1 #! /bin/sh 2 # $OpenLDAP$ 3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 ## 5 ## Copyright 1998-2024 The OpenLDAP Foundation. 6 ## All rights reserved. 7 ## 8 ## Redistribution and use in source and binary forms, with or without 9 ## modification, are permitted only as authorized by the OpenLDAP 10 ## Public License. 11 ## 12 ## A copy of this license is available in the file LICENSE in the 13 ## top-level directory of the distribution or, alternatively, at 14 ## <http://www.OpenLDAP.org/license.html>. 15 16 echo "running defines.sh" 17 . $SRCDIR/scripts/defines.sh 18 19 mkdir -p $TESTDIR $DBDIR1 20 21 echo "Running slapadd to build slapd database..." 22 . $CONFFILTER $BACKEND < $CONF > $CONF1 23 #echo $SLAPADD -f $CONF1 -l $LDIFORDERED 24 $SLAPADD -f $CONF1 -l $LDIFORDERED 25 RC=$? 26 if test $RC != 0 ; then 27 echo "slapadd failed ($RC)!" 28 exit $RC 29 fi 30 31 echo "Starting slapd on TCP/IP port $PORT1..." 32 #valgrind -v --gdb-attach=yes --logfile=info --num-callers=16 --leak-check=yes --leak-resolution=high $SLAPD -f $CONF1 -h $URI1 -d $LVL </dev/tty > $LOG1 2>&1 & 33 $SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & 34 PID=$! 35 if test $WAIT != 0 ; then 36 echo PID $PID 37 read foo 38 fi 39 KILLPIDS="$PID" 40 41 echo "Testing certificate handling..." 42 43 sleep 1 44 45 for i in 0 1 2 3 4 5; do 46 $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 47 'objectclass=*' > /dev/null 2>&1 48 RC=$? 49 if test $RC = 0 ; then 50 break 51 fi 52 echo "Waiting 5 seconds for slapd to start..." 53 sleep 5 54 done 55 56 if test $RC != 0 ; then 57 echo "ldapsearch failed ($RC)!" 58 test $KILLSERVERS != no && kill -HUP $KILLPIDS 59 exit $RC 60 fi 61 62 echo "Add certificates..." 63 $LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \ 64 $TESTOUT 2>&1 << EOMODS 65 version: 1 66 67 # LEADING COMMENT AND WHITE SPACE 68 69 # should use certificationAuthority instead of extensibleObject 70 dn: dc=example,dc=com 71 changetype: modify 72 add: objectClass 73 objectClass: extensibleObject 74 - 75 add: cAcertificate;binary 76 cAcertificate;binary:: 77 MIIDVDCCAr2gAwIBAgIBADANBgkqhkiG9w0BAQQFADB3MQswCQYDVQQGEwJVUzET 78 MBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwg 79 THRkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhh 80 bXBsZS5jb20wHhcNMDMxMDE3MTYzMDQxWhcNMDQxMDE2MTYzMDQxWjB3MQswCQYD 81 VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAg 82 RXhhbXBsZSwgTHRkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJ 83 ARYOY2FAZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANlj 84 UGxiisAzEiALukzt3Gj/24MRw1J0AZx6GncXLhpNJsAFyA0bYZdAzgvydKeq/uX0 85 i5o/4Byc3G71XAAcbJZxDPtrLwpDAdMNOBvKV2r67yTgnpatFLfGRt/FWazj5EbF 86 YkorWWTe+4eEBd9VPzebHdIm+DPHipUfIAzRoNejAgMBAAGjge8wgewwHQYDVR0O 87 BBYEFEtvIRo2JNKQ+UOwU0ctfeHA5pgjMIGhBgNVHSMEgZkwgZaAFEtvIRo2JNKQ 88 +UOwU0ctfeHA5pgjoXukeTB3MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv 89 cm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjETMBEGA1UEAxMK 90 RXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb22CAQAwDAYD 91 VR0TBAUwAwEB/zAZBgNVHREEEjAQgQ5jYUBleGFtcGxlLmNvbTANBgkqhkiG9w0B 92 AQQFAAOBgQCgXD/+28El3GXi/uxMNEKqtnIhQdTnNU4il0fZ6pcmHPFC+61Bddow 93 90ZZZh5Gbg5ZBxFRhDXN8K/fix3ewRSjASt40dGlEODkE+FsLMt04sYl6kX7RGKg 94 9a46DkeG+uzZnN/3252uCgh+rjNMFAglueUTERv3EtUB1iXEoU3GyA== 95 96 dn: cn=Ursula Hampster,ou=Alumni Association,ou=People,dc=example,dc=com 97 changetype: modify 98 add: objectClass 99 objectClass: strongAuthenticationUser 100 - 101 add: userCertificate;binary 102 userCertificate;binary:: 103 MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDVQQGEwJVUzET 104 MBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwg 105 THRkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhh 106 bXBsZS5jb20wHhcNMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYD 107 VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAg 108 RXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhIEhhbXBzdGVyMR8wHQYJKoZI 109 hvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB 110 iQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJ 111 h+qnsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYm 112 J0erS3aoimOHLEFimmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8 113 MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl 114 cnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUOiC37EK0Uf0XjCBoQYDVR0j 115 BIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1UEBhMCVVMx 116 EzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUs 117 IEx0ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4 118 YW1wbGUuY29tggEAMA0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESu 119 xLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7 120 Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5jds/HnaJsGcHI5JRG7CBJb 121 W+wrwge3trJ1xHJI8prN 122 123 dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com 124 changetype: modify 125 add: objectClass 126 objectClass: strongAuthenticationUser 127 - 128 add: userCertificate;binary 129 userCertificate;binary:: 130 MIIDcDCCAtmgAwIBAgIBATANBgkqhkiG9w0BAQQFADB3MQswCQYDVQQGEwJVUzET 131 MBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwg 132 THRkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhh 133 bXBsZS5jb20wHhcNMDMxMDE3MTYzMTQwWhcNMDQxMDE2MTYzMTQwWjCBgjELMAkG 134 A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQ 135 IEV4YW1wbGUsIEx0ZC4xHTAbBgNVBAMUFEplbm5pZmVyICJKZW4iIFNtaXRoMR4w 136 HAYJKoZIhvcNAQkBFg9qZW5AZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD 137 gY0AMIGJAoGBANUgO8cP/SjqgCVxxsRYv36AP0+QL81iEkGvR4gG6jbtDDBdVYDC 138 YbS2oKKNJ5e99NxGMIjOYfmKcAwmkV46IhdzUtkutgjHEG9vl5ajSwc1KSsbTMTy 139 NtuG3k5k02JYFbP+FrGyUE8iPqK4+i7mVjW4bh/MBCHW88FptnpDJiuHAgMBAAGj 140 gf8wgfwwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0 141 ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFEdo4jpxCQXJ1sh/E1O3ZBkLTbHkMIGh 142 BgNVHSMEgZkwgZaAFEtvIRo2JNKQ+UOwU0ctfeHA5pgjoXukeTB3MQswCQYDVQQG 143 EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhh 144 bXBsZSwgTHRkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYO 145 Y2FAZXhhbXBsZS5jb22CAQAwDQYJKoZIhvcNAQEEBQADgYEAFpHsQUtSZQzmm9k2 146 Vrfs0h7tdkWF3LcHzHk4a/t3k4EXcqlHBxh4f0tmb4XNP9QupRgm6ggr8t3Rq0Vt 147 T8k50x4C7oE8HwZuEEB4FM7S1Zig3dfeJ8MJgdaLqt5/U9Ip/hZdzG2dsUsIceH/ 148 5MCKLu9bGJUjsKnGdm/KpaNwaNo= 149 150 dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com 151 changetype: modify 152 add: userCertificate;binary 153 userCertificate;binary:: 154 MIIDjDCCAvWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADB3MQswCQYDVQQGEwJVUzET 155 MBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwg 156 THRkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhh 157 bXBsZS5jb20wHhcNMDMxMDE3MTYzNTM1WhcNMDQxMDE2MTYzNTM1WjCBnjELMAkG 158 A1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMR8wHQYDVQQKExZPcGVuTERBUCBF 159 eGFtcGxlLCBMdGQuMRswGQYDVQQLExJBbHVtbmkgQXNzb2ljYXRpb24xEjAQBgNV 160 BAMTCUplbiBTbWl0aDEqMCgGCSqGSIb3DQEJARYbamVuQG1haWwuYWx1bW5pLmV4 161 YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpnXWAL0VkROGO 162 1Rg8J3u6F4F7yMqQCbUMsV9rxQisYj45+pmqiHV5urogvT4MGD6eLNFZKBn+0KRn 163 i++uu7gbartzpmBaHOlzRII9ZdVMFfrT2xYNgAlkne6pb6IZIN9UONuH/httENCD 164 J5WEpjZ48D1Lrml/HYO/W+SAMkpEqQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJ 165 YIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1Ud 166 DgQWBBTB2saht/od/nis76b9m+pjxfhSPjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTS 167 kPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlm 168 b3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0ZC4xEzARBgNVBAMT 169 CkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAMA0G 170 CSqGSIb3DQEBBAUAA4GBAIoGPc/AS0cNkMRDNoMIzcFdF9lONMduKBiSuFvv+x8n 171 Cek+LUdXxF59V2NPKh2V5gFh5xbAchyv6FVBnpVtPdB5akCr5tdFQhuBLUXXDk/t 172 THGpIWt7OAjEmpuMzsz3GUB8Zf9rioHOs1DMw+GpzWdnFITxXhAqEDc3quqPrpxZ 173 - 174 delete: userCertificate;binary 175 userCertificate;binary:: 176 MIIDcDCCAtmgAwIBAgIBATANBgkqhkiG9w0BAQQFADB3MQswCQYDVQQGEwJVUzET 177 MBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwg 178 THRkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhh 179 bXBsZS5jb20wHhcNMDMxMDE3MTYzMTQwWhcNMDQxMDE2MTYzMTQwWjCBgjELMAkG 180 A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQ 181 IEV4YW1wbGUsIEx0ZC4xHTAbBgNVBAMUFEplbm5pZmVyICJKZW4iIFNtaXRoMR4w 182 HAYJKoZIhvcNAQkBFg9qZW5AZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD 183 gY0AMIGJAoGBANUgO8cP/SjqgCVxxsRYv36AP0+QL81iEkGvR4gG6jbtDDBdVYDC 184 YbS2oKKNJ5e99NxGMIjOYfmKcAwmkV46IhdzUtkutgjHEG9vl5ajSwc1KSsbTMTy 185 NtuG3k5k02JYFbP+FrGyUE8iPqK4+i7mVjW4bh/MBCHW88FptnpDJiuHAgMBAAGj 186 gf8wgfwwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0 187 ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFEdo4jpxCQXJ1sh/E1O3ZBkLTbHkMIGh 188 BgNVHSMEgZkwgZaAFEtvIRo2JNKQ+UOwU0ctfeHA5pgjoXukeTB3MQswCQYDVQQG 189 EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhh 190 bXBsZSwgTHRkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYO 191 Y2FAZXhhbXBsZS5jb22CAQAwDQYJKoZIhvcNAQEEBQADgYEAFpHsQUtSZQzmm9k2 192 Vrfs0h7tdkWF3LcHzHk4a/t3k4EXcqlHBxh4f0tmb4XNP9QupRgm6ggr8t3Rq0Vt 193 T8k50x4C7oE8HwZuEEB4FM7S1Zig3dfeJ8MJgdaLqt5/U9Ip/hZdzG2dsUsIceH/ 194 5MCKLu9bGJUjsKnGdm/KpaNwaNo= 195 196 dn: cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com 197 changetype: modify 198 replace: userCertificate;binary 199 userCertificate;binary:: 200 MIIDjDCCAvWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADB3MQswCQYDVQQGEwJVUzET 201 MBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwg 202 THRkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhh 203 bXBsZS5jb20wHhcNMDMxMDE3MTYzNTM1WhcNMDQxMDE2MTYzNTM1WjCBnjELMAkG 204 A1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMR8wHQYDVQQKExZPcGVuTERBUCBF 205 eGFtcGxlLCBMdGQuMRswGQYDVQQLExJBbHVtbmkgQXNzb2ljYXRpb24xEjAQBgNV 206 BAMTCUplbiBTbWl0aDEqMCgGCSqGSIb3DQEJARYbamVuQG1haWwuYWx1bW5pLmV4 207 YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpnXWAL0VkROGO 208 1Rg8J3u6F4F7yMqQCbUMsV9rxQisYj45+pmqiHV5urogvT4MGD6eLNFZKBn+0KRn 209 i++uu7gbartzpmBaHOlzRII9ZdVMFfrT2xYNgAlkne6pb6IZIN9UONuH/httENCD 210 J5WEpjZ48D1Lrml/HYO/W+SAMkpEqQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJ 211 YIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1Ud 212 DgQWBBTB2saht/od/nis76b9m+pjxfhSPjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTS 213 kPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlm 214 b3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0ZC4xEzARBgNVBAMT 215 CkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAMA0G 216 CSqGSIb3DQEBBAUAA4GBAIoGPc/AS0cNkMRDNoMIzcFdF9lONMduKBiSuFvv+x8n 217 Cek+LUdXxF59V2NPKh2V5gFh5xbAchyv6FVBnpVtPdB5akCr5tdFQhuBLUXXDk/t 218 THGpIWt7OAjEmpuMzsz3GUB8Zf9rioHOs1DMw+GpzWdnFITxXhAqEDc3quqPrpxZ 219 - 220 delete: userCertificate;binary 221 222 EOMODS 223 224 RC=$? 225 if test $RC != 0 ; then 226 echo "ldapmodify failed ($RC)!" 