12de962bdSlukem#! /bin/sh 2d11b170bStron# $OpenLDAP$ 32de962bdSlukem## This work is part of OpenLDAP Software <http://www.openldap.org/>. 42de962bdSlukem## 5*e670fd5cSchristos## Copyright 1998-2021 The OpenLDAP Foundation. 62de962bdSlukem## All rights reserved. 72de962bdSlukem## 82de962bdSlukem## Redistribution and use in source and binary forms, with or without 92de962bdSlukem## modification, are permitted only as authorized by the OpenLDAP 102de962bdSlukem## Public License. 112de962bdSlukem## 122de962bdSlukem## A copy of this license is available in the file LICENSE in the 132de962bdSlukem## top-level directory of the distribution or, alternatively, at 142de962bdSlukem## <http://www.OpenLDAP.org/license.html>. 152de962bdSlukem 162de962bdSlukemecho "running defines.sh" 172de962bdSlukem. $SRCDIR/scripts/defines.sh 182de962bdSlukem 192de962bdSlukemif test $SYNCPROV = syncprovno; then 202de962bdSlukem echo "Syncrepl provider overlay not available, test skipped" 212de962bdSlukem exit 0 222de962bdSlukemfi 232de962bdSlukemif test $ACCESSLOG = accesslogno; then 242de962bdSlukem echo "Accesslog overlay not available, test skipped" 252de962bdSlukem exit 0 262de962bdSlukemfi 27ef2f90d3Sadamif test $BACKEND = ldif ; then 28ef2f90d3Sadam # Onelevel search does not return entries in order of creation or CSN. 29ef2f90d3Sadam echo "$BACKEND backend unsuitable for syncprov logdb, test skipped" 30ef2f90d3Sadam exit 0 31ef2f90d3Sadamfi 322de962bdSlukem 332de962bdSlukemmkdir -p $TESTDIR $DBDIR1A $DBDIR1B $DBDIR2 342de962bdSlukem 35*e670fd5cSchristosSPEC="mdb=a" 36376af7d7Schristos 372de962bdSlukem# 382de962bdSlukem# Test replication: 39d11b170bStron# - start provider 402de962bdSlukem# - start consumer 412de962bdSlukem# - populate over ldap 422de962bdSlukem# - perform some modifies and deleted 432de962bdSlukem# - attempt to modify the consumer (referral or chain) 442de962bdSlukem# - retrieve database over ldap and compare against expected results 452de962bdSlukem# 462de962bdSlukem 47d11b170bStronecho "Starting provider slapd on TCP/IP port $PORT1..." 48*e670fd5cSchristos. $CONFFILTER $BACKEND < $DSRPROVIDERCONF > $CONF1 49*e670fd5cSchristos$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & 502de962bdSlukemPID=$! 512de962bdSlukemif test $WAIT != 0 ; then 522de962bdSlukem echo PID $PID 532de962bdSlukem read foo 542de962bdSlukemfi 552de962bdSlukemKILLPIDS="$PID" 562de962bdSlukem 572de962bdSlukemsleep 1 582de962bdSlukem 59d11b170bStronecho "Using ldapsearch to check that provider slapd is running..." 602de962bdSlukemfor i in 0 1 2 3 4 5; do 61*e670fd5cSchristos $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 622de962bdSlukem 'objectclass=*' > /dev/null 2>&1 632de962bdSlukem RC=$? 642de962bdSlukem if test $RC = 0 ; then 652de962bdSlukem break 662de962bdSlukem fi 672de962bdSlukem echo "Waiting 5 seconds for slapd to start..." 682de962bdSlukem sleep 5 692de962bdSlukemdone 702de962bdSlukem 712de962bdSlukemif test $RC != 0 ; then 722de962bdSlukem echo "ldapsearch failed ($RC)!" 732de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 742de962bdSlukem exit $RC 752de962bdSlukemfi 762de962bdSlukem 77d11b170bStronecho "Using ldapadd to create the context prefix entries in the provider..." 78*e670fd5cSchristos$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \ 792de962bdSlukem $LDIFORDEREDCP > /dev/null 2>&1 802de962bdSlukemRC=$? 812de962bdSlukemif test $RC != 0 ; then 822de962bdSlukem echo "ldapadd failed ($RC)!" 