1 1.1 christos #! /bin/sh 2 1.1 christos # $OpenLDAP$ 3 1.1 christos ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 1.1 christos ## 5 1.1.1.2 christos ## Copyright 1998-2024 The OpenLDAP Foundation. 6 1.1 christos ## All rights reserved. 7 1.1 christos ## 8 1.1 christos ## Redistribution and use in source and binary forms, with or without 9 1.1 christos ## modification, are permitted only as authorized by the OpenLDAP 10 1.1 christos ## Public License. 11 1.1 christos ## 12 1.1 christos ## A copy of this license is available in the file LICENSE in the 13 1.1 christos ## top-level directory of the distribution or, alternatively, at 14 1.1 christos ## <http://www.OpenLDAP.org/license.html>. 15 1.1 christos 16 1.1 christos echo "running defines.sh" 17 1.1 christos . $SRCDIR/scripts/defines.sh 18 1.1 christos 19 1.1 christos if test $BACKLDAP = "ldapno" ; then 20 1.1 christos echo "LDAP backend not available, test skipped" 21 1.1 christos exit 0 22 1.1 christos fi 23 1.1 christos if test $RWM = "rwmno" ; then 24 1.1 christos echo "rwm (rewrite/remap) overlay not available, test skipped" 25 1.1 christos exit 0 26 1.1 christos fi 27 1.1 christos 28 1.1 christos mkdir -p $TESTDIR $DBDIR1 $DBDIR2 29 1.1 christos $SLAPPASSWD -g -n >$CONFIGPWF 30 1.1 christos 31 1.1 christos # 32 1.1 christos # Start slapd that acts as a remote LDAP server that will be proxied 33 1.1 christos # 34 1.1 christos echo "Running slapadd to build database for the remote slapd server..." 35 1.1 christos . $CONFFILTER $BACKEND < $CONF > $CONF1 36 1.1 christos $SLAPADD -f $CONF1 -l $LDIFORDERED 37 1.1 christos RC=$? 38 1.1 christos if test $RC != 0 ; then 39 1.1 christos echo "slapadd failed ($RC)!" 40 1.1 christos exit $RC 41 1.1 christos fi 42 1.1 christos 43 1.1 christos echo "Starting remote slapd server on TCP/IP port $PORT1..." 44 1.1 christos $SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & 45 1.1 christos SERVERPID=$! 46 1.1 christos if test $WAIT != 0 ; then 47 1.1 christos echo SERVERPID $SERVERPID 48 1.1 christos read foo 49 1.1 christos fi 50 1.1 christos 51 1.1 christos echo "Using ldapsearch to check that slapd is running..." 52 1.1 christos for i in 0 1 2 3 4 5; do 53 1.1 christos $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 54 1.1 christos 'objectclass=*' > /dev/null 2>&1 55 1.1 christos RC=$? 56 1.1 christos if test $RC = 0 ; then 57 1.1 christos break 58 1.1 christos fi 59 1.1 christos echo "Waiting $SLEEP1 seconds for slapd to start..." 60 1.1 christos sleep $SLEEP1 61 1.1 christos done 62 1.1 christos 63 1.1 christos if test $RC != 0 ; then 64 1.1 christos echo "ldapsearch failed ($RC)!" 65 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 66 1.1 christos exit $RC 67 1.1 christos fi 68 1.1 christos 69 1.1 christos # 70 1.1 christos # Start ldapd that will proxy for the remote server 71 1.1 christos # 72 1.1 christos # Proxy is configured with two slapd-ldap backends: 73 1.1 christos # - one with idle timeout set: dc=idle-timeout,$BASED 74 1.1 christos # - one with connection TTL set: dc=conn-ttl,$BASEDN 75 1.1 christos # 76 1.1 christos echo "Starting slapd proxy on TCP/IP port $PORT2..." 77 1.1 christos . $CONFFILTER $BACKEND < $DATADIR/slapd-proxytimeout.conf > $CONF2 78 1.1 christos $SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & 79 1.1 christos PROXYPID=$! 80 1.1 christos if test $WAIT != 0 ; then 81 1.1 christos echo PROXYPID $PROXYPID 82 1.1 christos read foo 83 1.1 christos fi 84 1.1 christos 85 1.1 christos KILLPIDS="$SERVERPID $PROXYPID" 86 1.1 christos 87 1.1 christos echo "Using ldapsearch to check that slapd is running..." 