12de962bdSlukem#! /bin/sh 2d11b170bStron# $OpenLDAP$ 32de962bdSlukem## This work is part of OpenLDAP Software <http://www.openldap.org/>. 42de962bdSlukem## 5*e670fd5cSchristos## Copyright 1998-2021 The OpenLDAP Foundation. 62de962bdSlukem## All rights reserved. 72de962bdSlukem## 82de962bdSlukem## Redistribution and use in source and binary forms, with or without 92de962bdSlukem## modification, are permitted only as authorized by the OpenLDAP 102de962bdSlukem## Public License. 112de962bdSlukem## 122de962bdSlukem## A copy of this license is available in the file LICENSE in the 132de962bdSlukem## top-level directory of the distribution or, alternatively, at 142de962bdSlukem## <http://www.OpenLDAP.org/license.html>. 152de962bdSlukem 162de962bdSlukemecho "running defines.sh" 172de962bdSlukem. $SRCDIR/scripts/defines.sh 182de962bdSlukem 192de962bdSlukemmkdir -p $TESTDIR $DBDIR1 202de962bdSlukem 212de962bdSlukemecho "Running slapadd to build slapd database..." 22*e670fd5cSchristos. $CONFFILTER $BACKEND < $WHOAMICONF > $ADDCONF 232de962bdSlukem$SLAPADD -f $ADDCONF -l $LDIFWHOAMI 242de962bdSlukemRC=$? 252de962bdSlukemif test $RC != 0 ; then 262de962bdSlukem echo "slapadd failed ($RC)!" 272de962bdSlukem exit $RC 282de962bdSlukemfi 292de962bdSlukem 302de962bdSlukemecho "Starting slapd on TCP/IP port $PORT..." 31*e670fd5cSchristos. $CONFFILTER $BACKEND < $WHOAMICONF > $CONF1 32*e670fd5cSchristos$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & 332de962bdSlukemPID=$! 342de962bdSlukemif test $WAIT != 0 ; then 352de962bdSlukem echo PID $PID 362de962bdSlukem read foo 372de962bdSlukemfi 382de962bdSlukemKILLPIDS="$PID" 392de962bdSlukem 402de962bdSlukemsleep 1 412de962bdSlukem 422de962bdSlukemecho "Using ldapsearch to check that slapd is running..." 432de962bdSlukemfor i in 0 1 2 3 4 5; do 44*e670fd5cSchristos $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 452de962bdSlukem 'objectclass=*' > /dev/null 2>&1 462de962bdSlukem RC=$? 472de962bdSlukem if test $RC = 0 ; then 482de962bdSlukem break 492de962bdSlukem fi 502de962bdSlukem echo "Waiting 5 seconds for slapd to start..." 512de962bdSlukem sleep 5 522de962bdSlukemdone 532de962bdSlukem 542de962bdSlukemecho "Testing ldapwhoami as anonymous..." 55*e670fd5cSchristos$LDAPWHOAMI -H $URI1 562de962bdSlukem 572de962bdSlukemRC=$? 582de962bdSlukemif test $RC != 0 ; then 592de962bdSlukem echo "ldapwhoami failed ($RC)!" 602de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 612de962bdSlukem exit $RC 622de962bdSlukemfi 632de962bdSlukem 642de962bdSlukemecho "Testing ldapwhoami as ${MANAGERDN}..." 65*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$MANAGERDN" -w $PASSWD 662de962bdSlukem 672de962bdSlukemRC=$? 682de962bdSlukemif test $RC != 0 ; then 692de962bdSlukem echo "ldapwhoami failed ($RC)!" 702de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 712de962bdSlukem exit $RC 722de962bdSlukemfi 732de962bdSlukem 742de962bdSlukemecho "Testing ldapwhoami as ${MANAGERDN} for anonymous..." 75*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$MANAGERDN" -w $PASSWD \ 762de962bdSlukem -e \!authzid="" 772de962bdSlukem 782de962bdSlukemRC=$? 792de962bdSlukemif test $RC != 0 ; then 802de962bdSlukem echo "ldapwhoami failed ($RC)!" 812de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 822de962bdSlukem exit $RC 832de962bdSlukemfi 842de962bdSlukem 852de962bdSlukemecho "Testing ldapwhoami as ${MANAGERDN} for dn:$BABSDN..." 86*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$MANAGERDN" -w $PASSWD \ 872de962bdSlukem -e \!authzid="dn:$BABSDN" 882de962bdSlukem 892de962bdSlukemRC=$? 902de962bdSlukemif test $RC != 0 ; then 912de962bdSlukem echo "ldapwhoami failed ($RC)!" 