1 1.1 lukem #! /bin/sh 2 1.1.1.4 tron # $OpenLDAP$ 3 1.1 lukem ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 1.1 lukem ## 5 1.1.1.10 christos ## Copyright 2004-2024 The OpenLDAP Foundation. 6 1.1 lukem ## All rights reserved. 7 1.1 lukem ## 8 1.1 lukem ## Redistribution and use in source and binary forms, with or without 9 1.1 lukem ## modification, are permitted only as authorized by the OpenLDAP 10 1.1 lukem ## Public License. 11 1.1 lukem ## 12 1.1 lukem ## A copy of this license is available in the file LICENSE in the 13 1.1 lukem ## top-level directory of the distribution or, alternatively, at 14 1.1 lukem ## <http://www.OpenLDAP.org/license.html>. 15 1.1 lukem 16 1.1 lukem echo "running defines.sh" 17 1.1 lukem . $SRCDIR/scripts/defines.sh 18 1.1 lukem 19 1.1 lukem PERSONAL="(objectClass=inetOrgPerson)" 20 1.1 lukem NOWHERE="/dev/null" 21 1.1 lukem FAILURE="additional info:" 22 1.1 lukem 23 1.1 lukem if test $TRANSLUCENT = translucentno ; then 24 1.1 lukem echo "Translucent Proxy overlay not available, test skipped" 25 1.1 lukem exit 0 26 1.1 lukem fi 27 1.1 lukem 28 1.1 lukem if test $AC_ldap = ldapno ; then 29 1.1 lukem echo "Translucent Proxy overlay requires back-ldap backend, test skipped" 30 1.1 lukem exit 0 31 1.1 lukem fi 32 1.1 lukem 33 1.1 lukem # configure backside 34 1.1 lukem mkdir -p $TESTDIR $DBDIR1 35 1.1 lukem 36 1.1 lukem $SLAPPASSWD -g -n >$CONFIGPWF 37 1.1 lukem echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf 38 1.1 lukem 39 1.1.1.9 christos DBIX=2 40 1.1 lukem 41 1.1.1.9 christos . $CONFFILTER $BACKEND < $TRANSLUCENTREMOTECONF > $CONF1 42 1.1 lukem echo "Running slapadd to build remote slapd database..." 43 1.1 lukem $SLAPADD -f $CONF1 -l $LDIFTRANSLUCENTCONFIG 44 1.1 lukem RC=$? 45 1.1 lukem if test $RC != 0 ; then 46 1.1 lukem echo "slapadd failed ($RC)!" 47 1.1 lukem exit $RC 48 1.1 lukem fi 49 1.1 lukem 50 1.1 lukem echo "Starting remote slapd on TCP/IP port $PORT1..." 51 1.1.1.9 christos $SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & 52 1.1 lukem PID=$! 53 1.1 lukem if test $WAIT != 0 ; then 54 1.1 lukem echo PID $PID 55 1.1 lukem read foo 56 1.1 lukem fi 57 1.1 lukem REMOTEPID="$PID" 58 1.1 lukem KILLPIDS="$PID" 59 1.1 lukem 60 1.1 lukem sleep 1 61 1.1 lukem 62 1.1 lukem for i in 0 1 2 3 4 5; do 63 1.1 lukem $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 64 1.1 lukem 'objectclass=*' > /dev/null 2>&1 65 1.1 lukem RC=$? 66 1.1 lukem if test $RC = 0 ; then 67 1.1 lukem break 68 1.1 lukem fi 69 1.1 lukem echo "Waiting 5 seconds for remote slapd to start..." 70 1.1 lukem sleep 5 71 1.1 lukem done 72 1.1 lukem 73 1.1 lukem if test $RC != 0 ; then 74 1.1 lukem echo "ldapsearch failed ($RC)!" 75 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 76 1.1 lukem exit $RC 77 1.1 lukem fi 78 1.1 lukem 79 1.1 lukem # configure frontside 80 1.1 lukem mkdir -p $DBDIR2 81 1.1 lukem 82 1.1.1.9 christos . $CONFFILTER $BACKEND < $TRANSLUCENTLOCALCONF > $CONF2 83 1.1 lukem 84 1.1 lukem echo "Starting local slapd on TCP/IP port $PORT2..." 85 1.1.1.9 christos $SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & 86 1.1 lukem PID=$! 87 1.1 lukem if test $WAIT != 0 ; then 88 1.1 lukem echo PID $PID 89 1.1 lukem read foo 90 1.1 lukem fi 91 1.1 lukem LOCALPID="$PID" 92 1.1 lukem KILLPIDS="$LOCALPID $REMOTEPID" 93 1.1 lukem 94 1.1 lukem sleep 1 95 1.1 lukem 96 1.1 lukem for i in 0 1 2 3 4 5; do 97 1.1 lukem $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ 98 1.1 lukem 'objectclass=*' > /dev/null 2>&1 99 1.1 lukem RC=$? 100 1.1 lukem if test $RC = 0 ; then 101 1.1 lukem break 102 1.1 lukem fi 103 1.1 lukem echo "Waiting 5 seconds for local slapd to start..." 104 1.1 lukem sleep 5 105 1.1 lukem done 106 1.1 lukem 107 1.1 lukem if test $RC != 0 ; then 108 1.1 lukem echo "ldapsearch failed ($RC)!" 