#! /bin/sh
## This work is part of OpenLDAP Software .
##
## Copyright 1998-2022 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## .
echo "running defines.sh"
. $SRCDIR/scripts/defines.sh
if test $DYNLIST = "dynlistno" ; then
echo "dynlist overlay not available, test skipped"
exit 0
fi
if test $BACKEND = ldif ; then
# dynlist+ldif fails because back-ldif lacks bi_op_compare()
echo "$BACKEND backend unsuitable for dynlist overlay, test skipped"
exit 0
fi
mkdir -p $TESTDIR $DBDIR1
$SLAPPASSWD -g -n >$CONFIGPWF
echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf
DBIX=2
echo "Running slapadd to build slapd database..."
. $CONFFILTER $BACKEND < $DYNLISTCONF > $CONF1
$SLAPADD -f $CONF1 -l $LDIFORDERED
RC=$?
if test $RC != 0 ; then
echo "slapadd failed ($RC)!"
exit $RC
fi
echo "Starting slapd on TCP/IP port $PORT1..."
$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
echo PID $PID
read foo
fi
KILLPIDS="$PID"
sleep 1
echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
'(objectclass=*)' > /dev/null 2>&1
RC=$?
if test $RC = 0 ; then
break
fi
echo "Waiting 5 seconds for slapd to start..."
sleep 5
done
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
cat /dev/null > $SEARCHOUT
LISTDN="ou=Dynamic Lists,$BASEDN"
echo "Adding a dynamic list..."
$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
> $TESTOUT 2>&1 << EOMODS
dn: $LISTDN
objectClass: organizationalUnit
ou: Dynamic Lists
dn: cn=Dynamic List,$LISTDN
objectClass: groupOfURLs
cn: Dynamic List
memberURL: ldap:///ou=People,${BASEDN}?cn,mail?sub?(objectClass=person)
EOMODS
echo "Testing list search of all attrs..."
echo "# Testing list search of all attrs..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List)' '*' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search of a listed attr..."
echo "# Testing list search of a listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List)' mail \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search of a non-listed attr..."
echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List)' objectClass \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search with (critical) manageDSAit..."
echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 -MM \
'(cn=Dynamic List)' '*' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing filtered search with all attrs..."
echo "# Testing filtered search with all attrs..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(mail=jdoe@woof.net)' '*' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing filtered search of a listed attr..."
echo "# Testing filtered search of a listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(mail=jdoe@woof.net)' mail \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing filtered search of a non-listed attr..."
echo "# Testing filtered search of a non-listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(mail=jdoe@woof.net)' objectClass \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing filtered search of a non-present attr..."
echo "# Testing filtered search of a non-present attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(mail=nobody@nowhere)' objectClass \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list compare..."
echo "# Testing list compare..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 \
"cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
6)
echo "ldapcompare returned TRUE ($RC)"
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "Testing list compare (should return FALSE)..."
echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 \
"cn=Dynamic List,$LISTDN" "cn:FALSE" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)"
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "Testing list compare (should return UNDEFINED)..."
echo "# Testing list compare (should return UNDEFINED)..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 \
"cn=Dynamic List,$LISTDN" "dc:UNDEFINED" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
16|32)
echo "ldapcompare returned UNDEFINED ($RC)"
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)"
;;
esac
echo "" >> $SEARCHOUT
echo "Testing list compare with manageDSAit..."
echo "# Testing list compare with manageDSAit..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 -MM \
"cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)"
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "Reconfiguring slapd..."
$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
$TESTOUT 2>&1 << EOMODS
version: 1
dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
changetype: modify
delete: olcDynListAttrSet
olcDynListAttrSet: {0}
-
add: olcDynListAttrSet
olcDynListAttrSet: groupOfURLs memberURL sn:cn mail
-
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "==========================================================" >> $LOG1
echo "Testing attribute mapping"
echo "Testing list search of all (mapped) attrs..."
echo "# Testing list search of all (mapped) attrs..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List)' '*' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search of a (mapped) listed attr..."
echo "# Testing list search of a (mapped) listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List)' sn \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search of a (n unmapped) listed attr..."
echo "# Testing list search of a (n unmapped) listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List)' mail \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list compare (mapped attrs) ..."
echo "# Testing list compare (mapped attrs) ..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 \
"cn=Dynamic List,$LISTDN" "sn:Bjorn Jensen" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
6)
echo "ldapcompare returned TRUE ($RC)"
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "Testing list compare (mapped attrs; should return FALSE)..."
echo "# Testing list compare (mapped attrs; should return FALSE)..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 \
"cn=Dynamic List,$LISTDN" "sn:FALSE" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)"
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "Reconfiguring slapd..."
