1 1.1 christos #! /bin/sh 2 1.1 christos # $OpenLDAP$ 3 1.1 christos ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 1.1 christos ## 5 1.1 christos ## Copyright 2016-2021 Ondej Kuznk, Symas Corp. 6 1.1.1.2 christos ## Copyright 2021-2024 The OpenLDAP Foundation. 7 1.1 christos ## All rights reserved. 8 1.1 christos ## 9 1.1 christos ## Redistribution and use in source and binary forms, with or without 10 1.1 christos ## modification, are permitted only as authorized by the OpenLDAP 11 1.1 christos ## Public License. 12 1.1 christos ## 13 1.1 christos ## A copy of this license is available in the file LICENSE in the 14 1.1 christos ## top-level directory of the distribution or, alternatively, at 15 1.1 christos ## <http://www.OpenLDAP.org/license.html>. 16 1.1 christos 17 1.1 christos echo "running defines.sh" 18 1.1 christos . $SRCDIR/scripts/defines.sh 19 1.1 christos 20 1.1 christos if test $OTP = otpno; then 21 1.1 christos echo "OTP overlay not available, test skipped" 22 1.1 christos exit 0 23 1.1 christos fi 24 1.1 christos 25 1.1 christos OTP_DATA=$DATADIR/otp/hotp.ldif 26 1.1 christos 27 1.1 christos # OTPs for this token 28 1.1 christos TOKEN_0=818800 29 1.1 christos TOKEN_1=320382 30 1.1 christos TOKEN_2=404533 31 1.1 christos TOKEN_3=127122 32 1.1 christos TOKEN_4=892599 33 1.1 christos TOKEN_5=407030 34 1.1 christos TOKEN_6=880935 35 1.1 christos TOKEN_7=920291 36 1.1 christos TOKEN_8=145192 37 1.1 christos TOKEN_9=316404 38 1.1 christos TOKEN_10=409144 39 1.1 christos 40 1.1 christos # OTPs for the second set of parameters 41 1.1 christos TOKEN_SHA512_11=17544155 42 1.1 christos TOKEN_SHA512_12=48953477 43 1.1 christos 44 1.1 christos mkdir -p $TESTDIR $DBDIR1 45 1.1 christos 46 1.1 christos echo "Running slapadd to build slapd database..." 47 1.1 christos . $CONFFILTER $BACKEND < $CONF > $ADDCONF 48 1.1 christos $SLAPADD -f $ADDCONF -l $LDIFORDERED 49 1.1 christos RC=$? 50 1.1 christos if test $RC != 0 ; then 51 1.1 christos echo "slapadd failed ($RC)!" 52 1.1 christos exit $RC 53 1.1 christos fi 54 1.1 christos 55 1.1 christos mkdir $TESTDIR/confdir 56 1.1 christos . $CONFFILTER $BACKEND < $CONF > $CONF1 57 1.1 christos 58 1.1 christos $SLAPPASSWD -g -n >$CONFIGPWF 59 1.1 christos echo "database config" >>$CONF1 60 1.1 christos echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >>$CONF1 61 1.1 christos 62 1.1 christos echo "Starting slapd on TCP/IP port $PORT1..." 63 1.1 christos $SLAPD -f $CONF1 -F $TESTDIR/confdir -h $URI1 -d $LVL > $LOG1 2>&1 & 64 1.1 christos PID=$! 65 1.1 christos if test $WAIT != 0 ; then 66 1.1 christos echo PID $PID 67 1.1 christos read foo 68 1.1 christos fi 69 1.1 christos KILLPIDS="$PID" 70 1.1 christos 71 1.1 christos sleep $SLEEP0 72 1.1 christos 73 1.1 christos for i in 0 1 2 3 4 5; do 74 1.1 christos $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 75 1.1 christos 'objectclass=*' > /dev/null 2>&1 76 1.1 christos RC=$? 77 1.1 christos if test $RC = 0 ; then 78 1.1 christos break 79 1.1 christos fi 80 1.1 christos echo "Waiting ${SLEEP1} seconds for slapd to start..." 81 1.1 christos sleep ${SLEEP1} 82 1.1 christos done 83 1.1 christos 84 1.1 christos if [ "$OTP" = otpmod ]; then 85 1.1 christos $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF \ 86 1.1 christos >> $TESTOUT 2>&1 <<EOMOD 87 1.1 christos dn: cn=module,cn=config 88 1.1 christos objectClass: olcModuleList 89 1.1 christos cn: module 90 1.1 christos olcModulePath: $TESTWD/../servers/slapd/overlays 91 1.1 christos olcModuleLoad: otp.la 92 1.1 christos EOMOD 93 1.1 christos RC=$? 94 1.1 christos if test $RC != 0 ; then 95 1.1 christos echo "ldapmodify failed ($RC)!" 96 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 97 1.1 christos exit $RC 98 1.1 christos fi 99 1.1 christos fi 100 1.1 christos 101 1.1 christos echo "Loading test otp configuration..." 