12de962bdSlukem#! /bin/sh 2d11b170bStron# $OpenLDAP$ 32de962bdSlukem## This work is part of OpenLDAP Software <http://www.openldap.org/>. 42de962bdSlukem## 5*e670fd5cSchristos## Copyright 1998-2021 The OpenLDAP Foundation. 62de962bdSlukem## All rights reserved. 72de962bdSlukem## 82de962bdSlukem## Redistribution and use in source and binary forms, with or without 92de962bdSlukem## modification, are permitted only as authorized by the OpenLDAP 102de962bdSlukem## Public License. 112de962bdSlukem## 122de962bdSlukem## A copy of this license is available in the file LICENSE in the 132de962bdSlukem## top-level directory of the distribution or, alternatively, at 142de962bdSlukem## <http://www.OpenLDAP.org/license.html>. 152de962bdSlukem 162de962bdSlukemecho "running defines.sh" 172de962bdSlukem. $SRCDIR/scripts/defines.sh 182de962bdSlukem 192de962bdSlukemif test $SYNCPROV = syncprovno; then 202de962bdSlukem echo "Syncrepl provider overlay not available, test skipped" 212de962bdSlukem exit 0 222de962bdSlukemfi 232de962bdSlukem 242de962bdSlukemmkdir -p $TESTDIR $DBDIR1 $DBDIR2 252de962bdSlukem 262de962bdSlukem# 272de962bdSlukem# Test replication: 28d11b170bStron# - start provider 292de962bdSlukem# - start consumer 302de962bdSlukem# - populate over ldap 312de962bdSlukem# - perform some modifies and deleted 322de962bdSlukem# - attempt to modify the consumer (referral) 332de962bdSlukem# - retrieve database over ldap and compare against expected results 342de962bdSlukem# 352de962bdSlukem 36d11b170bStronecho "Starting provider slapd on TCP/IP port $PORT1..." 37*e670fd5cSchristos. $CONFFILTER $BACKEND < $SRPROVIDERCONF > $CONF1 38*e670fd5cSchristos$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & 392de962bdSlukemPID=$! 402de962bdSlukemif test $WAIT != 0 ; then 412de962bdSlukem echo PID $PID 422de962bdSlukem read foo 432de962bdSlukemfi 442de962bdSlukemKILLPIDS="$PID" 452de962bdSlukem 462de962bdSlukemsleep 1 472de962bdSlukem 48d11b170bStronecho "Using ldapsearch to check that provider slapd is running..." 492de962bdSlukemfor i in 0 1 2 3 4 5; do 50*e670fd5cSchristos $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 512de962bdSlukem 'objectclass=*' > /dev/null 2>&1 522de962bdSlukem RC=$? 532de962bdSlukem if test $RC = 0 ; then 542de962bdSlukem break 552de962bdSlukem fi 562de962bdSlukem echo "Waiting 5 seconds for slapd to start..." 572de962bdSlukem sleep 5 582de962bdSlukemdone 592de962bdSlukem 602de962bdSlukemif test $RC != 0 ; then 612de962bdSlukem echo "ldapsearch failed ($RC)!" 622de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 632de962bdSlukem exit $RC 642de962bdSlukemfi 652de962bdSlukem 66d11b170bStronecho "Using ldapadd to create the context prefix entry in the provider..." 67*e670fd5cSchristos$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \ 682de962bdSlukem $LDIFORDEREDCP > /dev/null 2>&1 692de962bdSlukemRC=$? 702de962bdSlukemif test $RC != 0 ; then 712de962bdSlukem echo "ldapadd failed ($RC)!" 722de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 732de962bdSlukem exit $RC 742de962bdSlukemfi 752de962bdSlukem 762de962bdSlukemecho "Starting consumer slapd on TCP/IP port $PORT2..." 77*e670fd5cSchristos. $CONFFILTER $BACKEND < $R1SRCONSUMERCONF > $CONF2 78*e670fd5cSchristos$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & 79*e670fd5cSchristosCONSUMERPID=$! 802de962bdSlukemif test $WAIT != 0 ; then 81*e670fd5cSchristos echo CONSUMERPID $CONSUMERPID 822de962bdSlukem read foo 832de962bdSlukemfi 84*e670fd5cSchristosKILLPIDS="$KILLPIDS $CONSUMERPID" 852de962bdSlukem 862de962bdSlukemsleep 1 872de962bdSlukem 882de962bdSlukemecho "Using ldapsearch to check that consumer slapd is running..." 