$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
$TESTOUT 2>&1 << EOMODS
version: 1
dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
changetype: modify
delete: olcDynListAttrSet
olcDynListAttrSet: {0}
-
add: olcDynListAttrSet
olcDynListAttrSet: groupOfURLs memberURL member
-
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "==========================================================" >> $LOG1
echo "Adding a dynamic list..."
$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
> $TESTOUT 2>&1 << EOMODS
dn: cn=Dynamic List of Members,$LISTDN
objectClass: groupOfURLs
cn: Dynamic List of Members
memberURL: ldap:///ou=People,${BASEDN}??sub?(objectClass=person)
EOMODS
echo "Testing list search of all attrs..."
echo "# Testing list search of all attrs..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List of Members)' '*' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search of a listed attr..."
echo "# Testing list search of a listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List of Members)' member \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search of a non-listed attr..."
echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List of Members)' objectClass \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search with (critical) manageDSAit..."
echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 -MM \
'(&(cn=Dynamic List of Members)(objectClass=groupOfURLs))' '*' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
CMPDN="$BJORNSDN"
echo "Testing list compare..."
echo "# Testing list compare..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 \
"cn=Dynamic List of Members,$LISTDN" "member:$CMPDN" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
6)
echo "ldapcompare returned TRUE ($RC)"
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
CMPDN="$BADBJORNSDN"
echo "Testing list compare (should return FALSE)..."
echo "# Testing list compare... (should return FALSE)" >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 \
"cn=Dynamic List of Members,$LISTDN" "member:$CMPDN" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)"
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
CMPDN="$BJORNSDN"
echo "Testing list compare (should return FALSE)..."
echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 \
"cn=Dynamic List of Members,$LISTDN" "member:cn=Foo Bar" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)"
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "Testing list compare with manageDSAit (should return UNDEFINED)..."
echo "# Testing list compare with manageDSAit (should return UNDEFINED)..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 -MM \
"cn=Dynamic List,$LISTDN" "member:$CMPDN" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
16|32)
echo "ldapcompare returned UNDEFINED ($RC)"
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "==========================================================" >> $LOG1
echo "Testing dgIdentity..."
# Set ACL, require authentication to get list contents
$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
$TESTOUT 2>&1 << EOMODS
version: 1
dn: olcDatabase={$DBIX}$BACKEND,cn=config
changetype: modify
add: olcAccess
olcAccess: to dn.base="cn=Dynamic List of Members,$LISTDN" by * read
olcAccess: to * by users read by * search
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search without dgIdentity..."
echo "# Testing list search without dgIdentity..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List of Members)' '*' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
> $TESTOUT 2>&1 << EOMODS
dn: cn=Dynamic List of Members,$LISTDN
changetype: modify
add: objectClass
objectClass: dgIdentityAux
-
add: dgIdentity
dgIdentity: $CMPDN
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search with dgIdentity..."
echo "# Testing list search with dgIdentity..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List of Members)' '*' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing dgAuthz..."
CMPDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN"
$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
> $TESTOUT 2>&1 << EOMODS
dn: cn=Dynamic List of Members,$LISTDN
changetype: modify
add: dgAuthz
dgAuthz: dn:$BABSDN
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search with dgIdentity and dgAuthz anonymously..."
echo "# Testing list search with dgIdentity and dgAuthz anonymously..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
'(cn=Dynamic List of Members)' '*' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing list search with dgIdentity and dgAuthz as the authorized identity..."
echo "# Testing list search with dgIdentity and dgAuthz as the authorized identity..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
'(cn=Dynamic List of Members)' '*' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Reconfiguring slapd..."
$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
$TESTOUT 2>&1 << EOMODS
version: 1
dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
changetype: modify
delete: olcDynListAttrSet
olcDynListAttrSet: {0}
-
add: olcDynListAttrSet
olcDynListAttrSet: groupOfURLs memberURL member+memberOf
-
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "==========================================================" >> $LOG1
echo "Testing memberOf functionality..."
echo "# Testing memberOf functionality..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
'(cn=Mark Elliot)' '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing filtered memberOf functionality..."
echo "# Testing filtered memberOf functionality..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
'(&(memberOf=cn=Dynamic List of Members,ou=Dynamic Lists,dc=example,dc=com)(cn=Mark Elliot))' '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Reconfiguring slapd..."
