1 #! /bin/sh 2 # $OpenLDAP$ 3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 ## 5 ## Copyright 1998-2024 The OpenLDAP Foundation. 6 ## All rights reserved. 7 ## 8 ## Redistribution and use in source and binary forms, with or without 9 ## modification, are permitted only as authorized by the OpenLDAP 10 ## Public License. 11 ## 12 ## A copy of this license is available in the file LICENSE in the 13 ## top-level directory of the distribution or, alternatively, at 14 ## <http://www.OpenLDAP.org/license.html>. 15 16 echo "running defines.sh" 17 . $SRCDIR/scripts/defines.sh 18 19 echo "" 20 21 if test $BACKASYNCMETA = asyncmetano ; then 22 echo "asyncmeta backend not available, test skipped" 23 exit 0 24 fi 25 26 if test $BACKLDAP = ldapno ; then 27 echo "ldap backend not available, test skipped" 28 exit 0 29 fi 30 31 rm -rf $TESTDIR 32 33 mkdir -p $TESTDIR $DBDIR1 $DBDIR2 34 35 echo "Starting slapd on TCP/IP port $PORT1..." 36 . $CONFFILTER $BACKEND < $METACONF1 > $CONF1 37 $SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & 38 PID=$! 39 if test $WAIT != 0 ; then 40 echo PID $PID 41 read foo 42 fi 43 KILLPIDS="$PID" 44 45 sleep 1 46 47 echo "Using ldapsearch to check that slapd is running..." 48 for i in 0 1 2 3 4 5; do 49 $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 50 'objectclass=*' > /dev/null 2>&1 51 RC=$? 52 if test $RC = 0 ; then 53 break 54 fi 55 echo "Waiting 5 seconds for slapd to start..." 56 sleep 5 57 done 58 if test $RC != 0 ; then 59 echo "ldapsearch failed ($RC)!" 60 test $KILLSERVERS != no && kill -HUP $KILLPIDS 61 exit $RC 62 fi 63 64 echo "Using ldapadd to populate the database..." 65 $LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \ 66 $LDIFORDERED > $TESTOUT 2>&1 67 RC=$? 68 if test $RC != 0 ; then 69 echo "ldapadd failed ($RC)!" 70 test $KILLSERVERS != no && kill -HUP $KILLPIDS 71 exit $RC 72 fi 73 74 echo "Starting slapd on TCP/IP port $PORT2..." 75 . $CONFFILTER $BACKEND < $METACONF2 > $CONF2 76 $SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & 77 PID=$! 78 if test $WAIT != 0 ; then 79 echo PID $PID 80 read foo 81 fi 82 KILLPIDS="$KILLPIDS $PID" 83 84 sleep 1 85 86 echo "Using ldapsearch to check that slapd is running..." 87 for i in 0 1 2 3 4 5; do 88 $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ 89 'objectclass=*' > /dev/null 2>&1 90 RC=$? 91 if test $RC = 0 ; then 92 break 93 fi 94 echo "Waiting 5 seconds for slapd to start..." 95 sleep 5 96 done 97 if test $RC != 0 ; then 98 echo "ldapsearch failed ($RC)!" 99 test $KILLSERVERS != no && kill -HUP $KILLPIDS 100 exit $RC 101 fi 102 103 echo "Using ldapadd to populate the database..." 104 $LDAPADD -D "$METAMANAGERDN" -H $URI2 -w $PASSWD < \ 105 $LDIFMETA >> $TESTOUT 2>&1 106 RC=$? 107 if test $RC != 0 ; then 108 echo "ldapadd failed ($RC)!" 109 test $KILLSERVERS != no && kill -HUP $KILLPIDS 110 exit $RC 111 fi 112 113 echo "Starting slapd on TCP/IP port $PORT3..." 114 . $CONFFILTER $BACKEND < $ASYNCMETACONF > $CONF3 115 $SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 & 116 PID=$! 117 if test $WAIT != 0 ; then 118 echo PID $PID 119 read foo 120 fi 121 KILLPIDS="$KILLPIDS $PID" 122 123 sleep 1 124 125 echo "Using ldapsearch to check that slapd is running..." 