diff options
Diffstat (limited to 'tests/data/regressions/its8427')
| -rwxr-xr-x | tests/data/regressions/its8427/its8427 | 314 | ||||
| -rwxr-xr-x | tests/data/regressions/its8427/its8427-2 | 395 | ||||
| -rw-r--r-- | tests/data/regressions/its8427/slapd.conf | 31 |
3 files changed, 740 insertions, 0 deletions
diff --git a/tests/data/regressions/its8427/its8427 b/tests/data/regressions/its8427/its8427 new file mode 100755 index 0000000..344c94d --- /dev/null +++ b/tests/data/regressions/its8427/its8427 @@ -0,0 +1,314 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +if test $WITH_TLS = no ; then + echo "TLS support not available, test skipped" + exit 0 +fi + +if test $SYNCPROV = syncprovno; then + echo "Syncrepl provider overlay not available, test skipped" + exit 0 +fi + +TMP=$TESTDIR/tmp + +mkdir -p $TESTDIR +mkdir -p $TESTDIR/srv1/slapd.d $TESTDIR/srv1/db \ + $TESTDIR/srv2/slapd.d $TESTDIR/srv2/db + +cp -r $DATADIR/tls $TESTDIR + +$SLAPPASSWD -g -n >$CONFIGPWF + +if test x"$SYNCMODE" = x ; then + SYNCMODE=rp +fi +case "$SYNCMODE" in + ro) + SYNCTYPE="type=refreshOnly interval=00:00:00:03" + ;; + rp) + SYNCTYPE="type=refreshAndPersist interval=00:00:00:03" + ;; + *) + echo "unknown sync mode $SYNCMODE" + exit 1; + ;; +esac + +nullExclude="" +test $BACKEND = null && nullExclude="# " + +KILLPIDS= + +cat > $TMP <<EOF +dn: cn=config +objectClass: olcGlobal +cn: config +olcTLSCertificateFile: $TESTDIR/tls/certs/localhost.crt +olcTLSCertificateKeyFile: $TESTDIR/tls/private/localhost.key + +EOF + +if test "$SYNCPROV" = syncprovmod ; then + cat <<EOF >> $TMP +dn: cn=module,cn=config +objectClass: olcModuleList +cn: module +olcModulePath: $TESTWD/../servers/slapd/overlays +EOF + if [ "$SYNCPROV" = syncprovmod ]; then + echo "olcModuleLoad: syncprov.la" >> $TMP + fi + echo "" >> $TMP +fi + +if [ "$BACKENDTYPE" = mod ]; then +cat <<EOF >> $TMP +dn: cn=module,cn=config +objectClass: olcModuleList +cn: module +olcModulePath: $TESTWD/../servers/slapd/back-$BACKEND +olcModuleLoad: back_$BACKEND.la + +EOF +fi +if test $INDEXDB = indexdb ; then +INDEX1="olcDbIndex: objectClass,entryCSN,reqStart,reqDN,reqResult eq" +INDEX2="olcDbIndex: objectClass,entryCSN,entryUUID eq" +else +INDEX1= +INDEX2= +fi +cat >> $TMP <<EOF +dn: cn=schema,cn=config +objectclass: olcSchemaconfig +cn: schema + +include: file://$ABS_SCHEMADIR/core.ldif + +include: file://$ABS_SCHEMADIR/cosine.ldif + +include: file://$ABS_SCHEMADIR/inetorgperson.ldif + +include: file://$ABS_SCHEMADIR/openldap.ldif + +include: file://$ABS_SCHEMADIR/nis.ldif + +dn: olcDatabase={0}config,cn=config +objectClass: olcDatabaseConfig +olcDatabase: {0}config +olcRootPW:< file://$CONFIGPWF + +dn: olcDatabase={2}$BACKEND,cn=config +objectClass: olcDatabaseConfig +${nullExclude}objectClass: olc${BACKEND}Config +olcDatabase: {2}$BACKEND +olcSuffix: $BASEDN +${nullExclude}olcDbDirectory: ./db +olcRootDN: $MANAGERDN +olcRootPW: $PASSWD +$INDEX2 +EOF + +echo "Configuring provider" +cd $TESTDIR/srv1 +$SLAPADD -F ./slapd.d -n 0 -d-1 < $TMP > $TESTOUT 2>&1 + +$SLAPADD -F ./slapd.d -n 0 -d-1 <<EOF >> $TESTOUT 2>&1 +dn: olcOverlay=syncprov,olcDatabase={1}$BACKEND,cn=config +objectClass: olcOverlayConfig +objectClass: olcSyncProvConfig +olcOverlay: syncprov +EOF + +echo "Starting provider..." +$SLAPD -F ./slapd.d -h "$SURIP1 ldaps://127.0.0.2:$PORT1" -d $LVL > $LOG1 2>&1 & +MASTERPID=$! +if test $WAIT != 0 ; then + echo MASTERPID $MASTERPID + read foo +fi +KILLPIDS="$MASTERPID" +cd $TESTWD + +echo "Using ldapsearch to check that provider is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -o tls_cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt -s base -b "" -H $SURIP1 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Configuring consumer" +cd $TESTDIR/srv2 +$SLAPADD -F ./slapd.d -n 0 -d-1 < $TMP >> $TESTOUT 2>&1 + +$SLAPMODIFY -F ./slapd.d -n 0 -d-1 <<EOF >> $TESTOUT 2>&1 +dn: olcDatabase={1}$BACKEND,cn=config +changetype: modify +add: olcSyncRepl +olcSyncRepl: rid=001 provider=ldaps://127.0.0.2:$PORT1 + binddn="$MANAGERDN" bindmethod=simple credentials=$PASSWD + searchbase="$BASEDN" $SYNCTYPE retry="3 +" timeout=3 + tls_cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt tls_reqcert=allow +EOF + +echo "Starting consumer..." +$SLAPD -F ./slapd.d -h $URI2 -d $LVL > $LOG2 2>&1 & +SLAVEPID=$! +if test $WAIT != 0 ; then + echo SLAVEPID $SLAVEPID + read foo +fi +KILLPIDS="$MASTERPID $SLAVEPID" +cd $TESTWD + +echo "Using ldapsearch to check that consumer is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "" -H $URI2 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Populating provider" +$LDAPADD -D "$MANAGERDN" -H $SURIP1 -w $PASSWD -o \ + tls_cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt \ + -f $LDIFORDERED >> $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Waiting for consumer to sync..." +sleep $SLEEP2 + +$LDAPSEARCH -b "$BASEDN" -H "$URI2" -D "$BABSDN" -w bjensen \ + '(objectClass=*)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Filtering ldapsearch results..." +$LDIFFILTER < $SEARCHOUT > $SEARCHFLT +echo "Filtering original ldif used to create database..." +$LDIFFILTER < $LDIFORDERED > $LDIFFLT +echo "" >> $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "Comparison failed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + +echo "Stopping the provider, sleeping $SLEEP2 seconds and restarting it..." +kill -HUP "$MASTERPID" +wait $MASTERPID +sleep $SLEEP2 + +echo "======================= RESTART =======================" >> $LOG1 +cd $TESTDIR/srv1 +$SLAPD -F slapd.d -h "$SURIP1 ldaps://127.0.0.2:$PORT1" -d $LVL >> $LOG1 2>&1 & +MASTERPID=$! +if test $WAIT != 0 ; then + echo MASTERPID $MASTERPID + read foo +fi +KILLPIDS="$MASTERPID $SLAVEPID" +cd $TESTWD + +echo "Using ldapsearch to check that provider is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -o tls_cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt -s base -b "" -H $SURIP1 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Updating provider" +$LDAPMODRDN -H $SURIP1 -D "$MANAGERDN" -w $PASSWD \ + -o tls_cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt <<EOF +$BABSDN +cn=Babs +EOF + +if test $RC != 0 ; then + echo "ldapmodrdn failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." +sleep $SLEEP1 + +$LDAPWHOAMI -H $URI2 \ + -D "cn=Babs,ou=Information Technology DivisioN,ou=People,$BASEDN" \ + -w bjensen +RC=$? +if test $RC != 0 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 diff --git a/tests/data/regressions/its8427/its8427-2 b/tests/data/regressions/its8427/its8427-2 new file mode 100755 index 0000000..ca2ef7d --- /dev/null +++ b/tests/data/regressions/its8427/its8427-2 @@ -0,0 +1,395 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +if test $WITH_TLS = no ; then + echo "TLS support not available, test skipped" + exit 0 +fi + +if test $BACKLDAP = "ldapno" ; then + echo "LDAP backend not available, test skipped" + exit 0 +fi + +if test "$BACKEND" = "ldap"; then + echo "LDAP backend not valid, test skipped" + exit 0 +fi + +mkdir -p $TESTDIR $DBDIR1 +cp -r $DATADIR/tls $TESTDIR + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +ITS=8427 +ITSDIR=$DATADIR/regressions/its$ITS + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $TLSCONF > $CONF1 +$SLAPADD -f $CONF1 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + exit $RC +fi + +echo "database config" >> $CONF1 +echo "include $TESTDIR/configpw.conf" >> $CONF1 + +echo "Starting slapd listening on $URIP1 and $SURIP2..." +$SLAPD -f $CONF1 -h "$URIP1 $SURIP2" -d $LVL > $LOG1 2>&1 & +SERVERPID=$! +if test $WAIT != 0 ; then + echo SERVERPID $SERVERPID + read foo +fi +KILLPIDS="$SERVERPID" + +sleep 1 + +echo "Using ldapsearch to check that slapd is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting 5 seconds for slapd to start..." + sleep 5 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "database config" >> $CONF2 +echo "include $TESTDIR/configpw.conf" >> $CONF2 + +echo "Starting proxy slapd on TCP/IP port $PORT3..." +. $CONFFILTER $BACKEND < $ITSDIR/slapd.conf > $CONF2 +$SLAPD -f $CONF2 -h $URI3 -d $LVL > $LOG2 2>&1 & +PROXYPID=$! +if test $WAIT != 0 ; then + echo PROXYPID $PROXYPID + read foo +fi +KILLPIDS="$KILLPIDS $PROXYPID" + +sleep 1 + +echo "Using ldapsearch to check that proxy slapd is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting 5 seconds for slapd to start..." + sleep 5 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Configuring proxy..." +$LDAPMODIFY -D cn=config -H $URI3 -y $CONFIGPWF \ + > $TESTOUT 2>&1 <<EOF +dn: olcDatabase={2}ldap,cn=config +changetype: add +objectClass: olcLDAPConfig +olcDbUri: $URI1 +olcSuffix: $BASEDN +olcRootDN: $MANAGERDN +olcRootPW: $PASSWD +EOF +RC=$? +if test $RC != 0 ; then + echo "modification failed ($RC)" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Privileged WhoAmI (proxy uses plain ldap://)..." +$LDAPWHOAMI -H $URI3 -D "$MANAGERDN" -w $PASSWD +RC=$? +if test $RC != 0 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "WhoAmI (proxy uses plain ldap://)..." +$LDAPWHOAMI -H $URI3 -D "$BABSDN" -w bjensen +RC=$? +if test $RC != 0 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Searching (proxy uses plain ldap://)..." +echo "# Searching (proxy uses plain ldap://)..." > $SEARCHOUT +$LDAPSEARCH -b "$BASEDN" -H $URI3 \ + -D "$BABSDN" -w bjensen \ + '(objectClass=*)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Filtering ldapsearch results..." +$LDIFFILTER < $SEARCHOUT > $SEARCHFLT +echo "Filtering original ldif used to create database..." +$LDIFFILTER < $LDIFORDERED > $LDIFFLT +echo "" >> $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "Comparison failed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + +echo "Reconfiguring database to only allow TLS binds..." +$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ + > $TESTOUT 2>&1 <<EOF +dn: olcDatabase={1}$BACKEND,cn=config +changetype: modify +add: olcAccess +olcAccess: to attrs=userPassword by anonymous ssf=2 auth by users read +olcAccess: to * by users read +EOF +RC=$? +if test $RC != 0 ; then + echo "modification failed ($RC)" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Re-configuring proxy to use ldaps:// on privileged connections only..." +$LDAPMODIFY -D cn=config -H $URI3 -y $CONFIGPWF \ + > $TESTOUT 2>&1 <<EOF +dn: olcDatabase={2}ldap,cn=config +changetype: delete + +dn: olcDatabase={2}ldap,cn=config +changetype: add +objectClass: olcLDAPConfig +olcDbUri: $SURIP2 +olcSuffix: $BASEDN +olcRootDN: $MANAGERDN +olcRootPW: $PASSWD +olcDbIDAssertBind: bindmethod=simple binddn="$MANAGERDN" credentials="$PASSWD" tls_cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt +EOF +RC=$? +if test $RC != 0 ; then + echo "modification failed ($RC)" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Privileged WhoAmI (proxy uses ldaps://)..." +$LDAPWHOAMI -H $URI3 -D "$MANAGERDN" -w $PASSWD +RC=$? +if test $RC != 0 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "WhoAmI (proxy uses ldaps://), which should fail..." +$LDAPWHOAMI -H $URI3 -D "$BABSDN" -w bjensen +RC=$? +case $RC in +52) + ;; +0) + echo "ldapwhoami should have failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + ;; +*) + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac + +# FIXME: just adding olcDbStartTLS to the DB doesn't have an effect, why? +echo "Re-configuring proxy to use ldaps:// everywhere..." +$LDAPMODIFY -D cn=config -H $URI3 -y $CONFIGPWF \ + > $TESTOUT 2>&1 <<EOF +dn: olcDatabase={2}ldap,cn=config +changetype: modify +add: olcDbStartTLS +olcDbStartTLS: ldaps tls_cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt +EOF +RC=$? +if test $RC != 0 ; then + echo "modification failed ($RC)" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "WhoAmI again (proxy uses ldaps://)..." +$LDAPWHOAMI -H $URI3 -D "$BABSDN" -w bjensen +RC=$? +if test $RC != 0 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Searching (proxy uses ldaps://)..." +echo "# Searching (proxy uses ldaps://)..." > $SEARCHOUT +$LDAPSEARCH -b "$BASEDN" -H $URI3 \ + -D "$BABSDN" -w bjensen \ + '(objectClass=*)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Filtering ldapsearch results..." +$LDIFFILTER < $SEARCHOUT > $SEARCHFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "Comparison failed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + +echo "Re-configuring proxy to use LDAP+StartTLS correctly on privileged connections..." +$LDAPMODIFY -D cn=config -H $URI3 -y $CONFIGPWF \ + > $TESTOUT 2>&1 <<EOF +dn: olcDatabase={2}ldap,cn=config +changetype: delete + +dn: olcDatabase={2}ldap,cn=config +changetype: add +objectClass: olcLDAPConfig +olcDbUri: $URIP1 +olcSuffix: $BASEDN +olcRootDN: $MANAGERDN +olcRootPW: $PASSWD +olcDbIDAssertBind: bindmethod=none tls_cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt +EOF +RC=$? +if test $RC != 0 ; then + echo "modification failed ($RC)" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Privileged WhoAmI (proxy requests StartTLS)..." +$LDAPWHOAMI -H $URI3 -D "$MANAGERDN" -w $PASSWD +RC=$? +if test $RC != 0 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "WhoAmI (proxy requests StartTLS), which should fail..." +$LDAPWHOAMI -H $URI3 -D "$BABSDN" -w bjensen +RC=$? +case $RC in +49|52) # ACL forbids plaintext binds against userPassword + ;; +0) + echo "ldapwhoami should have failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + ;; +*) + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac + +# FIXME: just adding olcDbStartTLS to the DB doesn't have an effect, why? +echo "Re-configuring proxy to use ldaps:// everywhere..." +$LDAPMODIFY -D cn=config -H $URI3 -y $CONFIGPWF \ + > $TESTOUT 2>&1 <<EOF +dn: olcDatabase={2}ldap,cn=config +changetype: modify +add: olcDbStartTLS +olcDbStartTLS: start tls_cacert=$TESTDIR/tls/ca/certs/testsuiteCA.crt +EOF +RC=$? +if test $RC != 0 ; then + echo "modification failed ($RC)" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "WhoAmI (proxy requests StartTLS)..." +$LDAPWHOAMI -H $URI3 -D "$BABSDN" -w bjensen +RC=$? +if test $RC != 0 ; then + echo "ldapwhoami failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Searching (proxy requests StartTLS)..." +echo "# Searching (proxy requests StartTLS)..." > $SEARCHOUT +$LDAPSEARCH -b "$BASEDN" -H $URI3 \ + -D "$BABSDN" -w bjensen \ + '(objectClass=*)' >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Filtering ldapsearch results..." +$LDIFFILTER < $SEARCHOUT > $SEARCHFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "Comparison failed" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 diff --git a/tests/data/regressions/its8427/slapd.conf b/tests/data/regressions/its8427/slapd.conf new file mode 100644 index 0000000..7af8ff8 --- /dev/null +++ b/tests/data/regressions/its8427/slapd.conf @@ -0,0 +1,31 @@ +# stand-alone slapd config -- for testing (with indexing) +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +include @SCHEMADIR@/core.schema +include @SCHEMADIR@/cosine.schema +include @SCHEMADIR@/inetorgperson.schema +include @SCHEMADIR@/openldap.schema +include @SCHEMADIR@/nis.schema + +pidfile @TESTDIR@/slapd.2.pid +argsfile @TESTDIR@/slapd.2.args + +#ldapmod#modulepath ../servers/slapd/back-ldap/ +#ldapmod#moduleload back_ldap.la + +database monitor + +database config +include @TESTDIR@/configpw.conf |