922de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 932de962bdSlukem exit $RC 942de962bdSlukemfi 952de962bdSlukem 962de962bdSlukemecho "Testing ldapwhoami as ${MANAGERDN} for u:uham..." 97*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$MANAGERDN" -w $PASSWD \ 982de962bdSlukem -e \!authzid="u:uham" 992de962bdSlukem 1002de962bdSlukemRC=$? 1012de962bdSlukemif test $RC != 0 ; then 1022de962bdSlukem echo "ldapwhoami failed ($RC)!" 1032de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1042de962bdSlukem exit $RC 1052de962bdSlukemfi 1062de962bdSlukem 1072de962bdSlukem# authzFrom: someone else => bjorn 1082de962bdSlukemecho "Testing authzFrom..." 1092de962bdSlukem 1102de962bdSlukemBINDDN="cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 1112de962bdSlukemBINDPW=bjensen 1122de962bdSlukemAUTHZID="u:bjorn" 1132de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.exact)..." 114*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 1152de962bdSlukem -e \!authzid="$AUTHZID" 1162de962bdSlukem 1172de962bdSlukemRC=$? 1182de962bdSlukemif test $RC != 0 ; then 1192de962bdSlukem echo "ldapwhoami failed ($RC)!" 1202de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1212de962bdSlukem exit $RC 1222de962bdSlukemfi 1232de962bdSlukem 1242de962bdSlukemBINDDN="cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com" 1252de962bdSlukemBINDPW=melliot 1262de962bdSlukemAUTHZID="u:bjorn" 1272de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (u)..." 128*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 1292de962bdSlukem -e \!authzid="$AUTHZID" 1302de962bdSlukem 1312de962bdSlukemRC=$? 1322de962bdSlukemif test $RC != 0 ; then 1332de962bdSlukem echo "ldapwhoami failed ($RC)!" 1342de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1352de962bdSlukem exit $RC 1362de962bdSlukemfi 1372de962bdSlukem 1382de962bdSlukemBINDDN="cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com" 1392de962bdSlukemBINDPW=jen 1402de962bdSlukemAUTHZID="u:bjorn" 1412de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI)..." 142*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 1432de962bdSlukem -e \!authzid="$AUTHZID" 1442de962bdSlukem 1452de962bdSlukemRC=$? 1462de962bdSlukemif test $RC != 0 ; then 1472de962bdSlukem echo "ldapwhoami failed ($RC)!" 1482de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1492de962bdSlukem exit $RC 1502de962bdSlukemfi 1512de962bdSlukem 1522de962bdSlukemBINDDN="cn=James A Jones 2,ou=Information Technology Division,ou=People,dc=example,dc=com" 1532de962bdSlukemBINDPW=jjones 1542de962bdSlukemAUTHZID="u:bjorn" 1552de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (group)..." 156*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 1572de962bdSlukem -e \!authzid="$AUTHZID" 1582de962bdSlukem 1592de962bdSlukemRC=$? 1602de962bdSlukemif test $RC != 0 ; then 1612de962bdSlukem echo "ldapwhoami failed ($RC)!" 1622de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1632de962bdSlukem exit $RC 1642de962bdSlukemfi 1652de962bdSlukem 1662de962bdSlukemBINDDN="cn=No One,ou=Information Technology Division,ou=People,dc=example,dc=com" 1672de962bdSlukemBINDPW=noone 1682de962bdSlukemAUTHZID="u:bjorn" 1692de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.onelevel)..." 170*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 1712de962bdSlukem -e \!authzid="$AUTHZID" 1722de962bdSlukem 1732de962bdSlukemRC=$? 1742de962bdSlukemif test $RC != 0 ; then 1752de962bdSlukem echo "ldapwhoami failed ($RC)!" 1762de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1772de962bdSlukem exit $RC 1782de962bdSlukemfi 1792de962bdSlukem 1802de962bdSlukemBINDDN="cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com" 1812de962bdSlukemBINDPW=dots 1822de962bdSlukemAUTHZID="u:bjorn" 1832de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.regex)..." 