126 for i in 0 1 2 3 4 5; do 127 $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \ 128 'objectclass=*' > /dev/null 2>&1 129 RC=$? 130 if test $RC = 0 ; then 131 break 132 fi 133 echo "Waiting 5 seconds for slapd to start..." 134 sleep 5 135 done 136 if test $RC != 0 ; then 137 echo "ldapsearch failed ($RC)!" 138 test $KILLSERVERS != no && kill -HUP $KILLPIDS 139 exit $RC 140 fi 141 142 cat /dev/null > $SEARCHOUT 143 144 BASEDN="o=Example,c=US" 145 echo "Searching base=\"$BASEDN\"..." 146 echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT 147 $LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" >> $SEARCHOUT 2>&1 148 RC=$? 149 #if test $RC != 0 ; then 150 # echo "Search failed ($RC)!" 151 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 152 # exit $RC 153 #fi 154 case $RC in 155 0) 156 ;; 157 51) 158 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 159 test $KILLSERVERS != no && kill -HUP $KILLPIDS 160 exit 0 161 ;; 162 *) 163 echo "Search failed ($RC)!" 164 test $KILLSERVERS != no && kill -HUP $KILLPIDS 165 exit $RC 166 ;; 167 esac 168 169 # ITS#4195: spurious matchedDN when the search scopes the main target, 170 # and the searchBase is not present, so that target returns noSuchObject 171 BASEDN="ou=Meta,o=Example,c=US" 172 echo "Searching base=\"$BASEDN\"..." 173 echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT 174 $LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" >> $SEARCHOUT 2>&1 175 RC=$? 176 #if test $RC != 0 ; then 177 # echo "Search failed ($RC)!" 178 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 179 # exit $RC 180 #fi 181 case $RC in 182 0) 183 ;; 184 51) 185 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 186 test $KILLSERVERS != no && kill -HUP $KILLPIDS 187 exit 0 188 ;; 189 *) 190 echo "Search failed ($RC)!" 191 test $KILLSERVERS != no && kill -HUP $KILLPIDS 192 exit $RC 193 ;; 194 esac 195 196 # 197 # Do some modifications 198 # 199 200 BASEDN="o=Example,c=US" 201 echo "Modifying database \"$BASEDN\"..." 202 $LDAPMODIFY -v -D "cn=Manager,$BASEDN" -H $URI3 -w $PASSWD \ 203 -M >> $TESTOUT 2>&1 << EOMODS 204 # These operations (updates with objectClass mapping) triggered ITS#3499 205 dn: cn=Added Group,ou=Groups,$BASEDN 206 changetype: add 207 objectClass: groupOfNames 208 objectClass: uidObject 209 cn: Added Group 210 member: cn=Added Group,ou=Groups,$BASEDN 211 uid: added 212 213 dn: cn=Another Added Group,ou=Groups,$BASEDN 214 changetype: add 215 objectClass: groupOfNames 216 cn: Another Added Group 217 member: cn=Added Group,ou=Groups,$BASEDN 218 member: cn=Another Added Group,ou=Groups,$BASEDN 219 220 dn: cn=Another Added Group,ou=Groups,$BASEDN 221 changetype: modify 222 add: objectClass 223 objectClass: uidObject 224 - 225 add: uid 226 uid: added 227 - 228 229 dn: cn=Added Group,ou=Groups,$BASEDN 230 changetype: modify 231 delete: objectClass 232 objectClass: uidObject 233 - 234 delete: uid 235 - 236 237 dn: ou=Meta,$BASEDN 238 changetype: modify 239 add: description 240 description: added to "ou=Meta,$BASEDN" 241 - 242 243 dn: ou=Who's going to handle this?,$BASEDN 244 changetype: add 245 objectClass: organizationalUnit 246 ou: Who's going to handle this? 247 description: added 248 description: will be deleted 249 250 dn: ou=Same as above,$BASEDN 251 changetype: add 252 objectClass: organizationalUnit 253 ou: Same