109 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 110 1.1 lukem exit $RC 111 1.1 lukem fi 112 1.1 lukem 113 1.1 lukem echo "Testing slapd Translucent Proxy operations..." 114 1.1 lukem 115 1.1 lukem echo "Testing search: no remote data defined..." 116 1.1 lukem 117 1.1 lukem $LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" >$SEARCHOUT 2>&1 118 1.1 lukem 119 1.1 lukem RC=$? 120 1.1 lukem if test $RC != 0 ; then 121 1.1 lukem echo "ldapsearch failed ($RC)!" 122 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 123 1.1 lukem exit $RC 124 1.1 lukem fi 125 1.1 lukem 126 1.1 lukem if test -s $SEARCHOUT; then 127 1.1 lukem echo "ldapsearch should have returned no records!" 128 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 129 1.1 lukem exit 1 130 1.1 lukem fi 131 1.1 lukem 132 1.1 lukem echo "Populating remote database..." 133 1.1 lukem 134 1.1 lukem $LDAPADD -D "$TRANSLUCENTROOT" -H $URI1 \ 135 1.1 lukem -w $PASSWD < $LDIFTRANSLUCENTDATA > $NOWHERE 2>&1 136 1.1 lukem 137 1.1 lukem RC=$? 138 1.1 lukem if test $RC != 0 ; then 139 1.1 lukem echo "ldapadd failed ($RC)!" 140 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 141 1.1 lukem exit $RC 142 1.1 lukem fi 143 1.1 lukem 144 1.1 lukem echo "Testing search: remote database via local slapd..." 145 1.1 lukem 146 1.1 lukem $LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" > $SEARCHOUT 2>&1 147 1.1 lukem 148 1.1 lukem RC=$? 149 1.1 lukem if test $RC != 0 ; then 150 1.1 lukem echo "ldapsearch failed ($RC)!" 151 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 152 1.1 lukem exit $RC 153 1.1 lukem fi 154 1.1 lukem 155 1.1.1.3 adam $LDIFFILTER < $SEARCHOUT > $SEARCHFLT 156 1.1.1.3 adam $LDIFFILTER < $LDIFTRANSLUCENTDATA > $LDIFFLT 157 1.1 lukem $CMP $SEARCHFLT $LDIFFLT > $CMPOUT 158 1.1 lukem 159 1.1 lukem if test $? != 0 ; then 160 1.1 lukem echo "Comparison failed -- corruption from remote to local!" 161 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 162 1.1 lukem exit 1 163 1.1 lukem fi 164 1.1 lukem 165 1.1 lukem echo "Testing add: prohibited local record..." 166 1.1 lukem 167 1.1 lukem $LDAPADD -D "$TRANSLUCENTDN" -H $URI2 \ 168 1.1 lukem -w $TRANSLUCENTPASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1 169 1.1 lukem 170 1.1 lukem RC=$? 171 1.1 lukem if test $RC != 50 ; then 172 1.1 lukem echo "ldapadd failed ($RC), expected INSUFFICIENT ACCESS!" 173 1.1 lukem grep "$FAILURE" $TESTOUT 174 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 175 1.1 lukem exit 1 176 1.1 lukem fi 177 1.1 lukem 178 1.1 lukem echo "Testing add: valid local record, no_glue..." 179 1.1 lukem 180 1.1 lukem $LDAPADD -v -v -v -D "$TRANSLUCENTROOT" -H $URI2 \ 181 1.1 lukem -w $PASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1 182 1.1 lukem 183 1.1 lukem RC=$? 184 1.1.1.3 adam if test $RC != 32 && test $RC,$BACKEND != 0,null ; then 185 1.1 lukem echo "ldapadd failed ($RC), expected NO SUCH OBJECT!" 186 1.1 lukem grep "$FAILURE" $TESTOUT 187 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 188 1.1 lukem exit 1 189 1.1 lukem fi 190 1.1 lukem 191 1.1 lukem echo "Testing modrdn: valid local record, no_glue..." 192 1.1 lukem 193 1.1 lukem $LDAPMODRDN -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 194 1.1 lukem $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy' 195 1.1 lukem 196 1.1 lukem RC=$? 197 1.1.1.3 adam if test $RC != 32 && test $RC,$BACKEND != 0,null ; then 198 1.1 lukem echo "ldapmodrdn failed ($RC), expected NO SUCH OBJECT!" 199 1.1 lukem grep "$FAILURE" $TESTOUT 200 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 201 1.1 lukem exit 1 202 1.1 lukem fi 203 1.1 lukem 204 1.1 lukem echo "Dynamically configuring local slapd without translucent_no_glue..." 205 1.1 lukem 206 1.1 lukem $LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF 207 1.1 lukem dn: olcOverlay={0}translucent,olcDatabase={$DBIX}$BACKEND,cn=config 208 1.1 lukem changetype: modify 209 1.1 lukem replace: olcTranslucentNoGlue 210 1.1 lukem olcTranslucentNoGlue: FALSE 211 1.1 lukem EOF 212 1.1 lukem RC=$? 