test024-unique revision 1.1.1.6.4.1
1 #! /bin/sh 2 # $OpenLDAP$ 3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 ## 5 ## Copyright 2004-2019 The OpenLDAP Foundation. 6 ## All rights reserved. 7 ## 8 ## Redistribution and use in source and binary forms, with or without 9 ## modification, are permitted only as authorized by the OpenLDAP 10 ## Public License. 11 ## 12 ## A copy of this license is available in the file LICENSE in the 13 ## top-level directory of the distribution or, alternatively, at 14 ## <http://www.OpenLDAP.org/license.html>. 15 16 echo "running defines.sh" 17 . $SRCDIR/scripts/defines.sh 18 19 if test $UNIQUE = uniqueno; then 20 echo "Attribute Uniqueness overlay not available, test skipped" 21 exit 0 22 fi 23 24 RCODEconstraint=19 25 test $BACKEND = null && RCODEconstraint=0 26 27 mkdir -p $TESTDIR $DBDIR1 28 29 $SLAPPASSWD -g -n >$CONFIGPWF 30 echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf 31 32 echo "Running slapadd to build slapd database..." 33 . $CONFFILTER $BACKEND $MONITORDB < $UNIQUECONF > $CONF1 34 $SLAPADD -f $CONF1 -l $LDIFUNIQUE 35 RC=$? 36 if test $RC != 0 ; then 37 echo "slapadd failed ($RC)!" 38 exit $RC 39 fi 40 41 echo "Starting slapd on TCP/IP port $PORT1..." 42 mkdir $TESTDIR/confdir 43 $SLAPD -f $CONF1 -F $TESTDIR/confdir -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 & 44 PID=$! 45 if test $WAIT != 0 ; then 46 echo PID $PID 47 read foo 48 fi 49 KILLPIDS="$PID" 50 51 sleep 1 52 53 echo "Testing slapd attribute uniqueness operations..." 54 for i in 0 1 2 3 4 5; do 55 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \ 56 'objectclass=*' > /dev/null 2>&1 57 RC=$? 58 if test $RC = 0 ; then 59 break 60 fi 61 echo "Waiting 5 seconds for slapd to start..." 62 sleep 5 63 done 64 65 if test $RC != 0 ; then 66 echo "ldapsearch failed ($RC)!" 67 test $KILLSERVERS != no && kill -HUP $KILLPIDS 68 exit $RC 69 fi 70 71 echo "Adding a unique record..." 72 $LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 73 > /dev/null << EOTUNIQ1 74 dn: uid=dave,ou=users,o=unique 75 objectClass: inetOrgPerson 76 objectClass: simpleSecurityObject 77 uid: dave 78 sn: nothere 79 cn: dave 80 businessCategory: otest 81 carLicense: TEST 82 departmentNumber: 42 83 # NOTE: use special chars in attr value to be used 84 # in internal searches ITS#4212 85 displayName: Dave (ITS#4212) 86 employeeNumber: 69 87 employeeType: contractor 88 givenName: Dave 89 userpassword: $PASSWD 90 EOTUNIQ1 91 RC=$? 92 if test $RC != 0 ; then 93 echo "ldapadd failed ($RC)!" 94 test $KILLSERVERS != no && kill -HUP $KILLPIDS 95 exit $RC 96 fi 97 98 echo "Adding a non-unique record..." 99 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 100 $TESTOUT 2>&1 << EOTUNIQ2 101 dn: uid=bill,ou=users,o=unique 102 objectClass: inetOrgPerson 103 uid: bill 104 sn: johnson 105 cn: bill 106 businessCategory: rtest 107 carLicense: ABC123 108 departmentNumber: 42 109 displayName: Bill 110 employeeNumber: 5150 111 employeeType: contractor 112 givenName: Bill 113 EOTUNIQ2 114 RC=$? 115 if test $RC != $RCODEconstraint ; then 116 echo "unique check failed ($RC)!" 