test014-whoami revision 1.1
1 #! /bin/sh 2 # $OpenLDAP: pkg/ldap/tests/scripts/test014-whoami,v 1.23.2.4 2008/02/11 23:44:27 quanah Exp $ 3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 ## 5 ## Copyright 1998-2008 The OpenLDAP Foundation. 6 ## All rights reserved. 7 ## 8 ## Redistribution and use in source and binary forms, with or without 9 ## modification, are permitted only as authorized by the OpenLDAP 10 ## Public License. 11 ## 12 ## A copy of this license is available in the file LICENSE in the 13 ## top-level directory of the distribution or, alternatively, at 14 ## <http://www.OpenLDAP.org/license.html>. 15 16 echo "running defines.sh" 17 . $SRCDIR/scripts/defines.sh 18 19 mkdir -p $TESTDIR $DBDIR1 20 21 echo "Running slapadd to build slapd database..." 22 . $CONFFILTER $BACKEND $MONITORDB < $WHOAMICONF > $ADDCONF 23 $SLAPADD -f $ADDCONF -l $LDIFWHOAMI 24 RC=$? 25 if test $RC != 0 ; then 26 echo "slapadd failed ($RC)!" 27 exit $RC 28 fi 29 30 echo "Starting slapd on TCP/IP port $PORT..." 31 . $CONFFILTER $BACKEND $MONITORDB < $WHOAMICONF > $CONF1 32 $SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 & 33 PID=$! 34 if test $WAIT != 0 ; then 35 echo PID $PID 36 read foo 37 fi 38 KILLPIDS="$PID" 39 40 sleep 1 41 42 echo "Using ldapsearch to check that slapd is running..." 43 for i in 0 1 2 3 4 5; do 44 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \ 45 'objectclass=*' > /dev/null 2>&1 46 RC=$? 47 if test $RC = 0 ; then 48 break 49 fi 50 echo "Waiting 5 seconds for slapd to start..." 51 sleep 5 52 done 53 54 echo "Testing ldapwhoami as anonymous..." 55 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 56 57 RC=$? 58 if test $RC != 0 ; then 59 echo "ldapwhoami failed ($RC)!" 60 test $KILLSERVERS != no && kill -HUP $KILLPIDS 61 exit $RC 62 fi 63 64 echo "Testing ldapwhoami as ${MANAGERDN}..." 65 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD 66 67 RC=$? 68 if test $RC != 0 ; then 69 echo "ldapwhoami failed ($RC)!" 70 test $KILLSERVERS != no && kill -HUP $KILLPIDS 71 exit $RC 72 fi 73 74 echo "Testing ldapwhoami as ${MANAGERDN} for anonymous..." 75 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD \ 76 -e \!authzid="" 77 78 RC=$? 79 if test $RC != 0 ; then 80 echo "ldapwhoami failed ($RC)!" 81 test $KILLSERVERS != no && kill -HUP $KILLPIDS 82 exit $RC 83 fi 84 85 echo "Testing ldapwhoami as ${MANAGERDN} for dn:$BABSDN..." 86 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD \ 87 -e \!authzid="dn:$BABSDN" 88 89 RC=$? 90 if test $RC != 0 ; then 91 echo "ldapwhoami failed ($RC)!" 92 test $KILLSERVERS != no && kill -HUP $KILLPIDS 93 exit $RC 94 fi 95 96 echo "Testing ldapwhoami as ${MANAGERDN} for u:uham..." 97 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD \ 98 -e \!authzid="u:uham" 99 100 RC=$? 101 if test $RC != 0 ; then 102 echo "ldapwhoami failed ($RC)!" 103 test $KILLSERVERS != no && kill -HUP $KILLPIDS 104 exit $RC 105 fi 106 107 # authzFrom: someone else => bjorn 108 echo "Testing authzFrom..." 109 110 BINDDN="cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 111 BINDPW=bjensen 112 AUTHZID="u:bjorn" 113 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.exact)..." 114 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 115 -e \!authzid="$AUTHZID" 116 117 RC=$? 118 if test $RC != 0 ; then 119 echo "ldapwhoami failed ($RC)!" 120 test $KILLSERVERS != no && kill -HUP $KILLPIDS 121 exit $RC 122 fi 123 124 BINDDN="cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com" 125 BINDPW=melliot 126 AUTHZID="u:bjorn" 127 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (u)..." 128 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 129 -e \!authzid="$AUTHZID" 130 131 RC=$? 132 if test $RC != 0 ; then 133 echo "ldapwhoami failed ($RC)!" 134 test $KILLSERVERS != no && kill -HUP $KILLPIDS 135 exit $RC 136 fi 137 138 BINDDN="cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com" 139 BINDPW=jen 140 AUTHZID="u:bjorn" 141 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI)..." 142 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 143 -e \!authzid="$AUTHZID" 144 145 RC=$? 146 if test $RC != 0 ; then 147 echo "ldapwhoami failed ($RC)!" 148 test $KILLSERVERS != no && kill -HUP $KILLPIDS 149 exit $RC 150 fi 151 152 BINDDN="cn=James A Jones 2,ou=Information Technology Division,ou=People,dc=example,dc=com" 153 BINDPW=jjones 154 AUTHZID="u:bjorn" 155 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (group)..." 