1 #! /bin/sh 2 # $OpenLDAP$ 3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 ## 5 ## Copyright 2016-2021 Ondej Kuznk, Symas Corp. 6 ## Copyright 1998-2024 The OpenLDAP Foundation. 7 ## All rights reserved. 8 ## 9 ## Redistribution and use in source and binary forms, with or without 10 ## modification, are permitted only as authorized by the OpenLDAP 11 ## Public License. 12 ## 13 ## A copy of this license is available in the file LICENSE in the 14 ## top-level directory of the distribution or, alternatively, at 15 ## <http://www.OpenLDAP.org/license.html>. 16 17 echo "running defines.sh" 18 . $SRCDIR/scripts/defines.sh 19 20 if test $WITH_TLS = no ; then 21 echo "TLS support not available, test skipped" 22 exit 0 23 fi 24 25 if test $REMOTEAUTH = remoteauthno; then 26 echo "RemoteAuth overlay not available, test skipped" 27 exit 0 28 fi 29 30 mkdir -p $TESTDIR $DBDIR1 $DBDIR2 $TESTDIR/confdir 31 cp -r $DATADIR/tls $TESTDIR 32 33 . $CONFFILTER < $DATADIR/remoteauth/default_domain > $TESTDIR/default_domain 34 35 . $CONFFILTER $BACKEND < $TLSCONF > $CONF1 36 37 $SLAPPASSWD -g -n >$CONFIGPWF 38 echo "database config" >>$CONF1 39 echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >>$CONF1 40 echo "TLSCACertificateFile $TESTDIR/tls/ca/certs/testsuiteCA.crt" >>$CONF1 41 42 $SLAPD -Tt -n 0 -f $CONF1 -F $TESTDIR/confdir -d $LVL > $LOG1 2>&1 43 RC=$? 44 if test $RC != 0 ; then 45 echo "slaptest failed ($RC)!" 46 exit $RC 47 fi 48 49 echo -n "Running slapadd to build slapd database... " 50 $SLAPADD -F $TESTDIR/confdir -l $LDIFORDERED 51 RC=$? 52 if test $RC != 0 ; then 53 echo "slapadd failed ($RC)!" 54 exit $RC 55 fi 56 57 echo "DB tweaks..." 58 $SLAPMODIFY -F $TESTDIR/confdir >>$LOG1 2>&1 <<EOMODS 59 dn: $MELLIOTDN 60 changetype: modify 61 add: o 62 o: self 63 - 64 replace: seeAlso 65 seeAlso: $BJORNSDN 66 67 dn: $JOHNDDN 68 changetype: modify 69 replace: seeAlso 70 seeAlso: $BJORNSDN 71 EOMODS 72 RC=$? 73 if test $RC != 0 ; then 74 echo "slapmodify failed ($RC)!" 75 test $KILLSERVERS != no && kill -HUP $KILLPIDS 76 exit $RC 77 fi 78 79 echo "Starting slapd on TCP/IP port $PORT1 for configuration..." 80 $SLAPD -F $TESTDIR/confdir -h $URI1 -d $LVL >> $LOG1 2>&1 & 81 REMOTEAUTH_PID=$! 82 if test $WAIT != 0 ; then 83 echo REMOTEAUTH_PID $REMOTEAUTH_PID 84 read foo 85 fi 86 KILLPIDS="$REMOTEAUTH_PID" 87 88 sleep $SLEEP0 89 90 for i in 0 1 2 3 4 5; do 91 $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 92 'objectclass=*' > /dev/null 2>&1 93 RC=$? 94 if test $RC = 0 ; then 95 break 96 fi 97 echo "Waiting ${SLEEP1} seconds for slapd to start..." 98 sleep ${SLEEP1} 99 done 100 101 if [ "$REMOTEAUTH" = remoteauthmod ]; then 102 $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF \ 103 >> $TESTOUT 2>&1 <<EOMOD 104 dn: cn=module,cn=config 105 objectClass: olcModuleList 106 cn: module 107 olcModulePath: $TESTWD/../servers/slapd/overlays 108 olcModuleLoad: remoteauth.la 109 EOMOD 110 RC=$? 