117 test $KILLSERVERS != no && kill -HUP $KILLPIDS 118 exit -1 119 fi 120 121 # ITS#6641/8057 122 echo "Trying to bypass uniqueness as a normal user..." 123 $LDAPADD -M -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 124 $TESTOUT 2>&1 << EOTUNIQ2 125 dn: uid=bill,ou=users,o=unique 126 objectClass: inetOrgPerson 127 uid: bill 128 sn: johnson 129 cn: bill 130 businessCategory: rtest 131 carLicense: ABC123 132 departmentNumber: 42 133 displayName: Bill 134 employeeNumber: 5150 135 employeeType: contractor 136 givenName: Bill 137 EOTUNIQ2 138 RC=$? 139 if test $RC != $RCODEconstraint ; then 140 echo "unique check failed ($RC)!" 141 test $KILLSERVERS != no && kill -HUP $KILLPIDS 142 exit -1 143 fi 144 145 # ITS#6641/8057 146 echo "Bypassing uniqueness as an admin user..." 147 $LDAPADD -M -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 148 $TESTOUT 2>&1 << EOTUNIQ2 149 dn: uid=bill,ou=users,o=unique 150 objectClass: inetOrgPerson 151 uid: bill 152 sn: johnson 153 cn: bill 154 businessCategory: rtest 155 carLicense: ABC123 156 departmentNumber: 42 157 displayName: Bill 158 employeeNumber: 5150 159 employeeType: contractor 160 givenName: Bill 161 EOTUNIQ2 162 RC=$? 163 if test $RC != 0 ; then 164 echo "spurious unique error ($RC)!" 165 test $KILLSERVERS != no && kill -HUP $KILLPIDS 166 exit $RC 167 fi 168 169 echo "Cleaning up" 170 $LDAPDELETE -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 171 "uid=bill,ou=users,o=unique" > $TESTOUT 2>&1 172 RC=$? 173 if test $RC != 0; then 174 echo "ldapdelete failed ($RC)!" 175 test $KILLSERVERS != no && kill -HUP $KILLPIDS 176 exit $RC 177 fi 178 179 echo Dynamically retrieving initial configuration... 180 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/initial-config.ldif 181 cat <<EOF >$TESTDIR/initial-reference.ldif 182 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 183 objectClass: olcOverlayConfig 184 objectClass: olcUniqueConfig 185 olcOverlay: {0}unique 186 olcUniqueBase: o=unique 187 olcUniqueAttribute: employeeNumber 188 olcUniqueAttribute: displayName 189 190 EOF 191 diff $TESTDIR/initial-config.ldif $TESTDIR/initial-reference.ldif > /dev/null 2>&1 192 RC=$? 193 if test $RC != 0 ; then 194 echo "Initial configuration is not reported correctly." 195 test $KILLSERVERS != no && kill -HUP $KILLPIDS 196 exit -1 197 fi 198 199 echo Dynamically trying to add a URI with legacy attrs present... 200 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 201 > $TESTOUT 2>&1 <<EOF 202 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 203 changetype: modify 204 add: olcUniqueURI 205 olcUniqueURI: ldap:///?employeeNumber,displayName?sub 206 EOF 207 RC=$? 208 if test $RC != 80 ; then 209 echo "legacy and unique_uri allowed together" 210 test $KILLSERVERS != no && kill -HUP $KILLPIDS 211 exit -1 212 fi 213 214 echo Dynamically trying to add legacy ignored attrs with legacy attrs present... 215 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 216 > $TESTOUT 2>&1 <<EOF 217 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 218 changetype: modify 219 add: olcUniqueIgnore 220 olcUniqueIgnore: objectClass 221 EOF 222 RC=$? 223 if test $RC != 80 ; then 224 echo "legacy attrs and legacy ignore attrs allowed together" 225 test $KILLSERVERS != no && kill -HUP $KILLPIDS 226 exit -1 227 fi 228 229 echo Verifying initial configuration intact... 230 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/initial-config-recheck.ldif 231 diff $TESTDIR/initial-config-recheck.ldif $TESTDIR/initial-reference.ldif > /dev/null 2>&1 232 RC=$? 