892de962bdSlukemfor i in 0 1 2 3 4 5; do 90*e670fd5cSchristos $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ 912de962bdSlukem 'objectclass=*' > /dev/null 2>&1 922de962bdSlukem RC=$? 932de962bdSlukem if test $RC = 0 ; then 942de962bdSlukem break 952de962bdSlukem fi 962de962bdSlukem echo "Waiting 5 seconds for slapd to start..." 972de962bdSlukem sleep 5 982de962bdSlukemdone 992de962bdSlukem 1002de962bdSlukemif test $RC != 0 ; then 1012de962bdSlukem echo "ldapsearch failed ($RC)!" 1022de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1032de962bdSlukem exit $RC 1042de962bdSlukemfi 1052de962bdSlukem 106d11b170bStronecho "Using ldapadd to populate the provider directory..." 107*e670fd5cSchristos$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \ 1082de962bdSlukem $LDIFORDEREDNOCP > /dev/null 2>&1 1092de962bdSlukemRC=$? 1102de962bdSlukemif test $RC != 0 ; then 1112de962bdSlukem echo "ldapadd failed ($RC)!" 1122de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1132de962bdSlukem exit $RC 1142de962bdSlukemfi 1152de962bdSlukem 1164e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 1174e6df137Slukemsleep $SLEEP1 1182de962bdSlukem 119d11b170bStronecho "Using ldapmodify to modify provider directory..." 1202de962bdSlukem 1212de962bdSlukem# 1222de962bdSlukem# Do some modifications 1232de962bdSlukem# 1242de962bdSlukem 125*e670fd5cSchristos$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \ 1262de962bdSlukem $TESTOUT 2>&1 << EOMODS 1272de962bdSlukemdn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com 1282de962bdSlukemchangetype: modify 1292de962bdSlukemadd: drink 1302de962bdSlukemdrink: Orange Juice 1312de962bdSlukem- 1322de962bdSlukemdelete: sn 1332de962bdSlukemsn: Jones 1342de962bdSlukem- 1352de962bdSlukemadd: sn 1362de962bdSlukemsn: Jones 1372de962bdSlukem 1382de962bdSlukemdn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 1392de962bdSlukemchangetype: modify 1402de962bdSlukemreplace: drink 1412de962bdSlukemdrink: Iced Tea 1422de962bdSlukemdrink: Mad Dog 20/20 1432de962bdSlukem 1442de962bdSlukemdn: cn=ITD Staff,ou=Groups,dc=example,dc=com 1452de962bdSlukemchangetype: modify 1462de962bdSlukemdelete: uniquemember 1472de962bdSlukemuniquemember: cn=James A Jones 2, ou=Information Technology Division, ou=People, dc=example,dc=com 1482de962bdSlukemuniquemember: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 1492de962bdSlukem- 1502de962bdSlukemadd: uniquemember 1512de962bdSlukemuniquemember: cn=Dorothy Stevens, ou=Alumni Association, ou=People, dc=example,dc=com 1522de962bdSlukemuniquemember: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com 1532de962bdSlukem 1542de962bdSlukemdn: cn=All Staff,ou=Groups,dc=example,dc=com 1552de962bdSlukemchangetype: modify 1562de962bdSlukemdelete: description 1572de962bdSlukem 1582de962bdSlukemdn: cn=Gern Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 1592de962bdSlukemchangetype: add 1602de962bdSlukemobjectclass: OpenLDAPperson 1612de962bdSlukemcn: Gern Jensen 1622de962bdSlukemsn: Jensen 1632de962bdSlukemuid: gjensen 1642de962bdSlukemtitle: Chief Investigator, ITD 1652de962bdSlukempostaladdress: ITD $ 535 W. William St $ Ann Arbor, MI 48103 1662de962bdSlukemseealso: cn=All Staff, ou=Groups, dc=example,dc=com 1672de962bdSlukemdrink: Coffee 1682de962bdSlukemhomepostaladdress: 844 Brown St. Apt. 4 $ Ann Arbor, MI 48104 1692de962bdSlukemdescription: Very odd 1702de962bdSlukemfacsimiletelephonenumber: +1 313 555 7557 1712de962bdSlukemtelephonenumber: +1 313 555 8343 1722de962bdSlukemmail: gjensen@mailgw.example.com 1732de962bdSlukemhomephone: +1 313 555 8844 1742de962bdSlukem 1752de962bdSlukemdn: ou=Retired, ou=People, dc=example,dc=com 1762de962bdSlukemchangetype: add 1772de962bdSlukemobjectclass: organizationalUnit 1782de962bdSlukemou: Retired 1792de962bdSlukem 