as above 254 description: added right after "Who's going to handle this?" 255 description: will be preserved 256 257 dn: ou=Who's going to handle this?,$BASEDN 258 changetype: delete 259 260 dn: ou=Who's going to handle this?,ou=Meta,$BASEDN 261 changetype: add 262 objectClass: organizationalUnit 263 ou: Who's going to handle this? 264 description: added 265 description: will be deleted 266 267 dn: ou=Same as above,ou=Meta,$BASEDN 268 changetype: add 269 objectClass: organizationalUnit 270 ou: Same as above 271 description: added right after "Who's going to handle this?" 272 description: will be preserved 273 274 dn: cn=Added User,ou=Same as above,ou=Meta,$BASEDN 275 changetype: add 276 objectClass: inetOrgPerson 277 cn: Added User 278 sn: User 279 userPassword: secret 280 281 dn: ou=Who's going to handle this?,ou=Meta,$BASEDN 282 changetype: delete 283 EOMODS 284 285 RC=$? 286 #if test $RC != 0 ; then 287 # echo "Modify failed ($RC)!" 288 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 289 # exit $RC 290 #fi 291 case $RC in 292 0) 293 ;; 294 51) 295 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 296 test $KILLSERVERS != no && kill -HUP $KILLPIDS 297 exit 0 298 ;; 299 *) 300 echo "Modify failed ($RC)!" 301 test $KILLSERVERS != no && kill -HUP $KILLPIDS 302 exit $RC 303 ;; 304 esac 305 306 echo "Searching base=\"$BASEDN\"..." 307 echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT 308 $LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" >> $SEARCHOUT 2>&1 309 RC=$? 310 #if test $RC != 0 ; then 311 # echo "Search failed ($RC)!" 312 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 313 # exit $RC 314 #fi 315 case $RC in 316 0) 317 ;; 318 51) 319 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 320 test $KILLSERVERS != no && kill -HUP $KILLPIDS 321 exit 0 322 ;; 323 *) 324 echo "Search failed ($RC)!" 325 test $KILLSERVERS != no && kill -HUP $KILLPIDS 326 exit $RC 327 ;; 328 esac 329 330 BASEDN="o=Example,c=US" 331 echo " base=\"$BASEDN\"..." 332 echo "# base=\"$BASEDN\"..." >> $SEARCHOUT 333 $LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" -M "$FILTER" '*' ref \ 334 >> $SEARCHOUT 2>&1 335 RC=$? 336 #if test $RC != 0 ; then 337 # echo "Search failed ($RC)!" 338 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 339 # exit $RC 340 #fi 341 case $RC in 342 0) 343 ;; 344 51) 345 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 346 test $KILLSERVERS != no && kill -HUP $KILLPIDS 347 exit 0 348 ;; 349 *) 350 echo "Search failed ($RC)!" 351 test $KILLSERVERS != no && kill -HUP $KILLPIDS 352 exit $RC 353 ;; 354 esac 355 356 BASEDN="o=Example,c=US" 357 FILTER="(seeAlso=cn=all staff,ou=Groups,$BASEDN)" 358 echo "Searching filter=\"$FILTER\"" 359 echo " attrs=\"seeAlso\"" 360 echo " base=\"$BASEDN\"..." 361 echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT 362 echo "# attrs=\"seeAlso\"" >> $SEARCHOUT 363 echo "# base=\"$BASEDN\"..." >> $SEARCHOUT 364 $LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" "$FILTER" seeAlso \ 365 >> $SEARCHOUT 2>&1 366 RC=$? 367 #if test $RC != 0 ; then 368 # echo "Search failed ($RC)!" 369 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 370 # exit $RC 371 #fi 372 case $RC in 373 0) 374 ;; 375 51) 376 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 377 test $KILLSERVERS != no && kill -HUP $KILLPIDS 378 exit 0 379 ;; 380 *) 381 echo "Search failed ($RC)!" 