213 1.1 lukem if test $RC != 0 ; then 214 1.1 lukem echo "ldapmodify of dynamic config failed ($RC)" 215 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 216 1.1 lukem exit 1 217 1.1 lukem fi 218 1.1 lukem 219 1.1 lukem echo "Testing add: valid local record..." 220 1.1 lukem 221 1.1 lukem $LDAPADD -D "$TRANSLUCENTROOT" -H $URI2 \ 222 1.1 lukem -w $PASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1 223 1.1 lukem 224 1.1 lukem RC=$? 225 1.1 lukem if test $RC != 0 ; then 226 1.1 lukem echo "ldapadd failed ($RC)!" 227 1.1 lukem grep "$FAILURE" $TESTOUT 228 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 229 1.1 lukem exit $RC 230 1.1 lukem fi 231 1.1 lukem 232 1.1 lukem echo "Testing search: data merging..." 233 1.1 lukem 234 1.1 lukem $LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" > $SEARCHOUT 2>&1 235 1.1 lukem 236 1.1 lukem RC=$? 237 1.1 lukem if test $RC != 0 ; then 238 1.1 lukem echo "ldapsearch failed ($RC)!" 239 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 240 1.1 lukem exit $RC 241 1.1 lukem fi 242 1.1 lukem 243 1.1.1.3 adam $LDIFFILTER < $SEARCHOUT > $SEARCHFLT 244 1.1.1.3 adam $LDIFFILTER < $LDIFTRANSLUCENTMERGED > $LDIFFLT 245 1.1.1.3 adam $CMP $SEARCHFLT $LDIFFLT > $CMPOUT 246 1.1 lukem 247 1.1 lukem if test $? != 0 ; then 248 1.1 lukem echo "Comparison failed -- local data failed to merge with remote!" 249 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 250 1.1 lukem exit 1 251 1.1 lukem fi 252 1.1 lukem 253 1.1 lukem echo "Testing compare: valid local..." 254 1.1 lukem 255 1.1 lukem $LDAPCOMPARE -z -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \ 256 1.1 lukem "uid=danger,ou=users,o=translucent" "carLicense:LIVID" 257 1.1 lukem 258 1.1 lukem RC=$? 259 1.1 lukem if test $RC != 6 ; then 260 1.1 lukem echo "ldapcompare failed ($RC), expected TRUE!" 261 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 262 1.1 lukem exit 1 263 1.1 lukem fi 264 1.1 lukem 265 1.1 lukem echo "Testing compare: valid remote..." 266 1.1 lukem 267 1.1 lukem $LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \ 268 1.1 lukem "uid=binder,o=translucent" "businessCategory:binder-test-user" 269 1.1 lukem 270 1.1 lukem RC=$? 271 1.1 lukem if test $RC != 6 ; then 272 1.1 lukem echo "ldapcompare failed ($RC), expected TRUE!" 273 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 274 1.1 lukem exit 1 275 1.1 lukem fi 276 1.1 lukem 277 1.1 lukem echo "Testing compare: bogus local..." 278 1.1 lukem 279 1.1 lukem $LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \ 280 1.1 lukem "uid=danger,ou=users,o=translucent" "businessCategory:invalid-test-value" 281 1.1 lukem 282 1.1 lukem RC=$? 283 1.1 lukem if test $RC != 5 ; then 284 1.1 lukem echo "ldapcompare failed ($RC), expected FALSE!" 285 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 286 1.1 lukem exit 1 287 1.1 lukem fi 288 1.1 lukem 289 1.1 lukem echo "Testing compare: bogus remote..." 290 1.1 lukem 291 1.1 lukem $LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \ 292 1.1 lukem "uid=binder,o=translucent" "businessCategory:invalid-test-value" 293 1.1 lukem 294 1.1 lukem RC=$? 295 1.1 lukem if test $RC != 5 ; then 296 1.1 lukem echo "ldapcompare failed ($RC), expected FALSE!" 297 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 298 1.1 lukem exit 1 299 1.1 lukem fi 300 1.1 lukem 301 1.1 lukem echo "Testing modify: nonexistent record..." 302 1.1 lukem 303 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 304 1.1 lukem $TESTOUT 2>&1 << EOF_MOD 305 1.1 lukem version: 1 306 1.1 lukem dn: uid=bogus,ou=users,o=translucent 307 1.1 lukem changetype: modify 308 1.1 lukem replace: roomNumber 309 1.1 lukem roomNumber: 31J-2112 310 1.1 lukem EOF_MOD 311 1.1 lukem 312 1.1 lukem RC=$? 