test024-unique revision 1.1.1.4.6.1
1 #! /bin/sh 2 # $OpenLDAP$ 3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 ## 5 ## Copyright 2004-2016 The OpenLDAP Foundation. 6 ## All rights reserved. 7 ## 8 ## Redistribution and use in source and binary forms, with or without 9 ## modification, are permitted only as authorized by the OpenLDAP 10 ## Public License. 11 ## 12 ## A copy of this license is available in the file LICENSE in the 13 ## top-level directory of the distribution or, alternatively, at 14 ## <http://www.OpenLDAP.org/license.html>. 15 16 echo "running defines.sh" 17 . $SRCDIR/scripts/defines.sh 18 19 if test $UNIQUE = uniqueno; then 20 echo "Attribute Uniqueness overlay not available, test skipped" 21 exit 0 22 fi 23 24 RCODEconstraint=19 25 test $BACKEND = null && RCODEconstraint=0 26 27 mkdir -p $TESTDIR $DBDIR1 28 29 $SLAPPASSWD -g -n >$CONFIGPWF 30 echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf 31 32 echo "Running slapadd to build slapd database..." 33 . $CONFFILTER $BACKEND $MONITORDB < $UNIQUECONF > $CONF1 34 $SLAPADD -f $CONF1 -l $LDIFUNIQUE 35 RC=$? 36 if test $RC != 0 ; then 37 echo "slapadd failed ($RC)!" 38 exit $RC 39 fi 40 41 echo "Starting slapd on TCP/IP port $PORT1..." 42 mkdir $TESTDIR/confdir 43 $SLAPD -f $CONF1 -F $TESTDIR/confdir -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 & 44 PID=$! 45 if test $WAIT != 0 ; then 46 echo PID $PID 47 read foo 48 fi 49 KILLPIDS="$PID" 50 51 sleep 1 52 53 echo "Testing slapd attribute uniqueness operations..." 54 for i in 0 1 2 3 4 5; do 55 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \ 56 'objectclass=*' > /dev/null 2>&1 57 RC=$? 58 if test $RC = 0 ; then 59 break 60 fi 61 echo "Waiting 5 seconds for slapd to start..." 62 sleep 5 63 done 64 65 if test $RC != 0 ; then 66 echo "ldapsearch failed ($RC)!" 67 test $KILLSERVERS != no && kill -HUP $KILLPIDS 68 exit $RC 69 fi 70 71 echo "Adding a unique record..." 72 $LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 73 > /dev/null << EOTUNIQ1 74 dn: uid=dave,ou=users,o=unique 75 objectClass: inetOrgPerson 76 objectClass: simpleSecurityObject 77 uid: dave 78 sn: nothere 79 cn: dave 80 businessCategory: otest 81 carLicense: TEST 82 departmentNumber: 42 83 # NOTE: use special chars in attr value to be used 84 # in internal searches ITS#4212 85 displayName: Dave (ITS#4212) 86 employeeNumber: 69 87 employeeType: contractor 88 givenName: Dave 89 userpassword: $PASSWD 90 EOTUNIQ1 91 RC=$? 92 if test $RC != 0 ; then 93 echo "ldapadd failed ($RC)!" 94 test $KILLSERVERS != no && kill -HUP $KILLPIDS 95 exit $RC 96 fi 97 98 echo "Adding a non-unique record..." 99 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 100 $TESTOUT 2>&1 << EOTUNIQ2 101 dn: uid=bill,ou=users,o=unique 102 objectClass: inetOrgPerson 103 uid: bill 104 sn: johnson 105 cn: bill 106 businessCategory: rtest 107 carLicense: ABC123 108 departmentNumber: 42 109 displayName: Bill 110 employeeNumber: 5150 111 employeeType: contractor 112 givenName: Bill 113 EOTUNIQ2 114 RC=$? 115 if test $RC != $RCODEconstraint ; then 116 echo "unique check failed ($RC)!" 117 test $KILLSERVERS != no && kill -HUP $KILLPIDS 118 exit -1 119 fi 120 121 # ITS#6641/8057 122 echo "Trying to bypass uniqueness as a normal user..." 123 $LDAPADD -M -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 124 $TESTOUT 2>&1 << EOTUNIQ2 125 dn: uid=bill,ou=users,o=unique 126 objectClass: inetOrgPerson 127 uid: bill 128 sn: johnson 129 cn: bill 130 businessCategory: rtest 131 carLicense: ABC123 132 departmentNumber: 42 133 displayName: Bill 134 employeeNumber: 5150 135 employeeType: contractor 136 givenName: Bill 137 EOTUNIQ2 138 RC=$? 139 if test $RC != $RCODEconstraint ; then 140 echo "unique check failed ($RC)!" 