111 if test $RC != 0 ; then 112 echo "ldapmodify failed ($RC)!" 113 test $KILLSERVERS != no && kill -HUP $KILLPIDS 114 exit $RC 115 fi 116 fi 117 118 echo "Loading test remoteauth configuration..." 119 . $CONFFILTER $BACKEND < $DATADIR/remoteauth/config.ldif | \ 120 $LDAPADD -v -D cn=config -H $URI1 -y $CONFIGPWF \ 121 >> $TESTOUT 2>&1 122 RC=$? 123 if test $RC != 0 ; then 124 echo "ldapadd failed ($RC)!" 125 test $KILLSERVERS != no && kill -HUP $KILLPIDS 126 exit $RC 127 fi 128 129 echo -n "Preparing second server on $URI2 and $SURIP3... " 130 . $CONFFILTER $BACKEND < $TLSCONF | sed -e "s,$DBDIR1,$DBDIR2," > $CONF2 131 132 echo -n "loading data... " 133 $SLAPADD -f $CONF2 -l $LDIFORDERED 134 RC=$? 135 if test $RC != 0 ; then 136 echo "slapadd failed ($RC)!" 137 test $KILLSERVERS != no && kill -HUP $KILLPIDS 138 exit $RC 139 fi 140 141 echo -n "tweaking DB contents... " 142 $SLAPMODIFY -f $CONF2 >>$LOG2 2>&1 <<EOMODS 143 dn: $BJORNSDN 144 changetype: modify 145 replace: userPassword 146 userPassword: bjorn2 147 EOMODS 148 RC=$? 149 if test $RC != 0 ; then 150 echo "slapmodify failed ($RC)!" 151 test $KILLSERVERS != no && kill -HUP $KILLPIDS 152 exit $RC 153 fi 154 155 echo "starting up... " 156 $SLAPD -f $CONF2 -h "$URI2 $SURIP3" -d $LVL > $LOG2 2>&1 & 157 BACKEND_PID=$! 158 if test $WAIT != 0 ; then 159 echo BACKEND_PID $BACKEND_PID 160 read foo 161 fi 162 KILLPIDS="$KILLPIDS $BACKEND_PID" 163 164 for i in 0 1 2 3 4 5; do 165 $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ 166 'objectclass=*' > /dev/null 2>&1 167 RC=$? 168 if test $RC = 0 ; then 169 break 170 fi 171 echo "Waiting ${SLEEP1} seconds for slapd to start..." 172 sleep ${SLEEP1} 173 done 174 175 if test $RC != 0 ; then 176 echo "failed ($RC)!" 177 test $KILLSERVERS != no && kill -HUP $KILLPIDS 178 exit $RC 179 fi 180 181 . $CONFFILTER $BACKEND < $TLSCONF > $CONF1 182 183 echo "TLSCACertificateFile $TESTDIR/tls/ca/certs/testsuiteCA.crt" >>$CONF1 184 echo "database config" >>$CONF1 185 echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >>$CONF1 186 187 # We check basic remoteauth operation and generated configuration in these 188 # circumstances: 189 # 1. configured online through cn=config (what we set up above) 190 # 2. the server from 1. restarted (loading from cn=config on startup) 191 # 3. configured and started through a slapd.conf 192 # 193 # All of the above should present the same behaviour and cn=config output 194 195 echo "Saving generated config before server restart..." 196 echo "# search output from dynamically configured server..." >> $SERVER1OUT 197 $LDAPSEARCH -D cn=config -H $URI1 -y $CONFIGPWF \ 198 -b "olcOverlay={0}remoteauth,olcDatabase={1}$BACKEND,cn=config" \ 199 >> $SERVER1OUT 2>&1 200 RC=$? 201 if test $RC != 0 ; then 202 echo "ldapsearch failed ($RC)!" 203 test $KILLSERVERS != no && kill -HUP $KILLPIDS 204 exit $RC 205 fi 206 207 echo -n "Checking bind handling... " 208 209 $LDAPWHOAMI -H $URI1 -x -D "$BJORNSDN" -w bjorn >/dev/null 210 RC=$? 