233 if test $RC != 0 ; then 234 echo "Initial configuration damaged by unsuccessful modifies." 235 test $KILLSERVERS != no && kill -HUP $KILLPIDS 236 exit -1 237 fi 238 239 echo Dynamically removing legacy base... 240 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 241 > $TESTOUT 2>&1 <<EOF 242 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 243 changetype: modify 244 delete: olcUniqueBase 245 EOF 246 RC=$? 247 if test $RC != 0 ; then 248 echo "base removal failed" 249 test $KILLSERVERS != no && kill -HUP $KILLPIDS 250 exit -1 251 fi 252 253 echo Verifying base removal... 254 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/baseremoval-config.ldif 255 cat >$TESTDIR/baseremoval-reference.ldif <<EOF 256 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 257 objectClass: olcOverlayConfig 258 objectClass: olcUniqueConfig 259 olcOverlay: {0}unique 260 olcUniqueAttribute: employeeNumber 261 olcUniqueAttribute: displayName 262 263 EOF 264 diff $TESTDIR/baseremoval-config.ldif $TESTDIR/baseremoval-reference.ldif > /dev/null 2>&1 265 RC=$? 266 if test $RC != 0 ; then 267 echo "Configuration damaged by base removal" 268 test $KILLSERVERS != no && kill -HUP $KILLPIDS 269 exit -1 270 fi 271 272 echo "Adding a non-unique record..." 273 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 274 $TESTOUT 2>&1 << EOTUNIQ2 275 dn: uid=bill,ou=users,o=unique 276 objectClass: inetOrgPerson 277 uid: bill 278 sn: johnson 279 cn: bill 280 businessCategory: rtest 281 carLicense: ABC123 282 departmentNumber: 42 283 displayName: Bill 284 employeeNumber: 5150 285 employeeType: contractor 286 givenName: Bill 287 EOTUNIQ2 288 RC=$? 289 if test $RC != $RCODEconstraint ; then 290 echo "unique check failed ($RC)!" 291 test $KILLSERVERS != no && kill -HUP $KILLPIDS 292 exit -1 293 fi 294 295 echo Trying a legacy base outside of the backend... 296 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 297 > $TESTOUT 2>&1 <<EOF 298 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 299 changetype: modify 300 add: olcUniqueBase 301 olcUniqueBase: cn=config 302 EOF 303 RC=$? 304 if test $RC != 80 ; then 305 echo "out of backend scope base allowed" 306 test $KILLSERVERS != no && kill -HUP $KILLPIDS 307 exit -1 308 fi 309 310 echo "Adding and removing attrs..." 311 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 312 > $TESTOUT 2>&1 <<EOF 313 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 314 changetype: modify 315 add: olcUniqueAttribute 316 olcUniqueAttribute: description 317 olcUniqueAttribute: telephoneNumber 318 - 319 delete: olcUniqueAttribute 320 olcUniqueAttribute: displayName 321 EOF 322 RC=$? 323 if test $RC != 0 ; then 324 echo "Unable to remove an attribute" 325 test $KILLSERVERS != no && kill -HUP $KILLPIDS 326 exit -1 327 fi 328 329 echo "Verifying we removed the right attr..." 330 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 331 $TESTOUT 2>&1 << EOTUNIQ2 332 dn: uid=bill,ou=users,o=unique 333 objectClass: inetOrgPerson 334 uid: bill 335 sn: johnson 336 cn: bill 337 businessCategory: rtest 338 carLicense: ABC123 339 departmentNumber: 42 340 displayName: Bill 341 employeeNumber: 5150 342 employeeType: contractor 343 givenName: Bill 344 EOTUNIQ2 345 RC=$? 