88 1.1 christos for i in 0 1 2 3 4 5; do 89 1.1 christos $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ 90 1.1 christos 'objectclass=*' > /dev/null 2>&1 91 1.1 christos RC=$? 92 1.1 christos if test $RC = 0 ; then 93 1.1 christos break 94 1.1 christos fi 95 1.1 christos echo "Waiting $SLEEP1 seconds for slapd to start..." 96 1.1 christos sleep $SLEEP1 97 1.1 christos done 98 1.1 christos 99 1.1 christos if test $RC != 0 ; then 100 1.1 christos echo "ldapsearch failed ($RC)!" 101 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 102 1.1 christos exit $RC 103 1.1 christos fi 104 1.1 christos 105 1.1 christos ############################################################################## 106 1.1 christos # 107 1.1 christos # Test 1: Test that shared connections are timed out 108 1.1 christos # 109 1.1 christos 110 1.1 christos CONN_BEGINS=`date +%s` 111 1.1 christos CONN_EXPIRES=`expr $CONN_BEGINS + $TIMEOUT` 112 1.1 christos echo "Create shared connection towards remote LDAP (time_t now=$CONN_BEGINS timeout=$CONN_EXPIRES)" 113 1.1 christos 114 1.1 christos $LDAPSEARCH -b "dc=idle-timeout,$BASEDN" \ 115 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 116 1.1 christos -H $URI2 \ 117 1.1 christos -w $PASSWD \ 118 1.1 christos 'objectclass=*' > $TESTOUT 2>&1 119 1.1 christos RC=$? 120 1.1 christos if test $RC != 0 ; then 121 1.1 christos echo "ldapsearch failed for base: dc=idle-timeout,$BASEDN ($RC)!" 122 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 123 1.1 christos exit $RC 124 1.1 christos fi 125 1.1 christos 126 1.1 christos $LDAPSEARCH -b "dc=conn-ttl,$BASEDN" \ 127 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 128 1.1 christos -H $URI2 \ 129 1.1 christos -w $PASSWD \ 130 1.1 christos 'objectclass=*' >> $TESTOUT 2>&1 131 1.1 christos RC=$? 132 1.1 christos if test $RC != 0 ; then 133 1.1 christos echo "ldapsearch failed for base: dc=conn-ttl,$BASEDN ($RC)!" 134 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 135 1.1 christos exit $RC 136 1.1 christos fi 137 1.1 christos 138 1.1 christos # Check that connections are established by searching for olmDbConnURI from Monitor 139 1.1 christos 140 1.1 christos echo "Checking that proxy has created connections towards backend (time_t now=`date +%s`)" 141 1.1 christos 142 1.1.1.2 christos $LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \ 143 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 144 1.1.1.2 christos -H $URI2 -w $PASSWD olmDbConnURI 2>&1 | \ 145 1.1.1.2 christos tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null 146 1.1 christos RC=$? 147 1.1 christos if test $RC != 0 ; then 148 1.1 christos echo "Error: LDAP connection to remote LDAP server is not found ($RC)" 149 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 150 1.1 christos exit $RC 151 1.1 christos fi 152 1.1 christos 153 1.1.1.2 christos $LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL \ 154 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 155 1.1.1.2 christos -H $URI2 -w $PASSWD olmDbConnURI 2>&1 | \ 156 1.1.1.2 christos tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null 157 1.1 christos RC=$? 