156 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 157 -e \!authzid="$AUTHZID" 158 159 RC=$? 160 if test $RC != 0 ; then 161 echo "ldapwhoami failed ($RC)!" 162 test $KILLSERVERS != no && kill -HUP $KILLPIDS 163 exit $RC 164 fi 165 166 BINDDN="cn=No One,ou=Information Technology Division,ou=People,dc=example,dc=com" 167 BINDPW=noone 168 AUTHZID="u:bjorn" 169 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.onelevel)..." 170 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 171 -e \!authzid="$AUTHZID" 172 173 RC=$? 174 if test $RC != 0 ; then 175 echo "ldapwhoami failed ($RC)!" 176 test $KILLSERVERS != no && kill -HUP $KILLPIDS 177 exit $RC 178 fi 179 180 BINDDN="cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com" 181 BINDPW=dots 182 AUTHZID="u:bjorn" 183 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.regex)..." 184 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 185 -e \!authzid="$AUTHZID" 186 187 RC=$? 188 if test $RC != 0 ; then 189 echo "ldapwhoami failed ($RC)!" 190 test $KILLSERVERS != no && kill -HUP $KILLPIDS 191 exit $RC 192 fi 193 194 BINDDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com" 195 BINDPW=jaj 196 AUTHZID="u:bjorn" 197 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.children)..." 198 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 199 -e \!authzid="$AUTHZID" 200 201 RC=$? 202 if test $RC != 0 ; then 203 echo "ldapwhoami failed ($RC)!" 204 test $KILLSERVERS != no && kill -HUP $KILLPIDS 205 exit $RC 206 fi 207 208 BINDDN="cn=ITD Staff,ou=Groups,dc=example,dc=com" 209 BINDPW=ITD 210 AUTHZID="u:bjorn" 211 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.subtree)..." 212 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 213 -e \!authzid="$AUTHZID" 214 215 RC=$? 216 if test $RC != 0 ; then 217 echo "ldapwhoami failed ($RC)!" 218 test $KILLSERVERS != no && kill -HUP $KILLPIDS 219 exit $RC 220 fi 221 222 BINDDN="cn=Should Fail,dc=example,dc=com" 223 BINDPW=fail 224 AUTHZID="u:bjorn" 225 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..." 226 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 227 -e \!authzid="$AUTHZID" 228 229 RC=$? 230 case $RC in 231 1) 232 ;; 233 0) 234 echo "ldapwhoami should have failed ($RC)!" 235 test $KILLSERVERS != no && kill -HUP $KILLPIDS 236 exit -1 237 ;; 238 *) 239 echo "ldapwhoami failed ($RC)!" 240 test $KILLSERVERS != no && kill -HUP $KILLPIDS 241 exit $RC 242 ;; 243 esac 244 245 BINDDN="cn=Must Fail,dc=example,dc=com" 246 BINDPW=fail 247 AUTHZID="u:bjorn" 248 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..." 249 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 250 -e \!authzid="$AUTHZID" 251 252 RC=$? 253 case $RC in 254 1) 255 ;; 256 0) 257 echo "ldapwhoami should have failed ($RC)!" 258 test $KILLSERVERS != no && kill -HUP $KILLPIDS 259 exit -1 260 ;; 261 *) 262 echo "ldapwhoami failed ($RC)!" 263 test $KILLSERVERS != no && kill -HUP $KILLPIDS 264 exit $RC 265 ;; 266 esac 267 268 # authzTo: bjorn => someone else 269 echo "Testing authzTo..." 270 271 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 272 BINDPW=bjorn 273 AUTHZID="u:bjensen" 274 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.exact)..." 275 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 276 -e \!authzid="$AUTHZID" 277 278 RC=$? 279 if test $RC != 0 ; then 280 echo "ldapwhoami failed ($RC)!" 281 test $KILLSERVERS != no && kill -HUP $KILLPIDS 282 exit $RC 283 fi 284 285 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 286 BINDPW=bjorn 287 AUTHZID="u:melliot" 288 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (u)..." 289 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 290 -e \!authzid="$AUTHZID" 291 292 RC=$? 293 if test $RC != 0 ; then 294 echo "ldapwhoami failed ($RC)!" 295 test $KILLSERVERS != no && kill -HUP $KILLPIDS 296 exit $RC 297 fi 298 299 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 300 BINDPW=bjorn 301 AUTHZID="u:jdoe" 302 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI)..." 303 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 304 -e \!authzid="$AUTHZID" 305 306 RC=$? 307 if test $RC != 0 ; then 308 echo "ldapwhoami failed ($RC)!" 309 test $KILLSERVERS != no && kill -HUP $KILLPIDS 310 exit $RC 311 fi 312 313 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 314 BINDPW=bjorn 315 AUTHZID="u:jjones" 316 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (group)..." 