382 test $KILLSERVERS != no && kill -HUP $KILLPIDS 383 exit $RC 384 ;; 385 esac 386 387 FILTER="(uid=example)" 388 echo "Searching filter=\"$FILTER\"" 389 echo " attrs=\"uid\"" 390 echo " base=\"$BASEDN\"..." 391 echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT 392 echo "# attrs=\"uid\"" >> $SEARCHOUT 393 echo "# base=\"$BASEDN\"..." >> $SEARCHOUT 394 $LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" "$FILTER" uid \ 395 >> $SEARCHOUT 2>&1 396 RC=$? 397 #if test $RC != 0 ; then 398 # echo "Search failed ($RC)!" 399 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 400 # exit $RC 401 #fi 402 case $RC in 403 0) 404 ;; 405 51) 406 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 407 test $KILLSERVERS != no && kill -HUP $KILLPIDS 408 exit 0 409 ;; 410 *) 411 echo "Search failed ($RC)!" 412 test $KILLSERVERS != no && kill -HUP $KILLPIDS 413 exit $RC 414 ;; 415 esac 416 417 FILTER="(member=cn=Another Added Group,ou=Groups,$BASEDN)" 418 echo "Searching filter=\"$FILTER\"" 419 echo " attrs=\"member\"" 420 echo " base=\"$BASEDN\"..." 421 echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT 422 echo "# attrs=\"member\"" >> $SEARCHOUT 423 echo "# base=\"$BASEDN\"..." >> $SEARCHOUT 424 $LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" "$FILTER" member \ 425 >> $SEARCHOUT 2>&1 426 RC=$? 427 #if test $RC != 0 ; then 428 # echo "Search failed ($RC)!" 429 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 430 # exit $RC 431 #fi 432 case $RC in 433 0) 434 ;; 435 51) 436 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 437 test $KILLSERVERS != no && kill -HUP $KILLPIDS 438 exit 0 439 ;; 440 *) 441 echo "Search failed ($RC)!" 442 test $KILLSERVERS != no && kill -HUP $KILLPIDS 443 exit $RC 444 ;; 445 esac 446 447 echo "Waiting 10 seconds for cached connections to timeout..." 448 sleep 10 449 450 echo "Searching with a timed out connection..." 451 echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT 452 echo "# attrs=\"member\"" >> $SEARCHOUT 453 echo "# base=\"$BASEDN\"" >> $SEARCHOUT 454 echo "# with a timed out connection..." >> $SEARCHOUT 455 $LDAPSEARCH -S "" -H $URI3 -D "cn=Manager,$BASEDN" -w $PASSWD \ 456 -b "$BASEDN" "$FILTER" member \ 457 >> $SEARCHOUT 2>&1 458 RC=$? 459 #if test $RC != 0 ; then 460 # echo "Search failed ($RC)!" 461 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 462 # exit $RC 463 #fi 464 case $RC in 465 0) 466 ;; 467 51) 468 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 469 test $KILLSERVERS != no && kill -HUP $KILLPIDS 470 exit 0 471 ;; 472 *) 473 echo "Search failed ($RC)!" 474 test $KILLSERVERS != no && kill -HUP $KILLPIDS 475 exit $RC 476 ;; 477 esac 478 479 # NOTE: cannot send to $SEARCHOUT because the returned entries 480 # are not predictable... 481 echo "Checking server-enforced size limit..." 482 echo "# Checking server-enforced size limit..." >> $SEARCHOUT 483 $LDAPSEARCH -S "" -H $URI3 \ 484 -D "cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN" -w bjorn \ 485 -b "$BASEDN" "(objectClass=*)" 1.1 \ 486 >> $TESTOUT 2>&1 487 RC=$? 488 case $RC,$BACKEND in 489 4,* | 0,null) 490 ;; 491 0,*) 492 echo "Search should have failed ($RC)!" 