313 1.1 lukem if test $RC != 32 ; then 314 1.1 lukem echo "ldapmodify failed ($RC), expected NO SUCH OBJECT!" 315 1.1 lukem grep "$FAILURE" $TESTOUT 316 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 317 1.1 lukem exit 1 318 1.1 lukem fi 319 1.1 lukem 320 1.1 lukem echo "Testing modify: valid local record, nonexistent attribute..." 321 1.1 lukem 322 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 323 1.1 lukem $TESTOUT 2>&1 << EOF_MOD1 324 1.1 lukem version: 1 325 1.1 lukem dn: uid=danger,ou=users,o=translucent 326 1.1 lukem changetype: modify 327 1.1 lukem replace: roomNumber 328 1.1 lukem roomNumber: 9N-21 329 1.1 lukem EOF_MOD1 330 1.1 lukem 331 1.1 lukem RC=$? 332 1.1 lukem if test $RC != 0 ; then 333 1.1 lukem echo "ldapmodify failed ($RC)!" 334 1.1 lukem grep "$FAILURE" $TESTOUT 335 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 336 1.1 lukem exit $RC 337 1.1 lukem fi 338 1.1 lukem 339 1.1 lukem $LDAPSEARCH -H $URI2 -b "uid=danger,ou=users,o=translucent" > $SEARCHOUT 2>&1 340 1.1 lukem 341 1.1 lukem RC=$? 342 1.1 lukem if test $RC != 0 ; then 343 1.1 lukem echo "ldapsearch failed ($RC)!" 344 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 345 1.1 lukem exit $RC 346 1.1 lukem fi 347 1.1 lukem 348 1.1 lukem ATTR=`grep roomNumber $SEARCHOUT` > $NOWHERE 2>&1 349 1.1 lukem if test "$ATTR" != "roomNumber: 9N-21" ; then 350 1.1 lukem echo "modification failed!" 351 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 352 1.1 lukem exit 1 353 1.1 lukem fi 354 1.1 lukem 355 1.1 lukem echo "Testing search: specific nonexistent remote attribute..." 356 1.1 lukem 357 1.1 lukem $LDAPSEARCH -H $URI2 -b "uid=danger,ou=users,o=translucent" roomNumber > $SEARCHOUT 2>&1 358 1.1 lukem 359 1.1 lukem RC=$? 360 1.1 lukem if test $RC != 0 ; then 361 1.1 lukem echo "ldapsearch failed ($RC)!" 362 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 363 1.1 lukem exit $RC 364 1.1 lukem fi 365 1.1 lukem 366 1.1 lukem echo "Testing modify: nonexistent local record, nonexistent attribute..." 367 1.1 lukem 368 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 369 1.1 lukem $TESTOUT 2>&1 << EOF_MOD2 370 1.1 lukem version: 1 371 1.1 lukem dn: uid=fred,ou=users,o=translucent 372 1.1 lukem changetype: modify 373 1.1 lukem replace: roomNumber 374 1.1 lukem roomNumber: 31J-2112 375 1.1 lukem EOF_MOD2 376 1.1 lukem 377 1.1 lukem RC=$? 378 1.1 lukem if test $RC != 0 ; then 379 1.1 lukem echo "ldapmodify failed ($RC)!" 380 1.1 lukem grep "$FAILURE" $TESTOUT 381 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 382 1.1 lukem exit $RC 383 1.1 lukem fi 384 1.1 lukem 385 1.1 lukem $LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1 386 1.1 lukem 387 1.1 lukem RC=$? 388 1.1 lukem if test $RC != 0 ; then 389 1.1 lukem echo "ldapsearch failed ($RC)!" 390 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 391 1.1 lukem exit $RC 392 1.1 lukem fi 393 1.1 lukem 394 1.1 lukem ATTR=`grep roomNumber $SEARCHOUT` > $NOWHERE 2>&1 395 1.1 lukem if test "$ATTR" != "roomNumber: 31J-2112" ; then 396 1.1 lukem echo "modification failed!" 397 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 398 1.1 lukem exit 1 399 1.1 lukem fi 400 1.1 lukem 401 1.1 lukem echo "Testing modify: valid remote record, nonexistent attribute..." 402 1.1 lukem 403 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 404 1.1 lukem $TESTOUT 2>&1 << EOF_MOD9 405 1.1 lukem version: 1 406 1.1 lukem dn: uid=fred,ou=users,o=translucent 407 1.1 lukem changetype: modify 408 1.1 lukem delete: preferredLanguage 409 1.1 lukem EOF_MOD9 410 1.1 lukem 411 1.1 lukem RC=$? 412 1.1 lukem if test $RC != 16 ; then 413 1.1 lukem echo "ldapmodify failed ($RC), expected NO SUCH ATTRIBUTE!" 414 1.1 lukem grep "$FAILURE" $TESTOUT 415 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 416 1.1 lukem exit 1 417 1.1 lukem fi 418 1.1 lukem 419 1.1 lukem echo "Testing delete: valid local record, nonexistent attribute..." 