317 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 318 -e \!authzid="$AUTHZID" 319 320 RC=$? 321 if test $RC != 0 ; then 322 echo "ldapwhoami failed ($RC)!" 323 test $KILLSERVERS != no && kill -HUP $KILLPIDS 324 exit $RC 325 fi 326 327 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 328 BINDPW=bjorn 329 AUTHZID="u:noone" 330 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.onelevel)..." 331 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 332 -e \!authzid="$AUTHZID" 333 334 RC=$? 335 if test $RC != 0 ; then 336 echo "ldapwhoami failed ($RC)!" 337 test $KILLSERVERS != no && kill -HUP $KILLPIDS 338 exit $RC 339 fi 340 341 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 342 BINDPW=bjorn 343 AUTHZID="u:dots" 344 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.regex)..." 345 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 346 -e \!authzid="$AUTHZID" 347 348 RC=$? 349 if test $RC != 0 ; then 350 echo "ldapwhoami failed ($RC)!" 351 test $KILLSERVERS != no && kill -HUP $KILLPIDS 352 exit $RC 353 fi 354 355 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 356 BINDPW=bjorn 357 AUTHZID="u:jaj" 358 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.children)..." 359 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 360 -e \!authzid="$AUTHZID" 361 362 RC=$? 363 if test $RC != 0 ; then 364 echo "ldapwhoami failed ($RC)!" 365 test $KILLSERVERS != no && kill -HUP $KILLPIDS 366 exit $RC 367 fi 368 369 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 370 BINDPW=bjorn 371 AUTHZID="u:group/itd staff" 372 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.subtree)..." 373 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 374 -e \!authzid="$AUTHZID" 375 376 RC=$? 377 if test $RC != 0 ; then 378 echo "ldapwhoami failed ($RC)!" 379 test $KILLSERVERS != no && kill -HUP $KILLPIDS 380 exit $RC 381 fi 382 383 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 384 BINDPW=bjorn 385 AUTHZID="u:fail" 386 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..." 387 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 388 -e \!authzid="$AUTHZID" 389 390 RC=$? 391 case $RC in 392 1) 393 ;; 394 0) 395 echo "ldapwhoami should have failed ($RC)!" 396 test $KILLSERVERS != no && kill -HUP $KILLPIDS 397 exit -1 398 ;; 399 *) 400 echo "ldapwhoami failed ($RC)!" 401 test $KILLSERVERS != no && kill -HUP $KILLPIDS 402 exit $RC 403 ;; 404 esac 405 406 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 407 BINDPW=bjorn 408 AUTHZID="dn:cn=Should Fail,dc=example,dc=com" 409 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..." 410 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 411 -e \!authzid="$AUTHZID" 412 413 RC=$? 414 case $RC in 415 1) 416 ;; 417 0) 418 echo "ldapwhoami should have failed ($RC)!" 419 test $KILLSERVERS != no && kill -HUP $KILLPIDS 420 exit -1 421 ;; 422 *) 423 echo "ldapwhoami failed ($RC)!" 424 test $KILLSERVERS != no && kill -HUP $KILLPIDS 425 exit $RC 426 ;; 427 esac 428 429 BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 430 BINDPW=bjorn 431 AUTHZID="dn:cn=don't!" 432 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (no authzTo; should fail)..." 433 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 434 -e \!authzid="$AUTHZID" 435 436 RC=$? 437 if test $RC != 1 ; then 438 echo "ldapwhoami failed ($RC)!" 439 test $KILLSERVERS != no && kill -HUP $KILLPIDS 440 exit $RC 441 fi 442 443 BINDDN="dc=example,dc=com" 444 BINDPW=example 445 AUTHZID="dn:" 446 echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID}\"\" (dn.exact; should succeed)..." 447 $LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \ 448 -e \!authzid="$AUTHZID" 449 450 RC=$? 451 if test $RC != 0 ; then 452 echo "ldapwhoami failed ($RC)!" 453 test $KILLSERVERS != no && kill -HUP $KILLPIDS 454 exit $RC 455 fi 456 457 test $KILLSERVERS != no && kill -HUP $KILLPIDS 458 459 echo ">>>>> Test succeeded" 460 461 test $KILLSERVERS != no && wait 462 463 exit 0 464 465 ## Note to developers: when SLAPD_DEBUG=-1 the command 466 ## awk '/^do_extended$/ {if (c) {print c} c=0} /<===slap_sasl_match:/ {c++} END {print c}' $TESTDIR/slapd.1.log 467 ## must return the sequence 1 2 3 4 5 6 7 8 8 8 1 2 3 4 5 6 7 8 8 8 8 1 468 ## to indicate that the authzFrom and authzTo rules applied in the right order. 469
Indexes created Thu May 07 00:24:58 UTC 2026