493 test $KILLSERVERS != no && kill -HUP $KILLPIDS 494 exit 1 495 ;; 496 *) 497 echo "Search failed ($RC)!" 498 test $KILLSERVERS != no && kill -HUP $KILLPIDS 499 exit $RC 500 ;; 501 esac 502 503 # NOTE: cannot send to $SEARCHOUT because the returned entries 504 # are not predictable... 505 echo "Checking client-requested size limit..." 506 echo "# Checking client-requested size limit..." >> $SEARCHOUT 507 $LDAPSEARCH -S "" -H $URI3 \ 508 -D "cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN" -w bjorn \ 509 -b "$BASEDN" -z 2 "(objectClass=*)" 1.1 \ 510 >> $TESTOUT 2>&1 511 RC=$? 512 case $RC,$BACKEND in 513 4,* | 0,null) 514 ;; 515 0,*) 516 echo "Search should have failed ($RC)!" 517 test $KILLSERVERS != no && kill -HUP $KILLPIDS 518 exit 1 519 ;; 520 *) 521 echo "Search failed ($RC)!" 522 test $KILLSERVERS != no && kill -HUP $KILLPIDS 523 exit $RC 524 ;; 525 esac 526 527 echo "Filtering ldapsearch results..." 528 $LDIFFILTER < $SEARCHOUT > $SEARCHFLT 529 echo "Filtering original ldif used to create database..." 530 $LDIFFILTER < $METAOUT > $LDIFFLT 531 echo "Comparing filter output..." 532 $CMP $SEARCHFLT $LDIFFLT > $CMPOUT 533 534 if test $? != 0 ; then 535 echo "comparison failed - meta search/modification didn't succeed" 536 test $KILLSERVERS != no && kill -HUP $KILLPIDS 537 exit 1 538 fi 539 540 echo "Binding as newly added user to database \"$BASEDN\"..." 541 $LDAPWHOAMI -H $URI3 \ 542 -D "cn=Added User,ou=Same as above,ou=Meta,$BASEDN" \ 543 -w $PASSWD >> $TESTOUT 2>&1 544 RC=$? 545 #if test $RC != 0 ; then 546 # echo "WhoAmI failed ($RC)!" 547 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 548 # exit $RC 549 #fi 550 case $RC in 551 0) 552 ;; 553 51) 554 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 555 ;; 556 *) 557 echo "WhoAmI failed ($RC)!" 558 test $KILLSERVERS != no && kill -HUP $KILLPIDS 559 exit $RC 560 ;; 561 esac 562 563 564 echo "Binding with incorrect password to database \"$BASEDN\"..." 565 $LDAPWHOAMI -H $URI3 \ 566 -D "cn=Added User,ou=Same as above,ou=Meta,$BASEDN" \ 567 -w bogus >> $TESTOUT 2>&1 568 RC=$? 569 #if test $RC != 0 ; then 570 # echo "WhoAmI failed ($RC)!" 571 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 572 # exit $RC 573 #fi 574 case $RC,$BACKEND in 575 0,null) 576 ;; 577 0,*) 578 echo "WhoAmI should have failed ($RC)!" 579 test $KILLSERVERS != no && kill -HUP $KILLPIDS 580 exit 1 581 ;; 582 51,*) 583 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 584 ;; 585 *) 586 ;; 587 esac 588 589 echo "Binding with non-existing user to database \"$BASEDN\"..." 590 $LDAPWHOAMI -H $URI3 \ 591 -D "cn=Non-existing User,ou=Same as above,ou=Meta,$BASEDN" \ 592 -w bogus >> $TESTOUT 2>&1 593 RC=$? 594 #if test $RC != 0 ; then 595 # echo "WhoAmI failed ($RC)!" 596 # test $KILLSERVERS != no && kill -HUP $KILLPIDS 597 # exit $RC 598 #fi 599 case $RC,$BACKEND in 600 0,null) 601 ;; 602 0,*) 603 echo "WhoAmI should have failed ($RC)!" 604 test $KILLSERVERS != no && kill -HUP $KILLPIDS 605 exit 1 606 ;; 607 51,*) 608 echo "### Hit LDAP_BUSY problem; you may want to re-run the test" 609 ;; 610 *) 611 ;; 612 esac 613 614 test $KILLSERVERS != no && kill -HUP $KILLPIDS 615 616 echo ">>>>> Test succeeded" 617 618 test $KILLSERVERS != no && wait 619 620 exit 0 621
Indexes created Thu Jun 18 00:24:58 UTC 2026