227 test $KILLSERVERS != no && kill -HUP $KILLPIDS 228 exit $RC 229 fi 230 231 echo 'Using ldapsearch to retrieve (userCertificate;binary=*) ...' 232 echo "# (userCertificate;binary=*)" > $SEARCHOUT 233 $LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ 234 '(userCertificate;binary=*)' >> $SEARCHOUT 2>&1 235 RC=$? 236 if test $RC != 0 ; then 237 echo "ldapsearch failed ($RC)!" 238 test $KILLSERVERS != no && kill -HUP $KILLPIDS 239 exit $RC 240 fi 241 242 echo 'Using ldapsearch to retrieve (cAcertificate=*) ...' 243 echo "# (cAcertificate=*)" >> $SEARCHOUT 244 $LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ 245 '(cAcertificate=*)' >> $SEARCHOUT 2>&1 246 RC=$? 247 if test $RC != 0 ; then 248 echo "ldapsearch failed ($RC)!" 249 test $KILLSERVERS != no && kill -HUP $KILLPIDS 250 exit $RC 251 fi 252 253 SNAI='2$EMAIL=ca (at] example.com,CN=Example CA,O=Openldap Example\5C, Ltd.,ST=California,C=US' 254 255 echo 'Using ldapsearch to retrieve (userCertificate=serialNumberAndIssuer) [old format] ...' 256 echo "# (userCertificate=$SNAI)" >> $SEARCHOUT 257 $LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ 258 "(userCertificate=$SNAI)" >> $SEARCHOUT 2>&1 259 RC=$? 260 if test $RC != 0 ; then 261 echo "ldapsearch failed ($RC)!" 262 test $KILLSERVERS != no && kill -HUP $KILLPIDS 263 exit $RC 264 fi 265 266 SNAI='{ serialNumber 2, issuer "EMAIL=ca (at] example.com,CN=Example CA,O=Openldap Example\5C, Ltd.,ST=California,C=US" }' 267 268 echo 'Using ldapsearch to retrieve (userCertificate=serialNumberAndIssuer) [new format] ...' 269 echo "# (userCertificate=$SNAI)" >> $SEARCHOUT 270 $LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ 271 "(userCertificate=$SNAI)" >> $SEARCHOUT 2>&1 272 RC=$? 273 if test $RC != 0 ; then 274 echo "ldapsearch failed ($RC)!" 275 test $KILLSERVERS != no && kill -HUP $KILLPIDS 276 exit $RC 277 fi 278 279 SNAI='3$EMAIL=ca (at] example.com,CN=Example CA,O=Openldap Example\5C, Ltd.,ST=California,C=US' 280 281 echo 'Using ldapsearch to retrieve (userCertificate:certificateExactMatch:=serialNumberAndIssuer) [old format] ...' 282 echo "# (userCertificate:certificateExactMatch:=$SNAI)" >> $SEARCHOUT 283 $LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ 284 "(userCertificate:certificateExactMatch:=$SNAI)" >> $SEARCHOUT 2>&1 285 RC=$? 286 if test $RC != 0 ; then 287 echo "ldapsearch failed ($RC)!" 288 test $KILLSERVERS != no && kill -HUP $KILLPIDS 289 exit $RC 290 fi 291 292 SNAI='{ issuer "EMAIL=ca (at] example.com,CN=Example CA,O=Openldap Example\5C, Ltd.,ST=California,C=US", serialNumber 3 }' 293 294 echo 'Using ldapsearch to retrieve (userCertificate:certificateExactMatch:=serialNumberAndIssuer) [new format]...' 295 echo "# (userCertificate:certificateExactMatch:=$SNAI)" >> $SEARCHOUT 296 $LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ 297 "(userCertificate:certificateExactMatch:=$SNAI)" >> $SEARCHOUT 2>&1 298 RC=$? 299 if test $RC != 0 ; then 300 echo "ldapsearch failed ($RC)!" 301 test $KILLSERVERS != no && kill -HUP $KILLPIDS 302 exit $RC 303 fi 304 305 test $KILLSERVERS != no && kill -HUP $KILLPIDS 306 307 LDIF=$CERTIFICATETLS 308 309 echo "Filtering ldapsearch results..." 310 $LDIFFILTER < $SEARCHOUT > $SEARCHFLT 311 echo "Filtering original ldif used to create database..." 312 $LDIFFILTER < $LDIF > $LDIFFLT 313 echo "Comparing filter output..." 314 $CMP $SEARCHFLT $LDIFFLT > $CMPOUT 315 316 if test $? != 0 ; then 317 echo "comparison failed - certificate operations did not complete correctly" 318 exit 1 319 fi 320 321 echo ">>>>> Test succeeded" 322 323 test $KILLSERVERS != no && wait 324 325 exit 0 326
Indexes created Mon Apr 13 00:22:24 UTC 2026