141 test $KILLSERVERS != no && kill -HUP $KILLPIDS 142 exit -1 143 fi 144 145 # ITS#6641/8057 146 echo "Bypassing uniqueness as an admin user..." 147 $LDAPADD -M -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 148 $TESTOUT 2>&1 << EOTUNIQ2 149 dn: uid=bill,ou=users,o=unique 150 objectClass: inetOrgPerson 151 uid: bill 152 sn: johnson 153 cn: bill 154 businessCategory: rtest 155 carLicense: ABC123 156 departmentNumber: 42 157 displayName: Bill 158 employeeNumber: 5150 159 employeeType: contractor 160 givenName: Bill 161 EOTUNIQ2 162 RC=$? 163 if test $RC != 0 ; then 164 echo "spurious unique error ($RC)!" 165 test $KILLSERVERS != no && kill -HUP $KILLPIDS 166 exit $RC 167 fi 168 169 echo "Cleaning up" 170 $LDAPDELETE -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 171 "uid=bill,ou=users,o=unique" > $TESTOUT 2>&1 172 RC=$? 173 if test $RC != 0; then 174 echo "ldapdelete failed ($RC)!" 175 test $KILLSERVERS != no && kill -HUP $KILLPIDS 176 exit $RC 177 fi 178 179 echo Dynamically retrieving initial configuration... 180 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/initial-config.ldif 181 cat <<EOF >$TESTDIR/initial-reference.ldif 182 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 183 objectClass: olcOverlayConfig 184 objectClass: olcUniqueConfig 185 olcOverlay: {0}unique 186 olcUniqueBase: o=unique 187 olcUniqueAttribute: employeeNumber 188 olcUniqueAttribute: displayName 189 190 EOF 191 diff $TESTDIR/initial-config.ldif $TESTDIR/initial-reference.ldif > /dev/null 2>&1 192 RC=$? 193 if test $RC != 0 ; then 194 echo "Initial configuration is not reported correctly." 195 test $KILLSERVERS != no && kill -HUP $KILLPIDS 196 exit -1 197 fi 198 199 echo Dynamically trying to add a URI with legacy attrs present... 200 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 201 > $TESTOUT 2>&1 <<EOF 202 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 203 changetype: modify 204 add: olcUniqueURI 205 olcUniqueURI: ldap:///?employeeNumber,displayName?sub 206 EOF 207 RC=$? 208 if test $RC != 80 ; then 209 echo "legacy and unique_uri allowed together" 210 test $KILLSERVERS != no && kill -HUP $KILLPIDS 211 exit -1 212 fi 213 214 echo Dynamically trying to add legacy ignored attrs with legacy attrs present... 215 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 216 > $TESTOUT 2>&1 <<EOF 217 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 218 changetype: modify 219 add: olcUniqueIgnore 220 olcUniqueIgnore: objectClass 221 EOF 222 RC=$? 223 if test $RC != 80 ; then 224 echo "legacy attrs and legacy ignore attrs allowed together" 225 test $KILLSERVERS != no && kill -HUP $KILLPIDS 226 exit -1 227 fi 228 229 echo Verifying initial configuration intact... 230 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/initial-config-recheck.ldif 231 diff $TESTDIR/initial-config-recheck.ldif $TESTDIR/initial-reference.ldif > /dev/null 2>&1 232 RC=$? 233 if test $RC != 0 ; then 234 echo "Initial configuration damaged by unsuccessful modifies." 235 test $KILLSERVERS != no && kill -HUP $KILLPIDS 236 exit -1 237 fi 238 239 echo Dynamically removing legacy base... 240 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 241 > $TESTOUT 2>&1 <<EOF 242 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 243 changetype: modify 244 delete: olcUniqueBase 245 EOF 246 RC=$? 247 if test $RC != 0 ; then 248 echo "base removal failed" 249 test $KILLSERVERS != no && kill -HUP $KILLPIDS 250 exit -1 251 fi 252 253 echo Verifying base removal... 254 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/baseremoval-config.ldif 255 cat >$TESTDIR/baseremoval-reference.ldif <<EOF 256 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 257 objectClass: olcOverlayConfig 258 objectClass: olcUniqueConfig 259 olcOverlay: {0}unique 260 olcUniqueAttribute: employeeNumber 261 olcUniqueAttribute: displayName 262 263 EOF 264 diff $TESTDIR/baseremoval-config.ldif $TESTDIR/baseremoval-reference.ldif > /dev/null 2>&1 265 RC=$? 