346 if test $RC != $RCODEconstraint ; then 347 echo "olcUniqueAttribtue single deletion hit the wrong value" 348 test $KILLSERVERS != no && kill -HUP $KILLPIDS 349 exit -1 350 fi 351 352 echo Removing legacy config and adding URIs... 353 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 354 > $TESTOUT 2>&1 <<EOF 355 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 356 changetype: modify 357 delete: olcUniqueAttribute 358 - 359 add: olcUniqueURI 360 olcUniqueURI: ldap:///?employeeNumber,displayName?sub 361 olcUniqueURI: ldap:///?description?one 362 EOF 363 RC=$? 364 if test $RC != 0 ; then 365 echo "Reconfiguration to URIs failed" 366 test $KILLSERVERS != no && kill -HUP $KILLPIDS 367 exit -1 368 fi 369 370 echo Dynamically retrieving second configuration... 371 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/second-config.ldif 372 cat >$TESTDIR/second-reference.ldif <<EOF 373 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 374 objectClass: olcOverlayConfig 375 objectClass: olcUniqueConfig 376 olcOverlay: {0}unique 377 olcUniqueURI: ldap:///?employeeNumber,displayName?sub 378 olcUniqueURI: ldap:///?description?one 379 380 EOF 381 diff $TESTDIR/second-config.ldif $TESTDIR/second-reference.ldif > /dev/null 2>&1 382 RC=$? 383 if test $RC != 0 ; then 384 echo "Second configuration is not reported correctly." 385 test $KILLSERVERS != no && kill -HUP $KILLPIDS 386 exit -1 387 fi 388 389 echo "Adding a non-unique record..." 390 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 391 $TESTOUT 2>&1 << EOTUNIQ2 392 dn: uid=bill,ou=users,o=unique 393 objectClass: inetOrgPerson 394 uid: bill 395 sn: johnson 396 cn: bill 397 businessCategory: rtest 398 carLicense: ABC123 399 departmentNumber: 42 400 displayName: Bill 401 employeeNumber: 5150 402 employeeType: contractor 403 givenName: Bill 404 EOTUNIQ2 405 RC=$? 406 if test $RC != $RCODEconstraint ; then 407 echo "unique check failed ($RC)!" 408 test $KILLSERVERS != no && kill -HUP $KILLPIDS 409 exit -1 410 fi 411 412 echo Dynamically trying to add legacy base 413 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 414 > $TESTOUT 2>&1 <<EOF 415 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 416 changetype: modify 417 add: olcUniqueBase 418 olcUniqueBase: o=unique 419 EOF 420 RC=$? 421 if test $RC != 80 ; then 422 echo "legacy base allowed with URIs" 423 test $KILLSERVERS != no && kill -HUP $KILLPIDS 424 exit -1 425 fi 426 427 echo Dynamically trying to add legacy attrs 428 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 429 > $TESTOUT 2>&1 <<EOF 430 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 431 changetype: modify 432 add: olcUniqueAttribute 433 olcUniqueAttribute: description 434 EOF 435 RC=$? 436 if test $RC != 80 ; then 437 echo "legacy attributes allowed with URIs" 438 test $KILLSERVERS != no && kill -HUP $KILLPIDS 439 exit -1 440 fi 441 442 echo Dynamically trying to add legacy strictness 443 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 444 > $TESTOUT 2>&1 <<EOF 445 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 446 changetype: modify 447 add: olcUniqueStrict 448 olcUniqueStrict: TRUE 449 EOF 450 RC=$? 