184*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 1852de962bdSlukem -e \!authzid="$AUTHZID" 1862de962bdSlukem 1872de962bdSlukemRC=$? 1882de962bdSlukemif test $RC != 0 ; then 1892de962bdSlukem echo "ldapwhoami failed ($RC)!" 1902de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1912de962bdSlukem exit $RC 1922de962bdSlukemfi 1932de962bdSlukem 1942de962bdSlukemBINDDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com" 1952de962bdSlukemBINDPW=jaj 1962de962bdSlukemAUTHZID="u:bjorn" 1972de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.children)..." 198*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 1992de962bdSlukem -e \!authzid="$AUTHZID" 2002de962bdSlukem 2012de962bdSlukemRC=$? 2022de962bdSlukemif test $RC != 0 ; then 2032de962bdSlukem echo "ldapwhoami failed ($RC)!" 2042de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2052de962bdSlukem exit $RC 2062de962bdSlukemfi 2072de962bdSlukem 2082de962bdSlukemBINDDN="cn=ITD Staff,ou=Groups,dc=example,dc=com" 2092de962bdSlukemBINDPW=ITD 2102de962bdSlukemAUTHZID="u:bjorn" 2112de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.subtree)..." 212*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 2132de962bdSlukem -e \!authzid="$AUTHZID" 2142de962bdSlukem 2152de962bdSlukemRC=$? 2162de962bdSlukemif test $RC != 0 ; then 2172de962bdSlukem echo "ldapwhoami failed ($RC)!" 2182de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2192de962bdSlukem exit $RC 2202de962bdSlukemfi 2212de962bdSlukem 2222de962bdSlukemBINDDN="cn=Should Fail,dc=example,dc=com" 2232de962bdSlukemBINDPW=fail 2242de962bdSlukemAUTHZID="u:bjorn" 2252de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..." 226*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 2272de962bdSlukem -e \!authzid="$AUTHZID" 2282de962bdSlukem 2292de962bdSlukemRC=$? 2302de962bdSlukemcase $RC in 2312de962bdSlukem1) 2322de962bdSlukem ;; 2332de962bdSlukem0) 2342de962bdSlukem echo "ldapwhoami should have failed ($RC)!" 2352de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2362de962bdSlukem exit -1 2372de962bdSlukem ;; 2382de962bdSlukem*) 2392de962bdSlukem echo "ldapwhoami failed ($RC)!" 2402de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2412de962bdSlukem exit $RC 2422de962bdSlukem ;; 2432de962bdSlukemesac 2442de962bdSlukem 2452de962bdSlukemBINDDN="cn=Must Fail,dc=example,dc=com" 2462de962bdSlukemBINDPW=fail 2472de962bdSlukemAUTHZID="u:bjorn" 2482de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..." 249*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 2502de962bdSlukem -e \!authzid="$AUTHZID" 2512de962bdSlukem 2522de962bdSlukemRC=$? 2532de962bdSlukemcase $RC in 2542de962bdSlukem1) 2552de962bdSlukem ;; 2562de962bdSlukem0) 2572de962bdSlukem echo "ldapwhoami should have failed ($RC)!" 2582de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2592de962bdSlukem exit -1 2602de962bdSlukem ;; 2612de962bdSlukem*) 2622de962bdSlukem echo "ldapwhoami failed ($RC)!" 2632de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2642de962bdSlukem exit $RC 2652de962bdSlukem ;; 2662de962bdSlukemesac 2672de962bdSlukem 2682de962bdSlukem# authzTo: bjorn => someone else 2692de962bdSlukemecho "Testing authzTo..." 2702de962bdSlukem 2712de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 2722de962bdSlukemBINDPW=bjorn 2732de962bdSlukemAUTHZID="u:bjensen" 2742de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.exact)..." 275*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 2762de962bdSlukem -e \!authzid="$AUTHZID" 2772de962bdSlukem 2782de962bdSlukemRC=$? 2792de962bdSlukemif test $RC != 0 ; then 2802de962bdSlukem echo "ldapwhoami failed ($RC)!" 