266 if test $RC != 0 ; then 267 echo "Configuration damaged by base removal" 268 test $KILLSERVERS != no && kill -HUP $KILLPIDS 269 exit -1 270 fi 271 272 echo "Adding a non-unique record..." 273 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 274 $TESTOUT 2>&1 << EOTUNIQ2 275 dn: uid=bill,ou=users,o=unique 276 objectClass: inetOrgPerson 277 uid: bill 278 sn: johnson 279 cn: bill 280 businessCategory: rtest 281 carLicense: ABC123 282 departmentNumber: 42 283 displayName: Bill 284 employeeNumber: 5150 285 employeeType: contractor 286 givenName: Bill 287 EOTUNIQ2 288 RC=$? 289 if test $RC != $RCODEconstraint ; then 290 echo "unique check failed ($RC)!" 291 test $KILLSERVERS != no && kill -HUP $KILLPIDS 292 exit -1 293 fi 294 295 echo Trying a legacy base outside of the backend... 296 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 297 > $TESTOUT 2>&1 <<EOF 298 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 299 changetype: modify 300 add: olcUniqueBase 301 olcUniqueBase: cn=config 302 EOF 303 RC=$? 304 if test $RC != 80 ; then 305 echo "out of backend scope base allowed" 306 test $KILLSERVERS != no && kill -HUP $KILLPIDS 307 exit -1 308 fi 309 310 echo "Adding and removing attrs..." 311 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 312 > $TESTOUT 2>&1 <<EOF 313 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 314 changetype: modify 315 add: olcUniqueAttribute 316 olcUniqueAttribute: description 317 olcUniqueAttribute: telephoneNumber 318 - 319 delete: olcUniqueAttribute 320 olcUniqueAttribute: displayName 321 EOF 322 RC=$? 323 if test $RC != 0 ; then 324 echo "Unable to remove an attribute" 325 test $KILLSERVERS != no && kill -HUP $KILLPIDS 326 exit -1 327 fi 328 329 echo "Verifying we removed the right attr..." 330 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 331 $TESTOUT 2>&1 << EOTUNIQ2 332 dn: uid=bill,ou=users,o=unique 333 objectClass: inetOrgPerson 334 uid: bill 335 sn: johnson 336 cn: bill 337 businessCategory: rtest 338 carLicense: ABC123 339 departmentNumber: 42 340 displayName: Bill 341 employeeNumber: 5150 342 employeeType: contractor 343 givenName: Bill 344 EOTUNIQ2 345 RC=$? 346 if test $RC != $RCODEconstraint ; then 347 echo "olcUniqueAttribtue single deletion hit the wrong value" 348 test $KILLSERVERS != no && kill -HUP $KILLPIDS 349 exit -1 350 fi 351 352 echo Removing legacy config and adding URIs... 353 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 354 > $TESTOUT 2>&1 <<EOF 355 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 356 changetype: modify 357 delete: olcUniqueAttribute 358 - 359 add: olcUniqueURI 360 olcUniqueURI: ldap:///?employeeNumber,displayName?sub 361 olcUniqueURI: ldap:///?description?one 362 EOF 363 RC=$? 364 if test $RC != 0 ; then 365 echo "Reconfiguration to URIs failed" 366 test $KILLSERVERS != no && kill -HUP $KILLPIDS 367 exit -1 368 fi 369 370 echo Dynamically retrieving second configuration... 371 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/second-config.ldif 372 cat >$TESTDIR/second-reference.ldif <<EOF 373 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 374 objectClass: olcOverlayConfig 375 objectClass: olcUniqueConfig 376 olcOverlay: {0}unique 377 olcUniqueURI: ldap:///?employeeNumber,displayName?sub 378 olcUniqueURI: ldap:///?description?one 379 380 EOF 381 diff $TESTDIR/second-config.ldif $TESTDIR/second-reference.ldif > /dev/null 2>&1 382 RC=$? 383 if test $RC != 0 ; then 384 echo "Second configuration is not reported correctly." 