diff options
Diffstat (limited to '')
-rwxr-xr-x | tests/scripts/test044-dynlist | 1111 |
1 files changed, 1111 insertions, 0 deletions
diff --git a/tests/scripts/test044-dynlist b/tests/scripts/test044-dynlist new file mode 100755 index 0000000..b7a6b20 --- /dev/null +++ b/tests/scripts/test044-dynlist @@ -0,0 +1,1111 @@ +#! /bin/sh +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2022 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +if test $DYNLIST = "dynlistno" ; then + echo "dynlist overlay not available, test skipped" + exit 0 +fi + +if test $BACKEND = ldif ; then + # dynlist+ldif fails because back-ldif lacks bi_op_compare() + echo "$BACKEND backend unsuitable for dynlist overlay, test skipped" + exit 0 +fi + +mkdir -p $TESTDIR $DBDIR1 + +$SLAPPASSWD -g -n >$CONFIGPWF +echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf + +DBIX=2 + +echo "Running slapadd to build slapd database..." +. $CONFFILTER $BACKEND < $DYNLISTCONF > $CONF1 +$SLAPADD -f $CONF1 -l $LDIFORDERED +RC=$? +if test $RC != 0 ; then + echo "slapadd failed ($RC)!" + exit $RC +fi + + +echo "Starting slapd on TCP/IP port $PORT1..." +$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$PID" + +sleep 1 + +echo "Testing slapd searching..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + '(objectclass=*)' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting 5 seconds for slapd to start..." + sleep 5 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +cat /dev/null > $SEARCHOUT + +LISTDN="ou=Dynamic Lists,$BASEDN" +echo "Adding a dynamic list..." +$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \ + > $TESTOUT 2>&1 << EOMODS +dn: $LISTDN +objectClass: organizationalUnit +ou: Dynamic Lists + +dn: cn=Dynamic List,$LISTDN +objectClass: groupOfURLs +cn: Dynamic List +memberURL: ldap:///ou=People,${BASEDN}?cn,mail?sub?(objectClass=person) +EOMODS + +echo "Testing list search of all attrs..." +echo "# Testing list search of all attrs..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List)' '*' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search of a listed attr..." +echo "# Testing list search of a listed attr..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List)' mail \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search of a non-listed attr..." +echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List)' objectClass \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search with (critical) manageDSAit..." +echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 -MM \ + '(cn=Dynamic List)' '*' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing filtered search with all attrs..." +echo "# Testing filtered search with all attrs..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(mail=jdoe@woof.net)' '*' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing filtered search of a listed attr..." +echo "# Testing filtered search of a listed attr..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(mail=jdoe@woof.net)' mail \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing filtered search of a non-listed attr..." +echo "# Testing filtered search of a non-listed attr..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(mail=jdoe@woof.net)' objectClass \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing filtered search of a non-present attr..." +echo "# Testing filtered search of a non-present attr..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(mail=nobody@nowhere)' objectClass \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list compare..." +echo "# Testing list compare..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 \ + "cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \ + >> $SEARCHOUT 2>&1 +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +6) + echo "ldapcompare returned TRUE ($RC)" + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +echo "Testing list compare (should return FALSE)..." +echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 \ + "cn=Dynamic List,$LISTDN" "cn:FALSE" \ + >> $SEARCHOUT 2>&1 +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)" + ;; +6) + echo "ldapcompare returned TRUE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +echo "Testing list compare (should return UNDEFINED)..." +echo "# Testing list compare (should return UNDEFINED)..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 \ + "cn=Dynamic List,$LISTDN" "dc:UNDEFINED" \ + >> $SEARCHOUT 2>&1 +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +6) + echo "ldapcompare returned TRUE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +16|32) + echo "ldapcompare returned UNDEFINED ($RC)" + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapcompare failed ($RC)" + ;; +esac +echo "" >> $SEARCHOUT + +echo "Testing list compare with manageDSAit..." +echo "# Testing list compare with manageDSAit..