211 if test $RC != 0 ; then 212 echo "ldapwhoami failed ($RC)!" 213 test $KILLSERVERS != no && kill -HUP $KILLPIDS 214 exit $RC 215 fi 216 echo -n "1 " 217 218 $LDAPWHOAMI -H $URI1 -x -D "$JOHNDDN" -w bjorn2 >/dev/null 219 RC=$? 220 if test $RC != 0 ; then 221 echo "ldapwhoami failed ($RC)!" 222 test $KILLSERVERS != no && kill -HUP $KILLPIDS 223 exit $RC 224 fi 225 echo -n "2 " 226 227 $LDAPWHOAMI -H $URI1 -x -D "$MELLIOTDN" -w bjorn >/dev/null 228 RC=$? 229 if test $RC != 0 ; then 230 echo "ldapwhoami failed ($RC)!" 231 test $KILLSERVERS != no && kill -HUP $KILLPIDS 232 exit $RC 233 fi 234 echo -n "3 " 235 236 echo "ok" 237 238 echo "Stopping slapd on TCP/IP port $PORT1..." 239 kill -HUP $REMOTEAUTH_PID 240 KILLPIDS="$BACKEND_PID" 241 sleep $SLEEP0 242 echo "Starting slapd on TCP/IP port $PORT1..." 243 $SLAPD -F $TESTDIR/confdir -h $URI1 -d $LVL >> $LOG1 2>&1 & 244 REMOTEAUTH_PID=$! 245 if test $WAIT != 0 ; then 246 echo REMOTEAUTH_PID $REMOTEAUTH_PID 247 read foo 248 fi 249 KILLPIDS="$KILLPIDS $REMOTEAUTH_PID" 250 251 sleep $SLEEP0 252 253 for i in 0 1 2 3 4 5; do 254 $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 255 'objectclass=*' > /dev/null 2>&1 256 RC=$? 257 if test $RC = 0 ; then 258 break 259 fi 260 echo "Waiting ${SLEEP1} seconds for slapd to start..." 261 sleep ${SLEEP1} 262 done 263 264 echo "Saving generated config after server restart..." 265 echo "# search output from dynamically configured server after restart..." >> $SERVER2OUT 266 $LDAPSEARCH -D cn=config -H $URI1 -y $CONFIGPWF \ 267 -b "olcOverlay={0}remoteauth,olcDatabase={1}$BACKEND,cn=config" \ 268 >> $SERVER2OUT 2>&1 269 RC=$? 270 if test $RC != 0 ; then 271 echo "ldapsearch failed ($RC)!" 272 test $KILLSERVERS != no && kill -HUP $KILLPIDS 273 exit $RC 274 fi 275 276 echo -n "Checking bind handling... " 277 278 $LDAPWHOAMI -H $URI1 -x -D "$BJORNSDN" -w bjorn >/dev/null 279 RC=$? 280 if test $RC != 0 ; then 281 echo "ldapwhoami failed ($RC)!" 282 test $KILLSERVERS != no && kill -HUP $KILLPIDS 283 exit $RC 284 fi 285 echo -n "1 " 286 287 $LDAPWHOAMI -H $URI1 -x -D "$JOHNDDN" -w bjorn2 >/dev/null 288 RC=$? 289 if test $RC != 0 ; then 290 echo "ldapwhoami failed ($RC)!" 291 test $KILLSERVERS != no && kill -HUP $KILLPIDS 292 exit $RC 293 fi 294 echo -n "2 " 295 296 $LDAPWHOAMI -H $URI1 -x -D "$MELLIOTDN" -w bjorn >/dev/null 297 RC=$? 298 if test $RC != 0 ; then 299 echo "ldapwhoami failed ($RC)!" 300 test $KILLSERVERS != no && kill -HUP $KILLPIDS 301 exit $RC 302 fi 303 echo -n "3 " 304 305 echo "ok" 306 307 echo "Stopping slapd on TCP/IP port $PORT1..." 308 kill -HUP $REMOTEAUTH_PID 309 KILLPIDS="$BACKEND_PID" 310 sleep $SLEEP0 311 312 echo "Testing slapd.conf support..." 313 sed -e "s,database.