451 if test $RC != 80 ; then 452 echo "legacy strictness allowed with URIs" 453 test $KILLSERVERS != no && kill -HUP $KILLPIDS 454 exit -1 455 fi 456 457 #echo ---------------------- 458 echo Dynamically trying a bad filter... 459 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 460 > $TESTOUT 2>&1 <<EOF 461 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 462 changetype: modify 463 replace: olcUniqueURI 464 olcUniqueURI: ldap:///?sn?sub?((cn=e*)) 465 EOF 466 RC=$? 467 if test $RC != 80 ; then 468 echo "bad filter allowed" 469 test $KILLSERVERS != no && kill -HUP $KILLPIDS 470 exit -1 471 fi 472 473 echo Verifying second configuration intact... 474 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/second-config-recheck.ldif 475 diff $TESTDIR/second-config-recheck.ldif $TESTDIR/second-reference.ldif > /dev/null 2>&1 476 RC=$? 477 if test $RC != 0 ; then 478 echo "Second configuration damaged by rejected modifies." 479 test $KILLSERVERS != no && kill -HUP $KILLPIDS 480 exit -1 481 fi 482 483 #echo ---------------------- 484 echo Dynamically reconfiguring to use different URIs... 485 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 486 > $TESTOUT 2>&1 <<EOF 487 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 488 changetype: modify 489 add: olcUniqueURI 490 olcUniqueURI: ldap:///?sn?sub?(cn=e*) 491 olcUniqueURI: ldap:///?uid?sub?(cn=edgar) 492 - 493 delete: olcUniqueURI 494 olcUniqueURI: ldap:///?description?one 495 EOF 496 RC=$? 497 if test $RC != 0 ; then 498 echo "unable to reconfigure" 499 test $KILLSERVERS != no && kill -HUP $KILLPIDS 500 exit -1 501 fi 502 503 echo Dynamically retrieving third configuration... 504 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/third-config.ldif 505 cat >$TESTDIR/third-reference.ldif <<EOF 506 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 507 objectClass: olcOverlayConfig 508 objectClass: olcUniqueConfig 509 olcOverlay: {0}unique 510 olcUniqueURI: ldap:///?employeeNumber,displayName?sub 511 olcUniqueURI: ldap:///?sn?sub?(cn=e*) 512 olcUniqueURI: ldap:///?uid?sub?(cn=edgar) 513 514 EOF 515 diff $TESTDIR/third-config.ldif $TESTDIR/third-reference.ldif > /dev/null 2>&1 516 RC=$? 517 if test $RC != 0 ; then 518 echo "Third configuration is not reported correctly." 519 test $KILLSERVERS != no && kill -HUP $KILLPIDS 520 exit -1 521 fi 522 523 echo "Adding a record unique in both domains if filtered..." 524 525 $LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 526 $TESTOUT 2>&1 << EOF 527 dn: uid=edgar,ou=users,o=unique 528 objectClass: inetOrgPerson 529 uid: edgar 530 sn: johnson 531 cn: edgar 532 EOF 533 534 RC=$? 535 if test $RC != 0 ; then 536 echo "unique check failed ($RC)!" 537 test $KILLSERVERS != no && kill -HUP $KILLPIDS 538 exit -1 539 fi 540 541 echo "Adding a record unique in all domains because of filter conditions " 542 $LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 543 $TESTOUT 2>&1 << EOF 544 dn: uid=empty,ou=users,o=unique 545 objectClass: inetOrgPerson 546 uid: edgar 547 cn: empty 548 sn: empty 549 EOF 550 551 RC=$? 552 if test $RC != 0 ; then 553 echo "spurious unique error ($RC)!" 554 test $KILLSERVERS != no && kill -HUP $KILLPIDS 555 exit -1 556 fi 557 558 echo "Sending an empty modification" 559 560 $LDAPMODIFY -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 561 $TESTOUT 2>&1 << EOF 562 dn: uid=empty,ou=users,o=unique 563 changetype: modify 564 EOF 565 566 RC=$? 