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 -MM \ + "cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \ + >> $SEARCHOUT 2>&1 +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)" + ;; +6) + echo "ldapcompare returned TRUE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +echo "Reconfiguring slapd..." +$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \ + $TESTOUT 2>&1 << EOMODS +version: 1 +dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config +changetype: modify +delete: olcDynListAttrSet +olcDynListAttrSet: {0} +- +add: olcDynListAttrSet +olcDynListAttrSet: groupOfURLs memberURL sn:cn mail +- +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "==========================================================" >> $LOG1 + +echo "Testing attribute mapping" + +echo "Testing list search of all (mapped) attrs..." +echo "# Testing list search of all (mapped) attrs..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List)' '*' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search of a (mapped) listed attr..." +echo "# Testing list search of a (mapped) listed attr..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List)' sn \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search of a (n unmapped) listed attr..." +echo "# Testing list search of a (n unmapped) listed attr..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List)' mail \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list compare (mapped attrs) ..." +echo "# Testing list compare (mapped attrs) ..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 \ + "cn=Dynamic List,$LISTDN" "sn:Bjorn Jensen" \ + >> $SEARCHOUT 2>&1 +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +6) + echo "ldapcompare returned TRUE ($RC)" + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +echo "Testing list compare (mapped attrs; should return FALSE)..." +echo "# Testing list compare (mapped attrs; should return FALSE)..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 \ + "cn=Dynamic List,$LISTDN" "sn:FALSE" \ + >> $SEARCHOUT 2>&1 +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)" + ;; +6) + echo "ldapcompare returned TRUE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +echo "Reconfiguring slapd..." +$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \ + $TESTOUT 2>&1 << EOMODS +version: 1 +dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config +changetype: modify +delete: olcDynListAttrSet +olcDynListAttrSet: {0} +- +add: olcDynListAttrSet +olcDynListAttrSet: groupOfURLs memberURL member +- +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "==========================================================" >> $LOG1 + +echo "Adding a dynamic list..." +$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \ + > $TESTOUT 2>&1 << EOMODS +dn: cn=Dynamic List of Members,$LISTDN +objectClass: groupOfURLs +cn: Dynamic List of Members +memberURL: ldap:///ou=People,${BASEDN}??sub?(objectClass=person) +EOMODS + +echo "Testing list search of all attrs..." +echo "# Testing list search of all attrs..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List of Members)' '*' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search of a listed attr..." +echo "# Testing list search of a listed attr..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List of Members)' member \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search of a non-listed attr..." +echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List of Members)' objectClass \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search with (critical) manageDSAit..." +echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 -MM \ + '(&(cn=Dynamic List of Members)(objectClass=groupOfURLs))' '*' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +CMPDN="$BJORNSDN" +echo "Testing list compare..." +echo "# Testing list compare..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 \ + "cn=Dynamic List of Members,$LISTDN" "member:$CMPDN" \ + >> $SEARCHOUT 2>&1 +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +6) + echo "ldapcompare returned TRUE ($RC)" + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +CMPDN="$BADBJORNSDN" +echo "Testing list compare (should return FALSE)..." +echo "# Testing list compare... (should return FALSE)" >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 \ + "cn=Dynamic List of Members,$LISTDN" "member:$CMPDN" \ + >> $SEARCHOUT 2>&1 +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)" + ;; +6) + echo "ldapcompare returned TRUE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +CMPDN="$BJORNSDN" +echo "Testing list compare (should return FALSE)..." +echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 \ + "cn=Dynamic List of Members,$LISTDN" "member:cn=Foo Bar" \ + >> $SEARCHOUT 2>&1 +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)" + ;; +6) + echo "ldapcompare returned TRUE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +echo "Testing list compare with manageDSAit (should return UNDEFINED)..." +echo "# Testing list compare with manageDSAit (should return UNDEFINED)..