420 1.1 lukem 421 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 422 1.1 lukem $TESTOUT 2>&1 << EOF_MOD4 423 1.1 lukem version: 1 424 1.1 lukem dn: uid=fred,ou=users,o=translucent 425 1.1 lukem changetype: modify 426 1.1 lukem delete: roomNumber 427 1.1 lukem EOF_MOD4 428 1.1 lukem 429 1.1 lukem RC=$? 430 1.1 lukem if test $RC != 0 ; then 431 1.1 lukem echo "ldapmodify failed ($RC)!" 432 1.1 lukem grep "$FAILURE" $TESTOUT 433 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 434 1.1 lukem exit $RC 435 1.1 lukem fi 436 1.1 lukem 437 1.1 lukem echo "Testing modrdn: prohibited local record..." 438 1.1 lukem 439 1.1 lukem $LDAPMODRDN -D "$TRANSLUCENTDN" -H $URI2 -w $TRANSLUCENTPASSWD > \ 440 1.1 lukem $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy' 441 1.1 lukem 442 1.1 lukem RC=$? 443 1.1 lukem if test $RC != 50 ; then 444 1.1 lukem echo "ldapmodrdn failed ($RC), expected INSUFFICIENT ACCESS!" 445 1.1 lukem grep "$FAILURE" $TESTOUT 446 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 447 1.1 lukem exit 1 448 1.1 lukem fi 449 1.1 lukem 450 1.1 lukem echo "Testing modrdn: valid local record..." 451 1.1 lukem 452 1.1 lukem $LDAPMODRDN -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 453 1.1 lukem $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy' 454 1.1 lukem 455 1.1 lukem RC=$? 456 1.1 lukem if test $RC != 0 ; then 457 1.1 lukem echo "ldapmodrdn failed ($RC)!" 458 1.1 lukem grep "$FAILURE" $TESTOUT 459 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 460 1.1 lukem exit $RC 461 1.1 lukem fi 462 1.1 lukem 463 1.1 lukem echo "Testing delete: prohibited local record..." 464 1.1 lukem 465 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTDN" -H $URI2 -w $TRANSLUCENTPASSWD > \ 466 1.1 lukem $TESTOUT 2>&1 << EOF_DEL2 467 1.1 lukem version: 1 468 1.1 lukem dn: uid=someguy,ou=users,o=translucent 469 1.1 lukem changetype: delete 470 1.1 lukem EOF_DEL2 471 1.1 lukem 472 1.1 lukem RC=$? 473 1.1 lukem if test $RC != 50 ; then 474 1.1 lukem echo "ldapadd failed ($RC), expected INSUFFICIENT ACCESS!" 475 1.1 lukem grep "$FAILURE" $TESTOUT 476 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 477 1.1 lukem exit 1 478 1.1 lukem fi 479 1.1 lukem 480 1.1 lukem echo "Testing delete: valid local record..." 481 1.1 lukem 482 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 483 1.1 lukem $TESTOUT 2>&1 << EOF_DEL3 484 1.1 lukem version: 1 485 1.1 lukem dn: uid=someguy,ou=users,o=translucent 486 1.1 lukem changetype: delete 487 1.1 lukem EOF_DEL3 488 1.1 lukem 489 1.1 lukem RC=$? 490 1.1 lukem if test $RC != 0 ; then 491 1.1 lukem echo "ldapmodify failed ($RC)!" 492 1.1 lukem grep "$FAILURE" $TESTOUT 493 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 494 1.1 lukem exit $RC 495 1.1 lukem fi 496 1.1 lukem 497 1.1 lukem echo "Testing delete: valid remote record..." 498 1.1 lukem 499 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 500 1.1 lukem $TESTOUT 2>&1 << EOF_DEL8 501 1.1 lukem version: 1 502 1.1 lukem dn: uid=fred,ou=users,o=translucent 503 1.1 lukem changetype: delete 504 1.1 lukem EOF_DEL8 505 1.1 lukem 506 1.1 lukem RC=$? 507 1.1 lukem if test $RC != 32 ; then 508 1.1 lukem echo "ldapmodify failed ($RC), expected NO SUCH OBJECT!" 509 1.1 lukem grep "$FAILURE" $TESTOUT 510 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 511 1.1 lukem exit 1 512 1.1 lukem fi 513 1.1 lukem 514 1.1 lukem echo "Testing delete: nonexistent local record, nonexistent attribute..." 515 1.1 lukem 516 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 517 1.1 lukem $TESTOUT 2>&1 << EOF_DEL1 518 1.1 lukem version: 1 519 1.1 lukem dn: uid=fred,ou=users,o=translucent 520 1.1 lukem changetype: modify 521 1.1 lukem delete: roomNumber 522 1.1 lukem EOF_DEL1 523 1.1 lukem 524 1.1 lukem RC=$? 