385 test $KILLSERVERS != no && kill -HUP $KILLPIDS 386 exit -1 387 fi 388 389 echo "Adding a non-unique record..." 390 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 391 $TESTOUT 2>&1 << EOTUNIQ2 392 dn: uid=bill,ou=users,o=unique 393 objectClass: inetOrgPerson 394 uid: bill 395 sn: johnson 396 cn: bill 397 businessCategory: rtest 398 carLicense: ABC123 399 departmentNumber: 42 400 displayName: Bill 401 employeeNumber: 5150 402 employeeType: contractor 403 givenName: Bill 404 EOTUNIQ2 405 RC=$? 406 if test $RC != $RCODEconstraint ; then 407 echo "unique check failed ($RC)!" 408 test $KILLSERVERS != no && kill -HUP $KILLPIDS 409 exit -1 410 fi 411 412 echo Dynamically trying to add legacy base 413 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 414 > $TESTOUT 2>&1 <<EOF 415 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 416 changetype: modify 417 add: olcUniqueBase 418 olcUniqueBase: o=unique 419 EOF 420 RC=$? 421 if test $RC != 80 ; then 422 echo "legacy base allowed with URIs" 423 test $KILLSERVERS != no && kill -HUP $KILLPIDS 424 exit -1 425 fi 426 427 echo Dynamically trying to add legacy attrs 428 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 429 > $TESTOUT 2>&1 <<EOF 430 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 431 changetype: modify 432 add: olcUniqueAttribute 433 olcUniqueAttribute: description 434 EOF 435 RC=$? 436 if test $RC != 80 ; then 437 echo "legacy attributes allowed with URIs" 438 test $KILLSERVERS != no && kill -HUP $KILLPIDS 439 exit -1 440 fi 441 442 echo Dynamically trying to add legacy strictness 443 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 444 > $TESTOUT 2>&1 <<EOF 445 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 446 changetype: modify 447 add: olcUniqueStrict 448 olcUniqueStrict: TRUE 449 EOF 450 RC=$? 451 if test $RC != 80 ; then 452 echo "legacy strictness allowed with URIs" 453 test $KILLSERVERS != no && kill -HUP $KILLPIDS 454 exit -1 455 fi 456 457 #echo ---------------------- 458 echo Dynamically trying a bad filter... 459 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 460 > $TESTOUT 2>&1 <<EOF 461 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 462 changetype: modify 463 replace: olcUniqueURI 464 olcUniqueURI: ldap:///?sn?sub?((cn=e*)) 465 EOF 466 RC=$? 467 if test $RC != 80 ; then 468 echo "bad filter allowed" 469 test $KILLSERVERS != no && kill -HUP $KILLPIDS 470 exit -1 471 fi 472 473 echo Verifying second configuration intact... 474 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/second-config-recheck.ldif 475 diff $TESTDIR/second-config-recheck.ldif $TESTDIR/second-reference.ldif > /dev/null 2>&1 476 RC=$? 477 if test $RC != 0 ; then 478 echo "Second configuration damaged by rejected modifies." 479 test $KILLSERVERS != no && kill -HUP $KILLPIDS 480 exit -1 481 fi 482 483 #echo ---------------------- 484 echo Dynamically reconfiguring to use different URIs... 485 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 486 > $TESTOUT 2>&1 <<EOF 487 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 488 changetype: modify 489 add: olcUniqueURI 490 olcUniqueURI: ldap:///?sn?sub?(cn=e*) 491 olcUniqueURI: ldap:///?uid?sub?(cn=edgar) 492 - 493 delete: olcUniqueURI 494 olcUniqueURI: ldap:///?description?one 495 EOF 496 RC=$? 497 if test $RC != 0 ; then 498 echo "unable to reconfigure" 499 test $KILLSERVERS != no && kill -HUP $KILLPIDS 500 exit -1 501 fi 502 503 echo Dynamically retrieving third configuration... 504 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/third-config.ldif 505 cat >$TESTDIR/third-reference.ldif <<EOF 506 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 507 objectClass: olcOverlayConfig 508 objectClass: olcUniqueConfig 509 olcOverlay: {0}unique 510 olcUniqueURI: ldap:///?employeeNumber,displayName?sub 511 olcUniqueURI: ldap:///?sn?sub?