2812de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2822de962bdSlukem exit $RC 2832de962bdSlukemfi 2842de962bdSlukem 2852de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 2862de962bdSlukemBINDPW=bjorn 2872de962bdSlukemAUTHZID="u:melliot" 2882de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (u)..." 289*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 2902de962bdSlukem -e \!authzid="$AUTHZID" 2912de962bdSlukem 2922de962bdSlukemRC=$? 2932de962bdSlukemif test $RC != 0 ; then 2942de962bdSlukem echo "ldapwhoami failed ($RC)!" 2952de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2962de962bdSlukem exit $RC 2972de962bdSlukemfi 2982de962bdSlukem 2992de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 3002de962bdSlukemBINDPW=bjorn 3012de962bdSlukemAUTHZID="u:jdoe" 3022de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI)..." 303*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 3042de962bdSlukem -e \!authzid="$AUTHZID" 3052de962bdSlukem 3062de962bdSlukemRC=$? 3072de962bdSlukemif test $RC != 0 ; then 3082de962bdSlukem echo "ldapwhoami failed ($RC)!" 3092de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3102de962bdSlukem exit $RC 3112de962bdSlukemfi 3122de962bdSlukem 3132de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 3142de962bdSlukemBINDPW=bjorn 3152de962bdSlukemAUTHZID="u:jjones" 3162de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (group)..." 317*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 3182de962bdSlukem -e \!authzid="$AUTHZID" 3192de962bdSlukem 3202de962bdSlukemRC=$? 3212de962bdSlukemif test $RC != 0 ; then 3222de962bdSlukem echo "ldapwhoami failed ($RC)!" 3232de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3242de962bdSlukem exit $RC 3252de962bdSlukemfi 3262de962bdSlukem 3272de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 3282de962bdSlukemBINDPW=bjorn 3292de962bdSlukemAUTHZID="u:noone" 3302de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.onelevel)..." 331*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 3322de962bdSlukem -e \!authzid="$AUTHZID" 3332de962bdSlukem 3342de962bdSlukemRC=$? 3352de962bdSlukemif test $RC != 0 ; then 3362de962bdSlukem echo "ldapwhoami failed ($RC)!" 3372de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3382de962bdSlukem exit $RC 3392de962bdSlukemfi 3402de962bdSlukem 3412de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 3422de962bdSlukemBINDPW=bjorn 3432de962bdSlukemAUTHZID="u:dots" 3442de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.regex)..." 345*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 3462de962bdSlukem -e \!authzid="$AUTHZID" 3472de962bdSlukem 3482de962bdSlukemRC=$? 3492de962bdSlukemif test $RC != 0 ; then 3502de962bdSlukem echo "ldapwhoami failed ($RC)!" 3512de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3522de962bdSlukem exit $RC 3532de962bdSlukemfi 3542de962bdSlukem 3552de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 3562de962bdSlukemBINDPW=bjorn 3572de962bdSlukemAUTHZID="u:jaj" 3582de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.children)..." 359*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 3602de962bdSlukem -e \!authzid="$AUTHZID" 3612de962bdSlukem 3622de962bdSlukemRC=$? 3632de962bdSlukemif test $RC != 0 ; then 3642de962bdSlukem echo "ldapwhoami failed ($RC)!" 3652de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3662de962bdSlukem exit $RC 3672de962bdSlukemfi 3682de962bdSlukem 3692de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 3702de962bdSlukemBINDPW=bjorn 3712de962bdSlukemAUTHZID="u:group/itd staff" 3722de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.subtree)..." 373*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 3742de962bdSlukem -e \!authzid="$AUTHZID" 3752de962bdSlukem 3762de962bdSlukemRC=$? 