$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
$TESTOUT 2>&1 << EOMODS
version: 1
dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
changetype: modify
delete: olcDynListAttrSet
olcDynListAttrSet: {0}
-
add: olcDynListAttrSet
olcDynListAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames
-
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "==========================================================" >> $LOG1
echo "Testing static group memberOf functionality..."
echo "# Testing static group memberOf functionality..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
'(cn=Mark Elliot)' '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing static group member compare..."
echo "# Testing static group member compare..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 \
"cn=all staff,ou=groups,$BASEDN" "member:cn=Mark Elliot,ou=Alumni Association,ou=People,$BASEDN" >> $SEARCHOUT
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
6)
echo "ldapcompare returned TRUE ($RC)"
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "Testing static group non-member compare (should return FALSE)..."
echo "# Testing static group non-member compare (should return FALSE)..." >> $SEARCHOUT
$LDAPCOMPARE -H $URI1 \
"cn=all staff,ou=groups,$BASEDN" "member:cn=Not A User,ou=Alumni Association,ou=People,$BASEDN" >> $SEARCHOUT
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)"
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "Reconfiguring slapd..."
$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
$TESTOUT 2>&1 << EOMODS
version: 1
dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
changetype: modify
delete: olcDynListAttrSet
olcDynListAttrSet: {0}
-
add: olcDynListAttrSet
olcDynListAttrSet: groupOfURLs memberURL member+memberOf*
-
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "==========================================================" >> $LOG1
echo "Adding a couple dynamic groups..."
$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
> $TESTOUT 2>&1 << EOMODS
dn: cn=The Smiths,$LISTDN
objectClass: groupOfURLs
cn: The Smiths
memberURL: ldap:///ou=People,${BASEDN}??sub?(sn=Smith)
description: Smith family
dn: cn=Meta Group,$LISTDN
objectClass: groupOfURLs
cn: Meta Group
memberURL: ldap:///${LISTDN}??sub?(description=Smith%20family)
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapadd failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing nested dynamic group functionality..."
echo "# Testing nested dynamic group functionality..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
'(objectclass=*)' '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
'(cn=Mark Elliot)' '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Reconfiguring slapd..."
$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
$TESTOUT 2>&1 << EOMODS
version: 1
dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
changetype: modify
delete: olcDynListAttrSet
olcDynListAttrSet: {0}
-
add: olcDynListAttrSet
olcDynListAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames*
olcDynListAttrSet: labeledURIObject labeledURI uniqueMember+seeAlso@groupOfUniqueNames
-
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "==========================================================" >> $LOG1
echo "Adding a couple static groups..."
$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
> $TESTOUT 2>&1 << EOMODS
dn: cn=The Jensens,ou=Groups,$BASEDN
objectClass: groupOfnames
cn: The Jensens
member: cn=Bjorn Jensen,ou=Information Technology DivisioN,ou=People,$BASEDN
member: cn=Barbara Jensen,ou=Information Technology DivisioN,ou=People,$BASEDN
dn: cn=JJs,ou=Groups,$BASEDN
objectClass: groupOfnames
cn: JJs
member: cn=James A Jones 1,ou=Alumni Association,ou=People,$BASEDN
member: cn=James A Jones 2,ou=Information Technology Division,ou=People,$BASEDN
member: cn=The Jensens,ou=Groups,$BASEDN
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapadd failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing nested static group functionality..."
echo "# Testing nested static group functionality..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
'(sn=Jensen)' '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Adding another nested group..."
$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
> $TESTOUT 2>&1 << EOMODS
dn: cn=Bonus Group,ou=Groups,$BASEDN
objectClass: groupOfnames
cn: Bonus Group
member: cn=Ursula Hampster,ou=Alumni Association,ou=People,$BASEDN
member: cn=Meta Group,$LISTDN
EOMODS
$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
'(sn=Hampster)' '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
'(sn=Doe)' '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
'(sn=Smith)' '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing filtered nested memberOf functionality..."
echo "# Testing filtered nested memberOf functionality..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
"(memberOf=cn=bonus group,ou=groups,$BASEDN)" '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
"(&(uid=jjones)(memberOf=cn=jjs,ou=groups,$BASEDN))" 'uid' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing negated filtered memberOf functionality..."
echo "# Testing negated filtered memberOf functionality..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
"(&(objectClass=OpenLDAPperson)(!(memberOf=cn=Alumni Assoc Staff,ou=groups,$BASEDN)))" '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Testing filtered nested member functionality..."
echo "# Testing filtered nested member functionality..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
-D "$BABSDN" -w bjensen \
"(member=cn=Jennifer Smith,ou=Alumni Association,ou=People,$BASEDN)" '*' 'memberOf' \
>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
test $KILLSERVERS != no && kill -HUP $KILLPIDS
LDIF=$DYNLISTOUT
echo "Filtering ldapsearch results..."
$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
$LDIFFILTER < $LDIF > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "Comparison failed"
exit 1
fi
echo ">>>>> Test succeeded"
test $KILLSERVERS != no && wait
exit 0