158 1.1 christos if test $RC != 0 ; then 159 1.1 christos echo "Error: LDAP connection to remote LDAP server is not found ($RC)" 160 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 161 1.1 christos exit $RC 162 1.1 christos fi 163 1.1 christos 164 1.1 christos # Wait for connections to be closed, either due to 165 1.1 christos # - idle-timeout and 166 1.1 christos # - conn-ttl 167 1.1 christos # sleep 2 second overtime for robustness of the test case 168 1.1 christos echo "Sleeping until idle-timeout and conn-ttl have passed" 169 1.1 christos NOW=`date +%s` 170 1.1 christos sleep `expr $CONN_EXPIRES - $NOW + 2` 171 1.1 christos 172 1.1 christos echo "Checking that proxy has closed expired connections towards the remote LDAP server (time_t now=`date +%s`)" 173 1.1 christos 174 1.1.1.2 christos $LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \ 175 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 176 1.1.1.2 christos -H $URI2 -w $PASSWD olmDbConnURI 2>&1 | \ 177 1.1.1.2 christos tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null 178 1.1 christos RC=$? 179 1.1 christos if test $RC != 1 ; then 180 1.1 christos echo "Error: LDAP connection to remote LDAP server was not closed" 181 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 182 1.1 christos exit $RC 183 1.1 christos fi 184 1.1 christos 185 1.1.1.2 christos $LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL \ 186 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 187 1.1.1.2 christos -H $URI2 -w $PASSWD olmDbConnURI 2>&1 | \ 188 1.1.1.2 christos tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null 189 1.1 christos RC=$? 190 1.1 christos if test $RC != 1 ; then 191 1.1 christos echo "Error: LDAP connection to remote LDAP server was not closed" 192 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 193 1.1 christos exit $RC 194 1.1 christos fi 195 1.1 christos 196 1.1 christos 197 1.1 christos ############################################################################## 198 1.1 christos # 199 1.1 christos # Test 2: Test that private connections are timed out 200 1.1 christos # 201 1.1 christos 202 1.1 christos CONN_BEGINS=`date +%s` 203 1.1 christos CONN_EXPIRES=`expr $CONN_BEGINS + $TIMEOUT` 204 1.1 christos echo "Create private connection towards remote LDAP (time_t now=$CONN_BEGINS timeout=$CONN_EXPIRES)" 205 1.1 christos 206 1.1 christos # Create fifos that are used to pass searches from the test case to ldapsearch 207 1.1 christos rm -f $TESTDIR/ldapsearch1.fifo $TESTDIR/ldapsearch2.fifo 208 1.1 christos mkfifo $TESTDIR/ldapsearch1.fifo $TESTDIR/ldapsearch2.fifo 209 1.1 christos 210 1.1 christos # Execute ldapsearch on background and have it read searches from the fifo 211 1.1 christos $LDAPSEARCH -b "dc=idle-timeout,$BASEDN" \ 212 1.1 christos -D "cn=Barbara Jensen,ou=Information Technology Division,dc=idle-timeout,$BASEDN" \ 213 1.1 christos -H $URI2 \ 214 1.1 christos -w "bjensen" \ 215 1.1 christos -f $TESTDIR/ldapsearch1.fifo >> $TESTOUT 2>&1 & 216 1.1 christos LDAPSEARCHPIDS=$! 217 1.1 christos 218 1.1 christos $LDAPSEARCH -b "dc=conn-ttl,$BASEDN" \ 219 1.1 christos -D "cn=Barbara Jensen,ou=Information Technology Division,dc=conn-ttl,$BASEDN" \ 220 1.1 christos -H $URI2 \ 221 1.1 christos -w "bjensen" \ 222 1.1 christos -f $TESTDIR/ldapsearch2.fifo >> $TESTOUT 2>&1 & 223 1.1 christos LDAPSEARCHPIDS="$LDAPSEARCHPIDS $!" 224 1.1 christos 225 1.1 christos # Open fifos as file descriptor 226 1.1 christos exec 3>$TESTDIR/ldapsearch1.fifo 227 1.1 christos exec 4>$TESTDIR/ldapsearch2.fifo 228 1.1 christos 229 1.1 christos # Trigger LDAP connections towards the proxy by executing a search 230 1.1 christos echo 'objectclass=*' >&3 231 1.1 christos echo 'objectclass=*' >&4 232 1.1 christos 233 1.1 christos # wait for ldapsearches (running as background processes) to execute search operations 234 1.1 christos sleep 2 235 1.1 christos 236 1.1 christos echo "Checking that proxy has created connections towards backend (time_t now=`date +%s`)" 237 1.1 christos 238 1.1.1.2 christos $LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \ 239 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 240 1.1.1.2 christos -H $URI2 -w $PASSWD olmDbConnURI 2>&1 | \ 241 1.1.1.2 christos tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null 242 1.1 christos RC=$? 