3772de962bdSlukemif test $RC != 0 ; then 3782de962bdSlukem echo "ldapwhoami failed ($RC)!" 3792de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3802de962bdSlukem exit $RC 3812de962bdSlukemfi 3822de962bdSlukem 3832de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 3842de962bdSlukemBINDPW=bjorn 3852de962bdSlukemAUTHZID="u:fail" 3862de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..." 387*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 3882de962bdSlukem -e \!authzid="$AUTHZID" 3892de962bdSlukem 3902de962bdSlukemRC=$? 3912de962bdSlukemcase $RC in 3922de962bdSlukem1) 3932de962bdSlukem ;; 3942de962bdSlukem0) 3952de962bdSlukem echo "ldapwhoami should have failed ($RC)!" 3962de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3972de962bdSlukem exit -1 3982de962bdSlukem ;; 3992de962bdSlukem*) 4002de962bdSlukem echo "ldapwhoami failed ($RC)!" 4012de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 4022de962bdSlukem exit $RC 4032de962bdSlukem ;; 4042de962bdSlukemesac 4052de962bdSlukem 4062de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 4072de962bdSlukemBINDPW=bjorn 4082de962bdSlukemAUTHZID="dn:cn=Should Fail,dc=example,dc=com" 4092de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..." 410*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 4112de962bdSlukem -e \!authzid="$AUTHZID" 4122de962bdSlukem 4132de962bdSlukemRC=$? 4142de962bdSlukemcase $RC in 4152de962bdSlukem1) 4162de962bdSlukem ;; 4172de962bdSlukem0) 4182de962bdSlukem echo "ldapwhoami should have failed ($RC)!" 4192de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 4202de962bdSlukem exit -1 4212de962bdSlukem ;; 4222de962bdSlukem*) 4232de962bdSlukem echo "ldapwhoami failed ($RC)!" 4242de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 4252de962bdSlukem exit $RC 4262de962bdSlukem ;; 4272de962bdSlukemesac 4282de962bdSlukem 4292de962bdSlukemBINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" 4302de962bdSlukemBINDPW=bjorn 4312de962bdSlukemAUTHZID="dn:cn=don't!" 4322de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (no authzTo; should fail)..." 433*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 4342de962bdSlukem -e \!authzid="$AUTHZID" 4352de962bdSlukem 4362de962bdSlukemRC=$? 4372de962bdSlukemif test $RC != 1 ; then 4382de962bdSlukem echo "ldapwhoami failed ($RC)!" 4392de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 440ef2f90d3Sadam exit 1 4412de962bdSlukemfi 4422de962bdSlukem 4432de962bdSlukemBINDDN="dc=example,dc=com" 4442de962bdSlukemBINDPW=example 4452de962bdSlukemAUTHZID="dn:" 4462de962bdSlukemecho "Testing ldapwhoami as ${BINDDN} for ${AUTHZID}\"\" (dn.exact; should succeed)..." 447*e670fd5cSchristos$LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW \ 4482de962bdSlukem -e \!authzid="$AUTHZID" 4492de962bdSlukem 4502de962bdSlukemRC=$? 4512de962bdSlukemif test $RC != 0 ; then 4522de962bdSlukem echo "ldapwhoami failed ($RC)!" 4532de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 4542de962bdSlukem exit $RC 4552de962bdSlukemfi 4562de962bdSlukem 4572de962bdSlukemtest $KILLSERVERS != no && kill -HUP $KILLPIDS 4582de962bdSlukem 4592de962bdSlukemecho ">>>>> Test succeeded" 4602de962bdSlukem 4612de962bdSlukemtest $KILLSERVERS != no && wait 4622de962bdSlukem 4632de962bdSlukemexit 0 4642de962bdSlukem 4652de962bdSlukem## Note to developers: when SLAPD_DEBUG=-1 the command 4662de962bdSlukem## awk '/^do_extended$/ {if (c) {print c} c=0} /<===slap_sasl_match:/ {c++} END {print c}' $TESTDIR/slapd.1.log 4672de962bdSlukem## must return the sequence 1 2 3 4 5 6 7 8 8 8 1 2 3 4 5 6 7 8 8 8 8 1 4682de962bdSlukem## to indicate that the authzFrom and authzTo rules applied in the right order. 469