1802de962bdSlukemdn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, dc=example,dc=com 1812de962bdSlukemchangetype: add 1822de962bdSlukemobjectclass: OpenLDAPperson 1832de962bdSlukemcn: Rosco P. Coltrane 1842de962bdSlukemsn: Coltrane 1852de962bdSlukemuid: rosco 1862de962bdSlukem 1872de962bdSlukemdn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, dc=example,dc=com 1882de962bdSlukemchangetype: modrdn 1892de962bdSlukemnewrdn: cn=Rosco P. Coltrane 1902de962bdSlukemdeleteoldrdn: 1 1912de962bdSlukemnewsuperior: ou=Retired, ou=People, dc=example,dc=com 1922de962bdSlukem 1932de962bdSlukemdn: cn=James A Jones 2, ou=Information Technology Division, ou=People, dc=example,dc=com 1942de962bdSlukemchangetype: delete 1952de962bdSlukem 1964e6df137Slukemdn: dc=testdomain1,dc=example,dc=com 1974e6df137Slukemchangetype: modrdn 1984e6df137Slukemnewrdn: dc=itsdomain1 1994e6df137Slukemdeleteoldrdn: 1 2004e6df137Slukem 2014e6df137Slukemdn: dc=itsdomain1,dc=example,dc=com 2024e6df137Slukemchangetype: modify 2034e6df137Slukemreplace: description 2044e6df137Slukemdescription: Example, Inc. ITS test domain 2054e6df137Slukem 2062de962bdSlukemEOMODS 2072de962bdSlukem 2082de962bdSlukemRC=$? 2092de962bdSlukemif test $RC != 0 ; then 2102de962bdSlukem echo "ldapmodify failed ($RC)!" 2112de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2122de962bdSlukem exit $RC 2132de962bdSlukemfi 2142de962bdSlukem 2154e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 2164e6df137Slukemsleep $SLEEP1 2174e6df137Slukem 218d11b170bStronecho "Performing modrdn alone on the provider..." 219*e670fd5cSchristos$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \ 2204e6df137Slukem $TESTOUT 2>&1 << EOMODS 2214e6df137Slukemdn: dc=testdomain2,dc=example,dc=com 2224e6df137Slukemchangetype: modrdn 2234e6df137Slukemnewrdn: dc=itsdomain2 2244e6df137Slukemdeleteoldrdn: 1 2254e6df137Slukem 2264e6df137SlukemEOMODS 2274e6df137Slukem 2284e6df137SlukemRC=$? 2294e6df137Slukemif test $RC != 0 ; then 2304e6df137Slukem echo "ldapmodify failed ($RC)!" 2314e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2324e6df137Slukem exit $RC 2334e6df137Slukemfi 2344e6df137Slukem 2354e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 2364e6df137Slukemsleep $SLEEP1 2374e6df137Slukem 238d11b170bStronecho "Performing modify alone on the provider..." 239*e670fd5cSchristos$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \ 2404e6df137Slukem $TESTOUT 2>&1 << EOMODS 2414e6df137Slukemdn: dc=itsdomain2,dc=example,dc=com 2424e6df137Slukemchangetype: modify 2434e6df137Slukemreplace: description 2444e6df137Slukemdescription: Example, Inc. itsdomain2 test domain 2454e6df137Slukem 2464e6df137SlukemEOMODS 2474e6df137Slukem 2484e6df137SlukemRC=$? 2494e6df137Slukemif test $RC != 0 ; then 2504e6df137Slukem echo "ldapmodify failed ($RC)!" 2514e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2524e6df137Slukem exit $RC 2534e6df137Slukemfi 2544e6df137Slukem 2554e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 2564e6df137Slukemsleep $SLEEP1 2574e6df137Slukem 258d11b170bStronecho "Performing larger modify on the provider..." 259*e670fd5cSchristos$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \ 2604e6df137Slukem $TESTOUT 2>&1 << EOMODS 2614e6df137Slukemdn: cn=Alumni Assoc Staff,ou=Groups,dc=example,dc=com 2624e6df137Slukemchangetype: modify 2634e6df137Slukemreplace: objectClass 2644e6df137SlukemobjectClass: groupOfNames 2654e6df137Slukem- 2664e6df137Slukemreplace: cn 2674e6df137Slukemcn: Alumni Assoc Staff 2684e6df137Slukem- 2694e6df137Slukemreplace: description 2704e6df137Slukemdescription: blablabla 2714e6df137Slukem- 2724e6df137Slukemreplace: member 2734e6df137Slukemmember: cn=Manager,dc=example,dc=com 2744e6df137Slukemmember: cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com 2754e6df137Slukemmember: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com 2764e6df137Slukemmember: cn=Jane Doe,ou=Alumni Association,ou=People,dc=example,dc=com 2774e6df137Slukemmember: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com 2784e6df137Slukemmember: cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com 2794e6df137Slukemmember: cn=Ursula Hampster,ou=Alumni Association,ou=People,dc=example,dc=com 2804e6df137Slukem 2814e6df137SlukemEOMODS 2824e6df137Slukem 2834e6df137SlukemRC=$? 