525 1.1 lukem if test $RC != 0 ; then 526 1.1 lukem echo "ldapmodify failed ($RC)!" 527 1.1 lukem grep "$FAILURE" $TESTOUT 528 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 529 1.1 lukem exit $RC 530 1.1 lukem fi 531 1.1 lukem 532 1.1 lukem $LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1 533 1.1 lukem 534 1.1 lukem RC=$? 535 1.1 lukem if test $RC != 0 ; then 536 1.1 lukem echo "ldapsearch failed ($RC)!" 537 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 538 1.1 lukem exit $RC 539 1.1 lukem fi 540 1.1 lukem 541 1.1 lukem echo "Testing delete: valid local record, nonexistent attribute..." 542 1.1 lukem 543 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 544 1.1 lukem $TESTOUT 2>&1 << EOF_MOD8 545 1.1 lukem version: 1 546 1.1 lukem dn: uid=danger,ou=users,o=translucent 547 1.1 lukem changetype: modify 548 1.1 lukem delete: preferredLanguage 549 1.1 lukem EOF_MOD8 550 1.1 lukem 551 1.1 lukem RC=$? 552 1.1 lukem if test $RC != 16 ; then 553 1.1 lukem echo "ldapmodify failed ($RC), expected NO SUCH ATTRIBUTE!" 554 1.1 lukem grep "$FAILURE" $TESTOUT 555 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 556 1.1 lukem exit 1 557 1.1 lukem fi 558 1.1 lukem 559 1.1 lukem echo "Testing delete: valid local record, remote attribute..." 560 1.1 lukem 561 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 562 1.1 lukem $TESTOUT 2>&1 << EOF_MOD8 563 1.1 lukem version: 1 564 1.1 lukem dn: uid=danger,ou=users,o=translucent 565 1.1 lukem changetype: modify 566 1.1 lukem delete: initials 567 1.1 lukem EOF_MOD8 568 1.1 lukem 569 1.1 lukem RC=$? 570 1.1 lukem if test $RC != 0 ; then 571 1.1 lukem echo "ldapmodify failed ($RC)" 572 1.1 lukem grep "$FAILURE" $TESTOUT 573 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 574 1.1 lukem exit 1 575 1.1 lukem fi 576 1.1 lukem 577 1.1 lukem echo "Testing modify: valid remote record, combination add-modify-delete..." 578 1.1 lukem 579 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 580 1.1 lukem $TESTOUT 2>&1 << EOF_MOD6 581 1.1 lukem version: 1 582 1.1 lukem dn: uid=fred,ou=users,o=translucent 583 1.1 lukem changetype: modify 584 1.1 lukem delete: carLicense 585 1.1 lukem - 586 1.1 lukem add: preferredLanguage 587 1.1 lukem preferredLanguage: ISO8859-1 588 1.1 lukem - 589 1.1 lukem replace: employeeType 590 1.1 lukem employeeType: consultant 591 1.1 lukem EOF_MOD6 592 1.1 lukem 593 1.1 lukem RC=$? 594 1.1 lukem if test $RC != 0 ; then 595 1.1 lukem echo "ldapmodify failed ($RC)!" 596 1.1 lukem grep "$FAILURE" $TESTOUT 597 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 598 1.1 lukem exit $RC 599 1.1 lukem fi 600 1.1 lukem 601 1.1 lukem $LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1 602 1.1 lukem 603 1.1 lukem RC=$? 604 1.1 lukem if test $RC != 0 ; then 605 1.1 lukem echo "ldapsearch failed ($RC)!" 606 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 607 1.1 lukem exit $RC 608 1.1 lukem fi 609 1.1 lukem 610 1.1 lukem ATTR=`grep employeeType $SEARCHOUT` > $NOWHERE 2>&1 611 1.1 lukem if test "$ATTR" != "employeeType: consultant" ; then 612 1.1 lukem echo "modification failed!" 613 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 614 1.1 lukem exit 1 615 1.1 lukem fi 616 1.1 lukem 617 1.1 lukem ATTR=`grep preferredLanguage $SEARCHOUT` > $NOWHERE 2>&1 618 1.1 lukem if test "$ATTR" != "preferredLanguage: ISO8859-1" ; then 619 1.1 lukem echo "modification failed!" 620 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 621 1.1 lukem exit 1 622 1.1 lukem fi 623 1.1 lukem 624 1.1 lukem echo "Dynamically configuring local slapd with translucent_no_glue and translucent_strict..." 625 1.1 lukem 626 1.1 lukem $LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF 627 1.1 lukem dn: olcOverlay={0}translucent,olcDatabase={$DBIX}$BACKEND,cn=config 628 1.1 lukem changetype: modify 629 1.1 lukem replace: olcTranslucentNoGlue 630 1.1 lukem olcTranslucentNoGlue: TRUE 631 1.1 lukem - 632 1.1 lukem replace: olcTranslucentStrict 633 1.1 lukem olcTranslucentStrict: TRUE 634 1.1 lukem EOF 635 1.1 lukem RC=$? 