only write to a pipe, just
# have to wait a bit longer than necessary...
sleep 5
cat <<EOMOD
dn: $JAJDN
changetype: modify
replace: description
description: modified

EOMOD
} | \
$LDAPMODIFY -D "$MANAGERDN" -w $PASSWD -H $URI1 >> $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapmodify failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Sending a few writes within a TXN..."
{
cat <<EOMOD
dn: $BABSDN
changetype: modify
replace: description
description: changed

dn: $BJORNSDN
changetype: modify
replace: description
description: changed too

EOMOD
sleep 4
cat <<EOMOD
dn: $JAJDN
changetype: modify
replace: description
description: modified

EOMOD
} | \
$LDAPMODIFY -D "$MANAGERDN" -w $PASSWD -H $URI1 \
	-e assert='(objectclass=*)' -E txn=abort >> $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapmodify failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

# At the moment, the global counters are updated by a recurring job,
# wait for it to settle
echo "Waiting until global counters are updated..."
for i in 0 1 2 3 4 5; do
	$LDAPCOMPARE "cn=Other,cn=Operations,cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \
		'olmCompletedOps:28' > /dev/null 2>&1
	RC=$?
	if test $RC = 6 ; then
		break
	fi
	echo "Waiting $SLEEP1 seconds until counters are updated..."
	sleep $SLEEP1
done
if test $RC != 6 ; then
	echo "ldapcompare failed ($RC)!"
	echo >>$SEARCHOUT
	$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \
		olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Retrieving data from cn=monitor again..."
echo >>$SEARCHOUT
echo "# Retrieving data after recent writes..." >>$SEARCHOUT
echo "# Operations received:" >>$SEARCHOUT
echo "#	 Bind: +2 (+2 forwarded)" >>$SEARCHOUT
echo "#	 Modify: +6" >>$SEARCHOUT
echo "#	 Extended: +2 (TXN+TXN Abort)" >>$SEARCHOUT
echo "#	 Unbind: +2" >>$SEARCHOUT
$LDAPSEARCH -b "cn=Load Balancer,cn=Backends,cn=monitor" -H $URI6 \
	olmBalancer olmBalancerServer olmBalancerOperation olmBalancerConnection >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

test $KILLSERVERS != no && kill -HUP $KILLPIDS

LDIF=$DATADIR/lloadd/test007-monitor.ldif

echo "Filtering ldapsearch results..."
# For now, we don't make sure olmIncomingConnections is reflective of current
# state (=no connections open) since olmIncomingConnections can be != 0 for a
# second after it's closed
$LDIFFILTER < $SEARCHOUT | grep -v '^olmIncomingConnections:' > $SEARCHFLT
echo "Filtering original ldif used to create database..."
$LDIFFILTER < $LDIF | sed \
    -e "s|@URI2@|$URI2|g" \
    -e "s|@URI3@|$URI3|g" \
    > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT

if test $? != 0 ; then
	echo "Comparison failed"
	exit 1
fi

echo ">>>>> Test succeeded"

test $KILLSERVERS != no && wait

exit 0