102 1.1 christos $LDAPMODIFY -v -D cn=config -H $URI1 -y $CONFIGPWF \ 103 1.1 christos >> $TESTOUT 2>&1 <<EOMOD 104 1.1 christos dn: olcOverlay={0}otp,olcDatabase={1}$BACKEND,cn=config 105 1.1 christos changetype: add 106 1.1 christos objectClass: olcOverlayConfig 107 1.1 christos EOMOD 108 1.1 christos RC=$? 109 1.1 christos if test $RC != 0 ; then 110 1.1 christos echo "ldapmodify failed ($RC)!" 111 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 112 1.1 christos exit $RC 113 1.1 christos fi 114 1.1 christos 115 1.1 christos echo "Provisioning tokens and configuration..." 116 1.1 christos $LDAPMODIFY -D "$MANAGERDN" -H $URI1 -w $PASSWD \ 117 1.1 christos >> $TESTOUT 2>&1 < $OTP_DATA 118 1.1 christos RC=$? 119 1.1 christos if test $RC != 0 ; then 120 1.1 christos echo "ldapmodify failed ($RC)!" 121 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 122 1.1 christos exit $RC 123 1.1 christos fi 124 1.1 christos 125 1.1 christos 126 1.1 christos echo "Authentication tests:" 127 1.1 christos echo "\ttoken that's not valid yet..." 128 1.1 christos $LDAPWHOAMI -D "$BABSDN" -H $URI1 -w "bjensen$TOKEN_10" \ 129 1.1 christos >> $TESTOUT 2>&1 130 1.1 christos RC=$? 131 1.1 christos if test $RC != 49 ; then 132 1.1 christos echo "ldapwhoami should have failed ($RC)!" 133 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 134 1.1 christos exit $RC 135 1.1 christos fi 136 1.1 christos 137 1.1 christos echo "\ta valid and expected token..." 138 1.1 christos $LDAPWHOAMI -D "$BABSDN" -H $URI1 -w "bjensen$TOKEN_4" \ 139 1.1 christos >> $TESTOUT 2>&1 140 1.1 christos RC=$? 141 1.1 christos if test $RC != 0 ; then 142 1.1 christos echo "ldapwhoami failed ($RC)!" 143 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 144 1.1 christos exit $RC 145 1.1 christos fi 146 1.1 christos 147 1.1 christos echo "\ta valid token skipping some..." 148 1.1 christos $LDAPWHOAMI -D "$BABSDN" -H $URI1 -w "bjensen$TOKEN_6" \ 149 1.1 christos >> $TESTOUT 2>&1 150 1.1 christos RC=$? 151 1.1 christos if test $RC != 0 ; then 152 1.1 christos echo "ldapwhoami failed ($RC)!" 153 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 154 1.1 christos exit $RC 155 1.1 christos fi 156 1.1 christos 157 1.1 christos echo "\treusing the same token..." 158 1.1 christos $LDAPWHOAMI -D "$BABSDN" -H $URI1 -w "bjensen$TOKEN_6" \ 159 1.1 christos >> $TESTOUT 2>&1 160 1.1 christos RC=$? 161 1.1 christos if test $RC != 49 ; then 162 1.1 christos echo "ldapwhoami should have failed ($RC)!" 163 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 164 1.1 christos exit $RC 165 1.1 christos fi 166 1.1 christos 167 1.1 christos echo "\tanother account sharing the same token..." 168 1.1 christos $LDAPWHOAMI -D "$BJORNSDN" -H $URI1 -w "bjorn$TOKEN_7" \ 169 1.1 christos >> $TESTOUT 2>&1 170 1.1 christos RC=$? 171 1.1 christos if test $RC != 0 ; then 172 1.1 christos echo "ldapwhoami failed ($RC)!" 173 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 174 1.1 christos exit $RC 175 1.1 christos fi 176 1.1 christos 177 1.1 christos echo "\ttrying an old token..." 178 1.1 christos $LDAPWHOAMI -D "$BJORNSDN" -H $URI1 -w "bjorn$TOKEN_5" \ 179 1.1 christos >> $TESTOUT 2>&1 180 1.1 christos RC=$? 181 1.1 christos if test $RC != 49 ; then 182 1.1 christos echo "ldapwhoami should have failed ($RC)!" 183 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 184 1.1 christos exit $RC 185 1.1 christos fi 186 1.1 christos 187 1.1 christos echo "\tright token, wrong password..." 188 1.1 christos $LDAPWHOAMI -D "$BJORNSDN" -H $URI1 -w "bjensen$TOKEN_8" \ 189 1.1 christos >> $TESTOUT 2>&1 190 1.1 christos RC=$? 191 1.1 christos if test $RC != 49 ; then 192 1.1 christos echo "ldapwhoami should have failed ($RC)!" 193 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 194 1.1 christos exit $RC 195 1.1 christos fi 196 1.1 christos 197 1.1 christos echo "\tmaking sure previous token has been retired too..." 198 1.1 christos $LDAPWHOAMI -D "$BJORNSDN" -H $URI1 -w "bjorn$TOKEN_8" \ 199 1.1 christos >> $TESTOUT 2>&1 200 1.1 christos RC=$? 