636 1.1 lukem if test $RC != 0 ; then 637 1.1 lukem echo "ldapmodify of dynamic config failed ($RC)" 638 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 639 1.1 lukem exit 1 640 1.1 lukem fi 641 1.1 lukem 642 1.1 lukem echo "Testing strict mode delete: nonexistent local attribute..." 643 1.1 lukem 644 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 645 1.1 lukem $TESTOUT 2>&1 << EOF_MOD5 646 1.1 lukem version: 1 647 1.1 lukem dn: uid=example,ou=users,o=translucent 648 1.1 lukem changetype: modify 649 1.1 lukem delete: preferredLanguage 650 1.1 lukem EOF_MOD5 651 1.1 lukem 652 1.1 lukem RC=$? 653 1.1 lukem if test $RC != 19 ; then 654 1.1 lukem echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!" 655 1.1 lukem grep "$FAILURE" $TESTOUT 656 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 657 1.1 lukem exit 1 658 1.1 lukem fi 659 1.1 lukem 660 1.1 lukem echo "Testing strict mode delete: nonexistent remote attribute..." 661 1.1 lukem 662 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 663 1.1 lukem $TESTOUT 2>&1 << EOF_MOD3 664 1.1 lukem version: 1 665 1.1 lukem dn: uid=danger,ou=users,o=translucent 666 1.1 lukem changetype: modify 667 1.1 lukem delete: displayName 668 1.1 lukem EOF_MOD3 669 1.1 lukem 670 1.1 lukem RC=$? 671 1.1 lukem if test $RC != 19 ; then 672 1.1 lukem echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!" 673 1.1 lukem grep "$FAILURE" $TESTOUT 674 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 675 1.1 lukem exit 1 676 1.1 lukem fi 677 1.1 lukem 678 1.1 lukem echo "Testing strict mode modify: combination add-modify-delete..." 679 1.1 lukem 680 1.1 lukem $LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 681 1.1 lukem $TESTOUT 2>&1 << EOF_MOD6 682 1.1 lukem version: 1 683 1.1 lukem dn: uid=example,ou=users,o=translucent 684 1.1 lukem changetype: modify 685 1.1 lukem delete: carLicense 686 1.1 lukem - 687 1.1 lukem add: preferredLanguage 688 1.1 lukem preferredLanguage: ISO8859-1 689 1.1 lukem - 690 1.1 lukem replace: employeeType 691 1.1 lukem employeeType: consultant 692 1.1 lukem EOF_MOD6 693 1.1 lukem 694 1.1 lukem RC=$? 695 1.1 lukem if test $RC != 19 ; then 696 1.1 lukem echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!" 697 1.1 lukem grep "$FAILURE" $TESTOUT 698 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 699 1.1 lukem exit 1 700 1.1 lukem fi 701 1.1 lukem 702 1.1 lukem echo "Testing invalid Bind request..." 703 1.1 lukem $LDAPWHOAMI -D "$TRANSLUCENTDN" -H $URI2 -w Wrong"$TRANSLUCENTPASSWD" > \ 704 1.1 lukem $TESTOUT 2>&1 705 1.1 lukem RC=$? 706 1.1 lukem if test $RC != 49 ; then 707 1.1 lukem echo "ldapwhoami failed ($RC), expected INVALID CREDENTIALS!" 708 1.1 lukem grep "$FAILURE" $TESTOUT 709 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 710 1.1 lukem exit 1 711 1.1 lukem fi 712 1.1 lukem 713 1.1 lukem $LDAPWHOAMI -D "$TRANSLUCENTDN" -H $URI2 -w "$TRANSLUCENTPASSWD" > \ 714 1.1 lukem $TESTOUT 2>&1 715 1.1 lukem RC=$? 716 1.1 lukem if test $RC != 0 ; then 717 1.1 lukem echo "ldapwhoami failed ($RC), expected SUCCESS!" 718 1.1 lukem grep "$FAILURE" $TESTOUT 719 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 720 1.1 lukem exit 1 721 1.1 lukem fi 722 1.1 lukem 723 1.1 lukem echo "Testing search: unconfigured local filter..." 724 1.1 lukem $LDAPSEARCH -H $URI2 -b "o=translucent" "(employeeType=consultant)" > $SEARCHOUT 2>&1 725 1.1 lukem 726 1.1 lukem ATTR=`grep dn: $SEARCHOUT` > $NOWHERE 2>&1 727 1.1 lukem if test -n "$ATTR" ; then 728 1.1 lukem echo "got result $ATTR, should have been no result" 729 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 730 1.1 lukem exit 1 731 1.1 lukem fi 732 1.1 lukem 733 1.1 lukem echo "Dynamically configuring local slapd with translucent_local..." 