(cn=e*) 512 olcUniqueURI: ldap:///?uid?sub?(cn=edgar) 513 514 EOF 515 diff $TESTDIR/third-config.ldif $TESTDIR/third-reference.ldif > /dev/null 2>&1 516 RC=$? 517 if test $RC != 0 ; then 518 echo "Third configuration is not reported correctly." 519 test $KILLSERVERS != no && kill -HUP $KILLPIDS 520 exit -1 521 fi 522 523 echo "Adding a record unique in both domains if filtered..." 524 525 $LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 526 $TESTOUT 2>&1 << EOF 527 dn: uid=edgar,ou=users,o=unique 528 objectClass: inetOrgPerson 529 uid: edgar 530 sn: johnson 531 cn: edgar 532 EOF 533 534 RC=$? 535 if test $RC != 0 ; then 536 echo "unique check failed ($RC)!" 537 test $KILLSERVERS != no && kill -HUP $KILLPIDS 538 exit -1 539 fi 540 541 echo "Adding a record unique in all domains because of filter conditions " 542 $LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 543 $TESTOUT 2>&1 << EOF 544 dn: uid=empty,ou=users,o=unique 545 objectClass: inetOrgPerson 546 uid: edgar 547 cn: empty 548 sn: empty 549 EOF 550 551 RC=$? 552 if test $RC != 0 ; then 553 echo "spurious unique error ($RC)!" 554 test $KILLSERVERS != no && kill -HUP $KILLPIDS 555 exit -1 556 fi 557 558 echo "Making a record non-unique" 559 $LDAPMODIFY -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 560 $TESTOUT 2>&1 << EOF 561 dn: uid=empty,ou=users,o=unique 562 changetype: modify 563 replace: sn 564 sn: johnson 565 EOF 566 567 RC=$? 568 if test $RC != $RCODEconstraint ; then 569 echo "unique check failed ($RC)!" 570 test $KILLSERVERS != no && kill -HUP $KILLPIDS 571 exit -1 572 fi 573 574 # ITS#6641/8057 575 echo "Trying to bypass uniqueness as a normal user..." 576 $LDAPMODIFY -M -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 577 $TESTOUT 2>&1 << EOF 578 dn: uid=empty,ou=users,o=unique 579 changetype: modify 580 replace: sn 581 sn: johnson 582 EOF 583 584 RC=$? 585 if test $RC != $RCODEconstraint ; then 586 echo "unique check failed ($RC)!" 587 test $KILLSERVERS != no && kill -HUP $KILLPIDS 588 exit -1 589 fi 590 591 # ITS#6641/8057 592 echo "Bypassing uniqueness as an admin user..." 593 $LDAPMODIFY -M -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 594 $TESTOUT 2>&1 << EOF 595 dn: uid=empty,ou=users,o=unique 596 changetype: modify 597 replace: sn 598 sn: johnson 599 EOF 600 601 RC=$? 602 if test $RC != 0 ; then 603 echo "spurious unique error ($RC)!" 604 test $KILLSERVERS != no && kill -HUP $KILLPIDS 605 exit $RC 606 fi 607 608 echo "Cleaning up" 609 $LDAPMODIFY -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 610 $TESTOUT 2>&1 << EOF 611 dn: uid=empty,ou=users,o=unique 612 changetype: modify 613 replace: sn 614 sn: empty 615 EOF 616 617 RC=$? 618 if test $RC != 0; then 619 echo "ldapmodify failed ($RC)!" 620 test $KILLSERVERS != no && kill -HUP $KILLPIDS 621 exit $RC 622 fi 623 624 echo "Adding another unique record..." 625 $LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 626 $TESTOUT 2>&1 << EOF 627 dn: uid=not edgar,uid=edgar,ou=users,o=unique 628 objectClass: inetOrgPerson 629 uid: not edgar 630 sn: Alan 631 cn: not edgar 632 EOF 633 634 RC=$? 635 if test $RC != 0 ; then 636 echo "unique check failed ($RC)!" 637 test $KILLSERVERS != no && kill -HUP $KILLPIDS 638 exit -1 639 fi 640 641 echo "Making the record non-unique with modrdn..." 642 $LDAPMODRDN -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 643 "uid=not edgar,uid=edgar,ou=users,o=unique" "uid=edgar" > $TESTOUT 2>&1 644 645 RC=$? 646 if test $RC != $RCODEconstraint ; then 647 echo "unique check failed ($RC)!" 