567 if test $RC != 0 ; then 568 echo "spurious unique error ($RC)!" 569 test $KILLSERVERS != no && kill -HUP $KILLPIDS 570 exit -1 571 fi 572 573 echo "Making a record non-unique" 574 $LDAPMODIFY -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 575 $TESTOUT 2>&1 << EOF 576 dn: uid=empty,ou=users,o=unique 577 changetype: modify 578 replace: sn 579 sn: johnson 580 EOF 581 582 RC=$? 583 if test $RC != $RCODEconstraint ; then 584 echo "unique check failed ($RC)!" 585 test $KILLSERVERS != no && kill -HUP $KILLPIDS 586 exit -1 587 fi 588 589 # ITS#6641/8057 590 echo "Trying to bypass uniqueness as a normal user..." 591 $LDAPMODIFY -M -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 592 $TESTOUT 2>&1 << EOF 593 dn: uid=empty,ou=users,o=unique 594 changetype: modify 595 replace: sn 596 sn: johnson 597 EOF 598 599 RC=$? 600 if test $RC != $RCODEconstraint ; then 601 echo "unique check failed ($RC)!" 602 test $KILLSERVERS != no && kill -HUP $KILLPIDS 603 exit -1 604 fi 605 606 # ITS#6641/8057 607 echo "Bypassing uniqueness as an admin user..." 608 $LDAPMODIFY -M -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 609 $TESTOUT 2>&1 << EOF 610 dn: uid=empty,ou=users,o=unique 611 changetype: modify 612 replace: sn 613 sn: johnson 614 EOF 615 616 RC=$? 617 if test $RC != 0 ; then 618 echo "spurious unique error ($RC)!" 619 test $KILLSERVERS != no && kill -HUP $KILLPIDS 620 exit $RC 621 fi 622 623 echo "Cleaning up" 624 $LDAPMODIFY -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 625 $TESTOUT 2>&1 << EOF 626 dn: uid=empty,ou=users,o=unique 627 changetype: modify 628 replace: sn 629 sn: empty 630 EOF 631 632 RC=$? 633 if test $RC != 0; then 634 echo "ldapmodify failed ($RC)!" 635 test $KILLSERVERS != no && kill -HUP $KILLPIDS 636 exit $RC 637 fi 638 639 echo "Adding another unique record..." 640 $LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 641 $TESTOUT 2>&1 << EOF 642 dn: uid=not edgar,uid=edgar,ou=users,o=unique 643 objectClass: inetOrgPerson 644 uid: not edgar 645 sn: Alan 646 cn: not edgar 647 EOF 648 649 RC=$? 650 if test $RC != 0 ; then 651 echo "unique check failed ($RC)!" 652 test $KILLSERVERS != no && kill -HUP $KILLPIDS 653 exit -1 654 fi 655 656 echo "Making the record non-unique with modrdn..." 657 $LDAPMODRDN -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 658 "uid=not edgar,uid=edgar,ou=users,o=unique" "uid=edgar" > $TESTOUT 2>&1 659 660 RC=$? 661 if test $RC != $RCODEconstraint ; then 662 echo "unique check failed ($RC)!" 663 test $KILLSERVERS != no && kill -HUP $KILLPIDS 664 exit -1 665 fi 666 667 # ITS#6641/8057 668 echo "Trying to bypass uniqueness as a normal user..." 669 $LDAPMODRDN -M -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 670 "uid=not edgar,uid=edgar,ou=users,o=unique" "uid=edgar" > $TESTOUT 2>&1 671 672 RC=$? 673 if test $RC != $RCODEconstraint ; then 674 echo "unique check failed ($RC)!" 675 test $KILLSERVERS != no && kill -HUP $KILLPIDS 676 exit -1 677 fi 678 679 # ITS#6641/8057 680 echo "Bypassing uniqueness as an admin user..." 681 $LDAPMODRDN -M -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 682 "uid=not edgar,uid=edgar,ou=users,o=unique" "uid=edgar" > $TESTOUT 2>&1 683 684 RC=$? 