734 1.1 lukem 735 1.1 lukem $LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF 736 1.1 lukem dn: olcOverlay={0}translucent,olcDatabase={$DBIX}$BACKEND,cn=config 737 1.1 lukem changetype: modify 738 1.1 lukem add: olcTranslucentLocal 739 1.1 lukem olcTranslucentLocal: employeeType 740 1.1 lukem EOF 741 1.1 lukem RC=$? 742 1.1 lukem if test $RC != 0 ; then 743 1.1 lukem echo "ldapmodify of dynamic config failed ($RC)" 744 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 745 1.1 lukem exit 1 746 1.1 lukem fi 747 1.1 lukem 748 1.1 lukem echo "Testing search: configured local filter..." 749 1.1 lukem $LDAPSEARCH -H $URI2 -b "o=translucent" "(employeeType=consultant)" > $SEARCHOUT 2>&1 750 1.1 lukem 751 1.1 lukem ATTR=`grep dn: $SEARCHOUT` > $NOWHERE 2>&1 752 1.1 lukem if test -z "$ATTR" ; then 753 1.1 lukem echo "got no result, should have found entry" 754 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 755 1.1 lukem exit 1 756 1.1 lukem fi 757 1.1 lukem 758 1.1.1.10 christos $LDAPSEARCH -H $URI2 -b "o=translucent" "(employeeType=consult*)" > $SEARCHOUT 2>&1 759 1.1.1.10 christos ATTR=`grep dn: $SEARCHOUT` > $NOWHERE 2>&1 760 1.1.1.10 christos if test -z "$ATTR" ; then 761 1.1.1.10 christos echo "got no result, should have found entry" 762 1.1.1.10 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 763 1.1.1.10 christos exit 1 764 1.1.1.10 christos fi 765 1.1.1.10 christos 766 1.1 lukem echo "Testing search: unconfigured remote filter..." 767 1.1 lukem $LDAPSEARCH -H $URI2 -b "o=translucent" "(|(employeeType=foo)(carlicense=right))" > $SEARCHOUT 2>&1 768 1.1 lukem 769 1.1 lukem ATTR=`grep dn: $SEARCHOUT` > $NOWHERE 2>&1 770 1.1 lukem if test -n "$ATTR" ; then 771 1.1 lukem echo "got result $ATTR, should have been no result" 772 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 773 1.1 lukem exit 1 774 1.1 lukem fi 775 1.1 lukem 776 1.1 lukem echo "Dynamically configuring local slapd with translucent_remote..." 777 1.1 lukem 778 1.1 lukem $LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF 779 1.1 lukem dn: olcOverlay={0}translucent,olcDatabase={$DBIX}$BACKEND,cn=config 780 1.1 lukem changetype: modify 781 1.1 lukem add: olcTranslucentRemote 782 1.1 lukem olcTranslucentRemote: carLicense 783 1.1 lukem EOF 784 1.1 lukem RC=$? 785 1.1 lukem if test $RC != 0 ; then 786 1.1 lukem echo "ldapmodify of dynamic config failed ($RC)" 787 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 788 1.1 lukem exit 1 789 1.1 lukem fi 790 1.1 lukem 791 1.1 lukem echo "Testing search: configured remote filter..." 792 1.1 lukem $LDAPSEARCH -H $URI2 -b "o=translucent" "(|(employeeType=foo)(carlicense=right))" > $SEARCHOUT 2>&1 793 1.1 lukem 794 1.1 lukem ATTR=`grep dn: $SEARCHOUT` > $NOWHERE 2>&1 795 1.1 lukem if test -z "$ATTR" ; then 796 1.1 lukem echo "got no result, should have found entry" 797 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 798 1.1 lukem exit 1 799 1.1 lukem fi 800 1.1 lukem 801 1.1.1.10 christos echo "Testing search: configured remote filter not requesting filtered attrs..." 802 1.1.1.10 christos $LDAPSEARCH -H $URI2 -b "o=translucent" "(|(employeeType=foo)(carlicense=right))" cn > $SEARCHOUT 2>&1 803 1.1.1.10 christos 804 1.1.1.10 christos ATTR=`grep dn: $SEARCHOUT` > $NOWHERE 2>&1 805 1.1.1.10 christos if test -z "$ATTR" ; then 806 1.1.1.10 christos echo "got no result, should have found entry" 807 1.1.1.10 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 808 1.1.1.10 christos exit 1 809 1.1.1.10 christos fi 810 1.1.1.10 christos 811 1.1 lukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 812 1.1 lukem 813 1.1 lukem echo ">>>>> Test succeeded" 814 1.1 lukem 815 1.1 lukem test $KILLSERVERS != no && wait 816 1.1 lukem 817 1.1 lukem exit 0 818
Indexes created Mon May 04 00:23:20 UTC 2026