243 1.1 christos if test $RC != 0 ; then 244 1.1 christos echo "Error: LDAP connection to remote LDAP server is not found ($RC)" 245 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS $LDAPSEARCHPIDS 246 1.1 christos exit $RC 247 1.1 christos fi 248 1.1 christos 249 1.1.1.2 christos $LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL \ 250 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 251 1.1.1.2 christos -H $URI2 -w $PASSWD olmDbConnURI 2>&1 | \ 252 1.1.1.2 christos tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null 253 1.1 christos RC=$? 254 1.1 christos if test $RC != 0 ; then 255 1.1 christos echo "Error: LDAP connection to remote LDAP server is not found ($RC)" 256 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS $LDAPSEARCHPIDS 257 1.1 christos exit $RC 258 1.1 christos fi 259 1.1 christos 260 1.1 christos # Wait for connections to be closed, either due to 261 1.1 christos # - idle-timeout and 262 1.1 christos # - conn-ttl 263 1.1 christos # sleep 2 second overtime for robustness of the test case 264 1.1 christos echo "Sleeping until idle-timeout and conn-ttl have passed" 265 1.1 christos NOW=`date +%s` 266 1.1 christos sleep `expr $CONN_EXPIRES - $NOW + 2` 267 1.1 christos 268 1.1 christos echo "Checking that proxy has closed expired connections towards the remote LDAP server (time_t now=`date +%s`)" 269 1.1 christos 270 1.1.1.2 christos $LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \ 271 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 272 1.1.1.2 christos -H $URI2 -w $PASSWD olmDbConnURI 2>&1 | \ 273 1.1.1.2 christos tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null 274 1.1 christos RC=$? 275 1.1 christos if test $RC != 1 ; then 276 1.1 christos echo "Error: LDAP connection to remote LDAP server was not closed" 277 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS $LDAPSEARCHPIDS 278 1.1 christos exit $RC 279 1.1 christos fi 280 1.1 christos 281 1.1.1.2 christos $LDAPSEARCH -b "cn=Connections,cn=database 3,cn=databases,cn=monitor" -s one -LLL \ 282 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 283 1.1.1.2 christos -H $URI2 -w $PASSWD olmDbConnURI 2>&1 | \ 284 1.1.1.2 christos tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null 285 1.1 christos RC=$? 286 1.1 christos if test $RC != 1 ; then 287 1.1 christos echo "Error: LDAP connection to remote LDAP server was not closed" 288 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS $LDAPSEARCHPIDS 289 1.1 christos exit $RC 290 1.1 christos fi 291 1.1 christos 292 1.1 christos # Close the file descriptors associated with the fifos. 293 1.1 christos # This will trigger EOF to ldapsearch which will cause it to exit. 294 1.1 christos exec 3>&- 295 1.1 christos exec 4>&- 296 1.1 christos 297 1.1 christos 298 1.1 christos ############################################################################## 299 1.1 christos # 300 1.1 christos # Test 3: Check that idle-timeout is reset on activity 301 1.1 christos # 302 1.1 christos 303 1.1 christos echo "Checking that idle-timeout is reset on activity" 304 1.1 christos CONN_BEGINS=`date +%s` 305 1.1 christos CONN_EXPIRES=`expr $CONN_BEGINS + $TIMEOUT` 306 1.1 christos echo "Create cached connection: idle-timeout timeout starts (time_t now=$CONN_BEGINS, original_timeout=$CONN_EXPIRES)" 307 1.1 christos $LDAPSEARCH -b "dc=idle-timeout,$BASEDN" \ 308 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 309 1.1 christos -H $URI2 \ 310 1.1 christos -w $PASSWD \ 311 1.1 christos 'objectclass=*' >> $TESTOUT 2>&1 312 1.1 christos RC=$? 