201 1.1 christos if test $RC != 49 ; then 202 1.1 christos echo "ldapwhoami should have failed ($RC)!" 203 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 204 1.1 christos exit $RC 205 1.1 christos fi 206 1.1 christos 207 1.1 christos echo "\tthe first token we tested that's just become valid..." 208 1.1 christos $LDAPWHOAMI -D "$BABSDN" -H $URI1 -w "bjensen$TOKEN_10" \ 209 1.1 christos >> $TESTOUT 2>&1 210 1.1 christos RC=$? 211 1.1 christos if test $RC != 0 ; then 212 1.1 christos echo "ldapwhoami failed ($RC)!" 213 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 214 1.1 christos exit $RC 215 1.1 christos fi 216 1.1 christos 217 1.1 christos echo "Reconfiguring token parameters..." 218 1.1 christos $LDAPMODIFY -D "$MANAGERDN" -H $URI1 -w $PASSWD \ 219 1.1 christos >/dev/null 2>&1 << EOMODS 220 1.1 christos dn: ou=Information Technology Division,ou=People,dc=example,dc=com 221 1.1 christos changetype: modify 222 1.1 christos replace: oathHOTPParams 223 1.1 christos oathHOTPParams: ou=Alumni Association,ou=People,dc=example,dc=com 224 1.1 christos EOMODS 225 1.1 christos RC=$? 226 1.1 christos if test $RC != 0 ; then 227 1.1 christos echo "ldapmodify failed ($RC)!" 228 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 229 1.1 christos exit $RC 230 1.1 christos fi 231 1.1 christos 232 1.1 christos echo "A new round of tests:" 233 1.1 christos 234 1.1 christos echo "\ta long token that's not valid yet..." 235 1.1 christos $LDAPWHOAMI -D "$BABSDN" -H $URI1 -w "bjensen$TOKEN_SHA512_12" \ 236 1.1 christos >> $TESTOUT 2>&1 237 1.1 christos RC=$? 238 1.1 christos if test $RC != 49 ; then 239 1.1 christos echo "ldapwhoami should have failed ($RC)!" 240 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 241 1.1 christos exit $RC 242 1.1 christos fi 243 1.1 christos 244 1.1 christos echo "\ta valid and expected token..." 245 1.1 christos $LDAPWHOAMI -D "$BABSDN" -H $URI1 -w "bjensen$TOKEN_SHA512_11" \ 246 1.1 christos >> $TESTOUT 2>&1 247 1.1 christos RC=$? 248 1.1 christos if test $RC != 0 ; then 249 1.1 christos echo "ldapwhoami failed ($RC)!" 250 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 251 1.1 christos exit $RC 252 1.1 christos fi 253 1.1 christos 254 1.1 christos echo "\tthe previous long token that's just become valid..." 255 1.1 christos $LDAPWHOAMI -D "$BABSDN" -H $URI1 -w "bjensen$TOKEN_SHA512_12" \ 256 1.1 christos >> $TESTOUT 2>&1 257 1.1 christos RC=$? 258 1.1 christos if test $RC != 0 ; then 259 1.1 christos echo "ldapwhoami failed ($RC)!" 260 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 261 1.1 christos exit $RC 262 1.1 christos fi 263 1.1 christos 264 1.1 christos echo "Retrieving token status..." 265 1.1 christos $LDAPSEARCH -b "ou=Information Technology Division,ou=People,dc=example,dc=com" \ 266 1.1 christos -H $URI1 objectclass=oathHOTPToken '@oathHOTPToken' \ 267 1.1 christos >> $SEARCHOUT 2>&1 268 1.1 christos RC=$? 269 1.1 christos if test $RC != 0 ; then 270 1.1 christos echo "ldapsearch failed ($RC)!" 271 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 272 1.1 christos exit $RC 273 1.1 christos fi 274 1.1 christos 275 1.1 christos test $KILLSERVERS != no && kill -HUP $KILLPIDS 276 1.1 christos 277 1.1 christos LDIF=$DATADIR/otp/test001-out.ldif 278 1.1 christos 279 1.1 christos echo "Filtering ldapsearch results..." 280 1.1 christos $LDIFFILTER < $SEARCHOUT > $SEARCHFLT 281 1.1 christos echo "Filtering ldif with expected data..." 282 1.1 christos $LDIFFILTER < $LDIF > $LDIFFLT 283 1.1 christos echo "Comparing filter output..." 284 1.1 christos $CMP $SEARCHFLT $LDIFFLT > $CMPOUT 285 1.1 christos 286 1.1 christos if test $? != 0 ; then 287 1.1 christos echo "Comparison failed" 288 1.1 christos exit 1 289 1.1 christos fi 290 1.1 christos 291 1.1 christos echo ">>>>> Test succeeded" 292 1.1 christos 293 1.1 christos test $KILLSERVERS != no && wait 294 1.1 christos 295 1.1 christos exit 0 296
Indexes created Mon Apr 27 00:23:16 UTC 2026