2844e6df137Slukemif test $RC != 0 ; then 2854e6df137Slukem echo "ldapmodify failed ($RC)!" 2864e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2874e6df137Slukem exit $RC 2884e6df137Slukemfi 2894e6df137Slukem 2904e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 2914e6df137Slukemsleep $SLEEP1 2922de962bdSlukem 2932de962bdSlukemecho "Try updating the consumer slapd..." 294*e670fd5cSchristos$LDAPMODIFY -v -D "$MANAGERDN" -H $URI2 -w $PASSWD > \ 2952de962bdSlukem $TESTOUT 2>&1 << EOMODS 2962de962bdSlukemdn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example, dc=com 2972de962bdSlukemchangetype: modify 2982de962bdSlukemadd: description 2992de962bdSlukemdescription: This write must fail because directed to a shadow context, 3002de962bdSlukemdescription: unless the chain overlay is configured appropriately ;) 3012de962bdSlukem 3022de962bdSlukemEOMODS 3032de962bdSlukem 3042de962bdSlukemRC=$? 3052de962bdSlukem 3062de962bdSlukem# expect 10 (LDAP_REFERRAL)... 3072de962bdSlukemif test $RC != 10 ; then 3082de962bdSlukem echo "ldapmodify should have returned referral ($RC)!" 3092de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 310ef2f90d3Sadam exit 1 3112de962bdSlukemfi 3122de962bdSlukem 3132de962bdSlukemOPATTRS="entryUUID creatorsName createTimestamp modifiersName modifyTimestamp" 3142de962bdSlukem 315d11b170bStronecho "Using ldapsearch to read all the entries from the provider..." 316*e670fd5cSchristos$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ 317*e670fd5cSchristos '(objectclass=*)' '*' $OPATTRS > $PROVIDEROUT 2>&1 3182de962bdSlukemRC=$? 3192de962bdSlukem 3202de962bdSlukemif test $RC != 0 ; then 321d11b170bStron echo "ldapsearch failed at provider ($RC)!" 3222de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3232de962bdSlukem exit $RC 3242de962bdSlukemfi 3252de962bdSlukem 3262de962bdSlukemecho "Using ldapsearch to read all the entries from the consumer..." 327*e670fd5cSchristos$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \ 328*e670fd5cSchristos '(objectclass=*)' '*' $OPATTRS > $CONSUMEROUT 2>&1 3292de962bdSlukemRC=$? 3302de962bdSlukem 3312de962bdSlukemif test $RC != 0 ; then 3322de962bdSlukem echo "ldapsearch failed at consumer ($RC)!" 3332de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3342de962bdSlukem exit $RC 3352de962bdSlukemfi 3362de962bdSlukem 3372de962bdSlukemtest $KILLSERVERS != no && kill -HUP $KILLPIDS 3382de962bdSlukem 339d11b170bStronecho "Filtering provider results..." 340*e670fd5cSchristos$LDIFFILTER < $PROVIDEROUT > $PROVIDERFLT 3412de962bdSlukemecho "Filtering consumer results..." 342*e670fd5cSchristos$LDIFFILTER < $CONSUMEROUT > $CONSUMERFLT 3432de962bdSlukem 344d11b170bStronecho "Comparing retrieved entries from provider and consumer..." 345*e670fd5cSchristos$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT 3462de962bdSlukem 3472de962bdSlukemif test $? != 0 ; then 348d11b170bStron echo "test failed - provider and consumer databases differ" 3492de962bdSlukem exit 1 3502de962bdSlukemfi 3512de962bdSlukem 3522de962bdSlukemecho ">>>>> Test succeeded" 3532de962bdSlukem 3542de962bdSlukemtest $KILLSERVERS != no && wait 3552de962bdSlukem 3562de962bdSlukemexit 0 357