313 1.1 christos if test $RC != 0 ; then 314 1.1 christos echo "ldapsearch failed for base: dc=idle-timeout,$BASEDN ($RC)!" 315 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 316 1.1 christos exit $RC 317 1.1 christos fi 318 1.1 christos 319 1.1 christos # sleep until 2 seconds before idle-timeout, then extend the timeout by executing another search operation 320 1.1 christos NOW=`date +%s` 321 1.1 christos sleep `expr $CONN_EXPIRES - $NOW - 2` 322 1.1 christos 323 1.1 christos CONN_BEGINS=`date +%s` 324 1.1 christos CONN_EXPIRES=`expr $CONN_BEGINS + $TIMEOUT` 325 1.1 christos echo "Do another search to reset the timeout (time_t now=$CONN_BEGINS, new_timeout=$CONN_EXPIRES)" 326 1.1 christos $LDAPSEARCH -b "dc=idle-timeout,$BASEDN" \ 327 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 328 1.1 christos -H $URI2 \ 329 1.1 christos -w $PASSWD \ 330 1.1 christos 'objectclass=*' >> $TESTOUT 2>&1 331 1.1 christos RC=$? 332 1.1 christos if test $RC != 0 ; then 333 1.1 christos echo "ldapsearch failed for base: dc=idle-timeout,$BASEDN ($RC)!" 334 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 335 1.1 christos exit $RC 336 1.1 christos fi 337 1.1 christos 338 1.1 christos # sleep until 2 seconds before new extended idle-timeout, check that connection still exist 339 1.1 christos NOW=`date +%s` 340 1.1 christos sleep `expr $CONN_EXPIRES - $NOW - 2` 341 1.1 christos echo "Check that connection is still alive due to idle-timeout reset (time_t now=`date +%s`)" 342 1.1.1.2 christos $LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \ 343 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 344 1.1.1.2 christos -H $URI2 -w $PASSWD olmDbConnURI 2>&1 | \ 345 1.1.1.2 christos tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null 346 1.1 christos RC=$? 347 1.1 christos if test $RC != 0 ; then 348 1.1 christos echo "Error: LDAP connection to remote LDAP server is not found ($RC)" 349 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 350 1.1 christos exit $RC 351 1.1 christos fi 352 1.1 christos 353 1.1 christos # sleep until 2 seconds after timeout, check that connection does not exist 354 1.1 christos NOW=`date +%s` 355 1.1 christos sleep `expr $CONN_EXPIRES - $NOW + 2` 356 1.1 christos echo "Check that connection is closed after extended idle-timeout has passed (time_t now=`date +%s`)" 357 1.1.1.2 christos $LDAPSEARCH -b "cn=Connections,cn=database 2,cn=databases,cn=monitor" -s one -LLL \ 358 1.1 christos -D "cn=Manager,dc=local,dc=com" \ 359 1.1.1.2 christos -H $URI2 -w $PASSWD olmDbConnURI 2>&1 | \ 360 1.1.1.2 christos tee -a $TESTOUT | grep ldap://${LOCALHOST}:$PORT1 >/dev/null 361 1.1 christos RC=$? 362 1.1 christos if test $RC != 1 ; then 363 1.1 christos echo "Error: LDAP connection to remote LDAP server was not closed" 364 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 365 1.1 christos exit $RC 366 1.1 christos fi 367 1.1 christos 368 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 369 1.1 christos 370 1.1 christos echo ">>>>> Test succeeded" 371 1.1 christos 372 1.1 christos test $KILLSERVERS != no && wait 373 1.1 christos 374 1.1 christos exit 0 375
Indexes created Wed Apr 29 00:23:26 UTC 2026