*monitor,\\ 314 TLSCACertificateFile $TESTDIR/tls/ca/certs/testsuiteCA.crt\\ 315 \\ 316 #remoteauthmod#moduleload ../servers/slapd/overlays/remoteauth.la\\ 317 include $TESTDIR/remoteauth.conf\\ 318 \\ 319 database monitor," $TLSCONF | . $CONFFILTER $BACKEND >$CONF1 320 echo "database config" >>$CONF1 321 echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >>$CONF1 322 323 . $CONFFILTER $BACKEND < $DATADIR/remoteauth/remoteauth.conf >$TESTDIR/remoteauth.conf 324 325 echo "Starting slapd on TCP/IP port $PORT1..." 326 $SLAPD -f $CONF1 -h $URI1 -d $LVL >> $LOG1 2>&1 & 327 REMOTEAUTH_PID=$! 328 if test $WAIT != 0 ; then 329 echo REMOTEAUTH_PID $REMOTEAUTH_PID 330 read foo 331 fi 332 KILLPIDS="$KILLPIDS $REMOTEAUTH_PID" 333 334 sleep $SLEEP0 335 336 for i in 0 1 2 3 4 5; do 337 $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 338 'objectclass=*' > /dev/null 2>&1 339 RC=$? 340 if test $RC = 0 ; then 341 break 342 fi 343 echo "Waiting ${SLEEP1} seconds for slapd to start..." 344 sleep ${SLEEP1} 345 done 346 347 echo "Saving generated config from a slapd.conf sourced server..." 348 echo "# search output from server running from slapd.conf..." >> $SERVER3OUT 349 $LDAPSEARCH -D cn=config -H $URI1 -y $CONFIGPWF \ 350 -b "olcOverlay={0}remoteauth,olcDatabase={1}$BACKEND,cn=config" \ 351 >> $SERVER3OUT 2>&1 352 RC=$? 353 if test $RC != 0 ; then 354 echo "ldapsearch failed ($RC)!" 355 test $KILLSERVERS != no && kill -HUP $KILLPIDS 356 exit $RC 357 fi 358 359 echo -n "Checking bind handling... " 360 361 $LDAPWHOAMI -H $URI1 -x -D "$BJORNSDN" -w bjorn >/dev/null 362 RC=$? 363 if test $RC != 0 ; then 364 echo "ldapwhoami failed ($RC)!" 365 test $KILLSERVERS != no && kill -HUP $KILLPIDS 366 exit $RC 367 fi 368 echo -n "1 " 369 370 $LDAPWHOAMI -H $URI1 -x -D "$JOHNDDN" -w bjorn2 >/dev/null 371 RC=$? 372 if test $RC != 0 ; then 373 echo "ldapwhoami failed ($RC)!" 374 test $KILLSERVERS != no && kill -HUP $KILLPIDS 375 exit $RC 376 fi 377 echo -n "2 " 378 379 $LDAPWHOAMI -H $URI1 -x -D "$MELLIOTDN" -w bjorn >/dev/null 380 RC=$? 381 if test $RC != 0 ; then 382 echo "ldapwhoami failed ($RC)!" 383 test $KILLSERVERS != no && kill -HUP $KILLPIDS 384 exit $RC 385 fi 386 echo -n "3 " 387 388 echo "ok" 389 390 test $KILLSERVERS != no && kill -HUP $KILLPIDS 391 392 # LDIFFILTER doesn't (un)wrap long lines yet, so the result would differ 393 #. $CONFFILTER $BACKEND < $DATADIR/remoteauth/config.ldif \ 394 # | $LDIFFILTER -s a > $SERVER6FLT 395 396 # We've already filtered out the ordering markers, now sort the entries 397 echo "Filtering ldapsearch results..." 398 $LDIFFILTER -s a < $SERVER1OUT > $SERVER1FLT 399 $LDIFFILTER -s a < $SERVER2OUT > $SERVER2FLT 400 $LDIFFILTER -s a < $SERVER3OUT > $SERVER3FLT 401 echo "Filtering expected entries..." 402 403 echo "Comparing filter output..." 404 #$CMP $SERVER6FLT $SERVER1FLT > $CMPOUT && \ 405 $CMP $SERVER1FLT $SERVER2FLT > $CMPOUT && \ 406 $CMP $SERVER2FLT $SERVER3FLT > $CMPOUT 407 408 if test $? != 0 ; then 409 echo "Comparison failed" 410 exit 1 411 fi 412 413 echo ">>>>> Test succeeded" 414 415 test $KILLSERVERS != no && wait 416 417 exit 0 418
Indexes created Tue Jun 16 00:25:01 UTC 2026