648 test $KILLSERVERS != no && kill -HUP $KILLPIDS 649 exit -1 650 fi 651 652 # ITS#6641/8057 653 echo "Trying to bypass uniqueness as a normal user..." 654 $LDAPMODRDN -M -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 655 "uid=not edgar,uid=edgar,ou=users,o=unique" "uid=edgar" > $TESTOUT 2>&1 656 657 RC=$? 658 if test $RC != $RCODEconstraint ; then 659 echo "unique check failed ($RC)!" 660 test $KILLSERVERS != no && kill -HUP $KILLPIDS 661 exit -1 662 fi 663 664 # ITS#6641/8057 665 echo "Bypassing uniqueness as an admin user..." 666 $LDAPMODRDN -M -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 667 "uid=not edgar,uid=edgar,ou=users,o=unique" "uid=edgar" > $TESTOUT 2>&1 668 669 RC=$? 670 if test $RC != 0 ; then 671 echo "spurious unique error ($RC)!" 672 test $KILLSERVERS != no && kill -HUP $KILLPIDS 673 exit $RC 674 fi 675 676 echo "Cleaning up" 677 $LDAPDELETE -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 678 "uid=edgar,uid=edgar,ou=users,o=unique" > $TESTOUT 2>&1 679 RC=$? 680 if test $RC != 0; then 681 echo "ldapdelete failed ($RC)!" 682 test $KILLSERVERS != no && kill -HUP $KILLPIDS 683 exit $RC 684 fi 685 686 echo "Adding a record unique in one domain, non-unique in the filtered domain..." 687 688 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 689 $TESTOUT 2>&1 << EOF 690 dn: uid=elvis,ou=users,o=unique 691 objectClass: inetOrgPerson 692 uid: elvis 693 sn: johnson 694 cn: elvis 695 EOF 696 697 RC=$? 698 if test $RC != $RCODEconstraint ; then 699 echo "unique check failed ($RC)!" 700 test $KILLSERVERS != no && kill -HUP $KILLPIDS 701 exit -1 702 fi 703 704 #echo ---------------------- 705 echo Dynamically reconfiguring to use attribute-ignore URIs... 706 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 707 > $TESTOUT 2>&1 <<EOF 708 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 709 changetype: modify 710 replace: olcUniqueURI 711 olcUniqueURI: ignore ldap:///?objectClass,uid,cn,sn?sub 712 EOF 713 RC=$? 714 if test $RC != 0 ; then 715 echo "unable to reconfigure" 716 test $KILLSERVERS != no && kill -HUP $KILLPIDS 717 exit -1 718 fi 719 720 echo Dynamically retrieving fourth configuration... 721 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/fourth-config.ldif 722 cat >$TESTDIR/fourth-reference.ldif <<EOF 723 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 724 objectClass: olcOverlayConfig 725 objectClass: olcUniqueConfig 726 olcOverlay: {0}unique 727 olcUniqueURI: ignore ldap:///?objectClass,uid,cn,sn?sub 728 729 EOF 730 diff $TESTDIR/fourth-config.ldif $TESTDIR/fourth-reference.ldif > /dev/null 2>&1 731 RC=$? 732 if test $RC != 0 ; then 733 echo "Fourth configuration is not reported correctly." 734 test $KILLSERVERS != no && kill -HUP $KILLPIDS 735 exit -1 736 fi 737 738 echo "Adding a record unique in the ignore-domain..." 739 740 $LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 741 $TESTOUT 2>&1 << EOF 742 dn: uid=elvis,ou=users,o=unique 743 objectClass: inetOrgPerson 744 uid: elvis 745 sn: johnson 746 cn: elvis 747 description: left the building 748 EOF 749 750 RC=$? 751 if test $RC != 0 ; then 752 echo "unique check failed ($RC)!" 753 test $KILLSERVERS != no && kill -HUP $KILLPIDS 754 exit -1 755 fi 756 757 echo "Adding a record non-unique in the ignore-domain..." 758 759 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 760 $TESTOUT 2>&1 << EOF 761 dn: uid=harry,ou=users,o=unique 762 objectClass: inetOrgPerson 763 uid: harry 764 sn: johnson 765 cn: harry 766 description: left the building 767 EOF 768 769 RC=$? 770 if test $RC != $RCODEconstraint ; then 771 echo "unique check failed ($RC)!" 772 test $KILLSERVERS != no && kill -HUP $KILLPIDS 773 exit -1 774 fi 775 776 test $KILLSERVERS != no && kill -HUP $KILLPIDS 777 778 echo ">>>>> Test succeeded" 779 780 test $KILLSERVERS != no && wait 781 782 exit 0 783
Indexes created Tue May 05 00:25:04 UTC 2026