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 -MM \ + "cn=Dynamic List,$LISTDN" "member:$CMPDN" \ + >> $SEARCHOUT 2>&1 +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +6) + echo "ldapcompare returned TRUE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +16|32) + echo "ldapcompare returned UNDEFINED ($RC)" + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit -1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +echo "==========================================================" >> $LOG1 + +echo "Testing dgIdentity..." + +# Set ACL, require authentication to get list contents +$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \ + $TESTOUT 2>&1 << EOMODS +version: 1 +dn: olcDatabase={$DBIX}$BACKEND,cn=config +changetype: modify +add: olcAccess +olcAccess: to dn.base="cn=Dynamic List of Members,$LISTDN" by * read +olcAccess: to * by users read by * search +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search without dgIdentity..." +echo "# Testing list search without dgIdentity..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List of Members)' '*' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \ + > $TESTOUT 2>&1 << EOMODS +dn: cn=Dynamic List of Members,$LISTDN +changetype: modify +add: objectClass +objectClass: dgIdentityAux +- +add: dgIdentity +dgIdentity: $CMPDN +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search with dgIdentity..." +echo "# Testing list search with dgIdentity..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List of Members)' '*' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing dgAuthz..." + +CMPDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN" +$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \ + > $TESTOUT 2>&1 << EOMODS +dn: cn=Dynamic List of Members,$LISTDN +changetype: modify +add: dgAuthz +dgAuthz: dn:$BABSDN +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search with dgIdentity and dgAuthz anonymously..." +echo "# Testing list search with dgIdentity and dgAuthz anonymously..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + '(cn=Dynamic List of Members)' '*' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing list search with dgIdentity and dgAuthz as the authorized identity..." +echo "# Testing list search with dgIdentity and dgAuthz as the authorized identity..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + '(cn=Dynamic List of Members)' '*' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Reconfiguring slapd..." +$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \ + $TESTOUT 2>&1 << EOMODS +version: 1 +dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config +changetype: modify +delete: olcDynListAttrSet +olcDynListAttrSet: {0} +- +add: olcDynListAttrSet +olcDynListAttrSet: groupOfURLs memberURL member+memberOf +- +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "==========================================================" >> $LOG1 + +echo "Testing memberOf functionality..." +echo "# Testing memberOf functionality..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + '(cn=Mark Elliot)' '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing filtered memberOf functionality..." +echo "# Testing filtered memberOf functionality..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + '(&(memberOf=cn=Dynamic List of Members,ou=Dynamic Lists,dc=example,dc=com)(cn=Mark Elliot))' '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Reconfiguring slapd..." +$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \ + $TESTOUT 2>&1 << EOMODS +version: 1 +dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config +changetype: modify +delete: olcDynListAttrSet +olcDynListAttrSet: {0} +- +add: olcDynListAttrSet +olcDynListAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames +- +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "==========================================================" >> $LOG1 + +echo "Testing static group memberOf functionality..." +echo "# Testing static group memberOf functionality..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + '(cn=Mark Elliot)' '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing static group member compare..." +echo "# Testing static group member compare..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 \ + "cn=all staff,ou=groups,$BASEDN" "member:cn=Mark Elliot,ou=Alumni Association,ou=People,$BASEDN" >> $SEARCHOUT +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +6) + echo "ldapcompare returned TRUE ($RC)" + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +echo "Testing static group non-member compare (should return FALSE)..." +echo "# Testing static group non-member compare (should return FALSE)..." >> $SEARCHOUT +$LDAPCOMPARE -H $URI1 \ + "cn=all staff,ou=groups,$BASEDN" "member:cn=Not A User,ou=Alumni Association,ou=People,$BASEDN" >> $SEARCHOUT +RC=$? +case $RC in +5) + echo "ldapcompare returned FALSE ($RC)" + ;; +6) + echo "ldapcompare returned TRUE ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +0) + echo "ldapcompare returned success ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 + ;; +*) + echo "ldapcompare failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC + ;; +esac +echo "" >> $SEARCHOUT + +echo "Reconfiguring slapd..." +$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \ + $TESTOUT 2>&1 << EOMODS +version: 1 +dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config +changetype: modify +delete: olcDynListAttrSet +olcDynListAttrSet: {0} +- +add: olcDynListAttrSet +olcDynListAttrSet: groupOfURLs memberURL member+memberOf* +- +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "==========================================================" >> $LOG1 + +echo "Adding a couple dynamic groups..." +$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \ + > $TESTOUT 2>&1 << EOMODS +dn: cn=The Smiths,$LISTDN +objectClass: groupOfURLs +cn: The Smiths +memberURL: ldap:///ou=People,${BASEDN}??sub?(sn=Smith) +description: Smith family + +dn: cn=Meta Group,$LISTDN +objectClass: groupOfURLs +cn: Meta Group +memberURL: ldap:///${LISTDN}??sub?(description=Smith%20family) +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing nested dynamic group functionality..." +echo "# Testing nested dynamic group functionality..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + '(objectclass=*)' '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + '(cn=Mark Elliot)' '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Reconfiguring slapd..." +$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \ + $TESTOUT 2>&1 << EOMODS +version: 1 +dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config +changetype: modify +delete: olcDynListAttrSet +olcDynListAttrSet: {0} +- +add: olcDynListAttrSet +olcDynListAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames* +olcDynListAttrSet: labeledURIObject labeledURI uniqueMember+seeAlso@groupOfUniqueNames +- +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapmodify failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "==========================================================" >> $LOG1 + +echo "Adding a couple static groups..." +$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \ + > $TESTOUT 2>&1 << EOMODS +dn: cn=The Jensens,ou=Groups,$BASEDN +objectClass: groupOfnames +cn: The Jensens +member: cn=Bjorn Jensen,ou=Information Technology DivisioN,ou=People,$BASEDN +member: cn=Barbara Jensen,ou=Information Technology DivisioN,ou=People,$BASEDN + +dn: cn=JJs,ou=Groups,$BASEDN +objectClass: groupOfnames +cn: JJs +member: cn=James A Jones 1,ou=Alumni Association,ou=People,$BASEDN +member: cn=James A Jones 2,ou=Information Technology Division,ou=People,$BASEDN +member: cn=The Jensens,ou=Groups,$BASEDN +EOMODS + +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing nested static group functionality..." +echo "# Testing nested static group functionality..." >> $SEARCHOUT +$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + '(sn=Jensen)' '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Adding another nested group..." +$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \ + > $TESTOUT 2>&1 << EOMODS +dn: cn=Bonus Group,ou=Groups,$BASEDN +objectClass: groupOfnames +cn: Bonus Group +member: cn=Ursula Hampster,ou=Alumni Association,ou=People,$BASEDN +member: cn=Meta Group,$LISTDN +EOMODS + +$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + '(sn=Hampster)' '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + '(sn=Doe)' '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + '(sn=Smith)' '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing filtered nested memberOf functionality..." +echo "# Testing filtered nested memberOf functionality..." >> $SEARCHOUT + +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + "(memberOf=cn=bonus group,ou=groups,$BASEDN)" '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + "(&(uid=jjones)(memberOf=cn=jjs,ou=groups,$BASEDN))" 'uid' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing negated filtered memberOf functionality..." +echo "# Testing negated filtered memberOf functionality..." >> $SEARCHOUT + +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + "(&(objectClass=OpenLDAPperson)(!(memberOf=cn=Alumni Assoc Staff,ou=groups,$BASEDN)))" '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Testing filtered nested member functionality..." +echo "# Testing filtered nested member functionality..." >> $SEARCHOUT + +$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ + -D "$BABSDN" -w bjensen \ + "(member=cn=Jennifer Smith,ou=Alumni Association,ou=People,$BASEDN)" '*' 'memberOf' \ + >> $SEARCHOUT 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +LDIF=$DYNLISTOUT + +echo "Filtering ldapsearch results..." +$LDIFFILTER < $SEARCHOUT > $SEARCHFLT +echo "Filtering original ldif used to create database..." +$LDIFFILTER < $LDIF > $LDIFFLT +echo "Comparing filter output..." +$CMP $SEARCHFLT $LDIFFLT > $CMPOUT + +if test $? != 0 ; then + echo "Comparison failed" + exit 1 +fi + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0 |