685 if test $RC != 0 ; then 686 echo "spurious unique error ($RC)!" 687 test $KILLSERVERS != no && kill -HUP $KILLPIDS 688 exit $RC 689 fi 690 691 echo "Cleaning up" 692 $LDAPDELETE -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 693 "uid=edgar,uid=edgar,ou=users,o=unique" > $TESTOUT 2>&1 694 RC=$? 695 if test $RC != 0; then 696 echo "ldapdelete failed ($RC)!" 697 test $KILLSERVERS != no && kill -HUP $KILLPIDS 698 exit $RC 699 fi 700 701 echo "Adding a record unique in one domain, non-unique in the filtered domain..." 702 703 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 704 $TESTOUT 2>&1 << EOF 705 dn: uid=elvis,ou=users,o=unique 706 objectClass: inetOrgPerson 707 uid: elvis 708 sn: johnson 709 cn: elvis 710 EOF 711 712 RC=$? 713 if test $RC != $RCODEconstraint ; then 714 echo "unique check failed ($RC)!" 715 test $KILLSERVERS != no && kill -HUP $KILLPIDS 716 exit -1 717 fi 718 719 #echo ---------------------- 720 echo Dynamically reconfiguring to use attribute-ignore URIs... 721 $LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF \ 722 > $TESTOUT 2>&1 <<EOF 723 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 724 changetype: modify 725 replace: olcUniqueURI 726 olcUniqueURI: ignore ldap:///?objectClass,uid,cn,sn?sub 727 EOF 728 RC=$? 729 if test $RC != 0 ; then 730 echo "unable to reconfigure" 731 test $KILLSERVERS != no && kill -HUP $KILLPIDS 732 exit -1 733 fi 734 735 echo Dynamically retrieving fourth configuration... 736 $LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -h $LOCALHOST -p $PORT1 -LLL | tr -d \\r >$TESTDIR/fourth-config.ldif 737 cat >$TESTDIR/fourth-reference.ldif <<EOF 738 dn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 739 objectClass: olcOverlayConfig 740 objectClass: olcUniqueConfig 741 olcOverlay: {0}unique 742 olcUniqueURI: ignore ldap:///?objectClass,uid,cn,sn?sub 743 744 EOF 745 diff $TESTDIR/fourth-config.ldif $TESTDIR/fourth-reference.ldif > /dev/null 2>&1 746 RC=$? 747 if test $RC != 0 ; then 748 echo "Fourth configuration is not reported correctly." 749 test $KILLSERVERS != no && kill -HUP $KILLPIDS 750 exit -1 751 fi 752 753 echo "Adding a record unique in the ignore-domain..." 754 755 $LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 756 $TESTOUT 2>&1 << EOF 757 dn: uid=elvis,ou=users,o=unique 758 objectClass: inetOrgPerson 759 uid: elvis 760 sn: johnson 761 cn: elvis 762 description: left the building 763 EOF 764 765 RC=$? 766 if test $RC != 0 ; then 767 echo "unique check failed ($RC)!" 768 test $KILLSERVERS != no && kill -HUP $KILLPIDS 769 exit -1 770 fi 771 772 echo "Adding a record non-unique in the ignore-domain..." 773 774 $LDAPADD -D "uid=dave,ou=users,o=unique" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ 775 $TESTOUT 2>&1 << EOF 776 dn: uid=harry,ou=users,o=unique 777 objectClass: inetOrgPerson 778 uid: harry 779 sn: johnson 780 cn: harry 781 description: left the building 782 EOF 783 784 RC=$? 785 if test $RC != $RCODEconstraint ; then 786 echo "unique check failed ($RC)!" 787 test $KILLSERVERS != no && kill -HUP $KILLPIDS 788 exit -1 789 fi 790 791 test $KILLSERVERS != no && kill -HUP $KILLPIDS 792 793 echo ">>>>> Test succeeded" 794 795 test $KILLSERVERS != no && wait 796 797 exit 0 798
Indexes created Tue May 05 00:25:04 UTC 2026