diff options
Diffstat (limited to 'tests/data/regressions/its8721')
-rwxr-xr-x | tests/data/regressions/its8721/its8721 | 240 | ||||
-rw-r--r-- | tests/data/regressions/its8721/slapd-backend.conf | 38 | ||||
-rw-r--r-- | tests/data/regressions/its8721/slapd-proxy.conf | 41 |
3 files changed, 319 insertions, 0 deletions
diff --git a/tests/data/regressions/its8721/its8721 b/tests/data/regressions/its8721/its8721 new file mode 100755 index 0000000..eb6a070 --- /dev/null +++ b/tests/data/regressions/its8721/its8721 @@ -0,0 +1,240 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +ITS=8721 +ITSDIR=$DATADIR/regressions/its$ITS + +if test $BACKMETA = "metano" ; then + echo "Meta backend not available, test skipped" + exit 0 +fi + +mkdir -p $TESTDIR $DBDIR2 $DBDIR3 + +echo "This test checks that back-ldap manages quarantine retries as configured." + +# +# Start slapds that act as remote LDAP servers that will be proxied +# +echo "Configuring the remote slapd servers..." +sed -e 's/@ID@/2/g' $ITSDIR/slapd-backend.conf | \ + . $CONFFILTER $BACKEND > $CONF2 + +echo "Starting remote slapd server on TCP/IP port $PORT2..." +$SLAPD -f $CONF2 -h "$URI2" -d $LVL > $LOG2 2>&1 & +SERVERPID2=$! +if test $WAIT != 0 ; then + echo SERVERPID2 $SERVERPID2 + read foo +fi +KILLPIDS="$KILLPIDS $SERVERPID2" + +echo "Using ldapsearch to check that slapd is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +$LDAPADD -D "cn=2,$BASEDN" -H $URI2 -w $PASSWD \ + > $TESTOUT 2>&1 <<EOF +dn: cn=2, $BASEDN +objectclass: device +EOF + +if test $RC != 0 ; then + echo "ldapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + + +sed -e 's/@ID@/3/g' $ITSDIR/slapd-backend.conf | \ + . $CONFFILTER $BACKEND > $CONF3 + +echo "Starting remote slapd server on TCP/IP port $PORT3..." +$SLAPD -f $CONF3 -h "$URI3" -d $LVL > $LOG3 2>&1 & +SERVERPID3=$! +if test $WAIT != 0 ; then + echo SERVERPID3 $SERVERPID3 + read foo +fi +KILLPIDS="$KILLPIDS $SERVERPID3" + +echo "Using ldapsearch to check that slapd is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +$LDAPADD -D "cn=3,$BASEDN" -H $URI3 -w $PASSWD \ + > $TESTOUT 2>&1 <<EOF +dn: cn=3, $BASEDN +objectclass: device +EOF + +if test $RC != 0 ; then + echo "ldapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + + +# +# Start ldapd that will proxy for the remote server +# +echo "Starting slapd proxy on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND < $ITSDIR/slapd-proxy.conf > $CONF1 +$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & +PROXYPID=$! +if test $WAIT != 0 ; then + echo PROXYPID $PROXYPID + read foo +fi +KILLPIDS="$KILLPIDS $PROXYPID" + +echo "Using ldapsearch to check that slapd is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting $SLEEP1 seconds for slapd to start..." + sleep $SLEEP1 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + + +# +# Both servers running +# + +echo "Checking proxying works..." +$LDAPSEARCH -H $URI1 -b "$BASEDN" > $TESTOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed at proxy ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Stopping backend and triggering quarantine..." +kill -HUP $SERVERPID2 +wait $SERVERPID2 +KILLPIDS="$SERVERPID3 $PROXYPID" + +QUARANTINE_START=$(( `date +%s` )) +EARLIEST_QUARANTINE_END=$(( $QUARANTINE_START + 20 )) +$LDAPSEARCH -H $URI1 -b "cn=2,$BASEDN" -s base > $TESTOUT 2>&1 +RC=$? +case $RC in +52) + echo "ldapsearch failed ($RC)" + ;; +0) + echo "ldapsearch should have failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + ;; +*) + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac + +echo "Restarting remote slapd server on TCP/IP port $PORT2..." +$SLAPD -f $CONF2 -h "$URI2" -d $LVL >> $LOG2 2>&1 & +SERVERPID2=$! +if test $WAIT != 0 ; then + echo SERVERPID2 $SERVERPID2 + read foo +fi +KILLPIDS="$KILLPIDS $SERVERPID2" + + +echo -n "Waiting for server to start up and quarantine to be lifted." +for i in `seq 30`; do + $LDAPSEARCH -b "$BASEDN" -H $URI1 -z 1 > /dev/null 2>&1 + RC=$? + if test $RC != 0 ; then + break + fi + echo -n '.' + sleep 1 +done + +MEASURED_END=`date +%s` +case $RC in +4) + echo "Server is back ($(( $MEASURED_END - $QUARANTINE_START ))s after start of quarantine)" + ;; +0) + echo "Quarantine was never lifted!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + ;; +*) + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +if test "$EARLIEST_QUARANTINE_END" -gt "$MEASURED_END" ; then + echo "Quarantine lifted $(( $EARLIEST_QUARANTINE_END - $MEASURED_END ))s too early" + exit $RC +fi + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 diff --git a/tests/data/regressions/its8721/slapd-backend.conf b/tests/data/regressions/its8721/slapd-backend.conf new file mode 100644 index 0000000..c06935d --- /dev/null +++ b/tests/data/regressions/its8721/slapd-backend.conf @@ -0,0 +1,38 @@ +# provider slapd config -- for testing +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +include @SCHEMADIR@/core.schema +include @SCHEMADIR@/cosine.schema +include @SCHEMADIR@/inetorgperson.schema +include @SCHEMADIR@/openldap.schema +include @SCHEMADIR@/nis.schema +pidfile @TESTDIR@/slapd.m.pid +argsfile @TESTDIR@/slapd.m.args + +####################################################################### +# database definitions +####################################################################### + +#mod#modulepath ../servers/slapd/back-@BACKEND@/:../servers/slapd/overlays +#mod#moduleload back_@BACKEND@.la + +# here the proxy is not only acting as a proxy, but it also has a local database dc=local,dc=com" +database @BACKEND@ +suffix "cn=@ID@,dc=example,dc=com" +rootdn "cn=@ID@,dc=example,dc=com" +rootpw "secret" +#~null~#directory @TESTDIR@/db.@ID@.a + +database monitor diff --git a/tests/data/regressions/its8721/slapd-proxy.conf b/tests/data/regressions/its8721/slapd-proxy.conf new file mode 100644 index 0000000..10748b7 --- /dev/null +++ b/tests/data/regressions/its8721/slapd-proxy.conf @@ -0,0 +1,41 @@ +# provider slapd config -- for testing +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +include @SCHEMADIR@/core.schema +include @SCHEMADIR@/cosine.schema +include @SCHEMADIR@/inetorgperson.schema +include @SCHEMADIR@/openldap.schema +include @SCHEMADIR@/nis.schema +pidfile @TESTDIR@/slapd.m.pid +argsfile @TESTDIR@/slapd.m.args + +####################################################################### +# database definitions +####################################################################### + +#ldapmod#modulepath ../servers/slapd/back-ldap/ +#ldapmod#moduleload back_ldap.la +#metamod#modulepath ../servers/slapd/back-meta/ +#metamod#moduleload back_meta.la + +# Configure proxy +database meta +quarantine 20,+ +suffix "dc=example,dc=com" + +uri "@URI2@cn=2,dc=example,dc=com" +uri "@URI3@cn=3,dc=example,dc=com" + +database monitor |