832de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 842de962bdSlukem exit $RC 852de962bdSlukemfi 862de962bdSlukem 872de962bdSlukemecho "Starting consumer slapd on TCP/IP port $PORT2..." 88*e670fd5cSchristos. $CONFFILTER $BACKEND < $DSRCONSUMERCONF > $CONF2 89*e670fd5cSchristos$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & 90*e670fd5cSchristosCONSUMERPID=$! 912de962bdSlukemif test $WAIT != 0 ; then 92*e670fd5cSchristos echo CONSUMERPID $CONSUMERPID 932de962bdSlukem read foo 942de962bdSlukemfi 95*e670fd5cSchristosKILLPIDS="$KILLPIDS $CONSUMERPID" 962de962bdSlukem 972de962bdSlukemsleep 1 982de962bdSlukem 992de962bdSlukemecho "Using ldapsearch to check that consumer slapd is running..." 1002de962bdSlukemfor i in 0 1 2 3 4 5; do 101*e670fd5cSchristos $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ 1022de962bdSlukem 'objectclass=*' > /dev/null 2>&1 1032de962bdSlukem RC=$? 1042de962bdSlukem if test $RC = 0 ; then 1052de962bdSlukem break 1062de962bdSlukem fi 1072de962bdSlukem echo "Waiting 5 seconds for slapd to start..." 1082de962bdSlukem sleep 5 1092de962bdSlukemdone 1102de962bdSlukem 1112de962bdSlukemif test $RC != 0 ; then 1122de962bdSlukem echo "ldapsearch failed ($RC)!" 1132de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1142de962bdSlukem exit $RC 1152de962bdSlukemfi 1162de962bdSlukem 117d11b170bStronecho "Using ldapadd to populate the provider directory..." 118*e670fd5cSchristos$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \ 1192de962bdSlukem $LDIFORDEREDNOCP > /dev/null 2>&1 1202de962bdSlukemRC=$? 1212de962bdSlukemif test $RC != 0 ; then 1222de962bdSlukem echo "ldapadd failed ($RC)!" 1232de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1242de962bdSlukem exit $RC 1252de962bdSlukemfi 1262de962bdSlukem 1274e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 1284e6df137Slukemsleep $SLEEP1 1292de962bdSlukem 1302de962bdSlukemecho "Stopping the provider, sleeping 10 seconds and restarting it..." 1312de962bdSlukemkill -HUP "$PID" 1322de962bdSlukemsleep 10 1332de962bdSlukemecho "RESTART" >> $LOG1 134*e670fd5cSchristos$SLAPD -f $CONF1 -h $URI1 -d $LVL >> $LOG1 2>&1 & 1352de962bdSlukemPID=$! 1362de962bdSlukemif test $WAIT != 0 ; then 1372de962bdSlukem echo PID $PID 1382de962bdSlukem read foo 1392de962bdSlukemfi 140*e670fd5cSchristosKILLPIDS="$PID $CONSUMERPID" 1412de962bdSlukem 1422de962bdSlukemsleep 1 1432de962bdSlukem 144d11b170bStronecho "Using ldapsearch to check that provider slapd is running..." 1452de962bdSlukemfor i in 0 1 2 3 4 5; do 146*e670fd5cSchristos $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 1472de962bdSlukem 'objectclass=*' > /dev/null 2>&1 1482de962bdSlukem RC=$? 1492de962bdSlukem if test $RC = 0 ; then 1502de962bdSlukem break 1512de962bdSlukem fi 1522de962bdSlukem echo "Waiting 5 seconds for slapd to start..." 1532de962bdSlukem sleep 5 1542de962bdSlukemdone 1552de962bdSlukem 1562de962bdSlukemif test $RC != 0 ; then 1572de962bdSlukem echo "ldapsearch failed ($RC)!" 1582de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1592de962bdSlukem exit $RC 1602de962bdSlukemfi 1612de962bdSlukem 162d11b170bStronecho "Using ldapmodify to modify provider directory..." 1632de962bdSlukem 1642de962bdSlukem# 1652de962bdSlukem# Do some modifications 1662de962bdSlukem# 1672de962bdSlukem 168*e670fd5cSchristos$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \ 1692de962bdSlukem $TESTOUT 2>&1 << EOMODS 1702de962bdSlukemdn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com 1712de962bdSlukemchangetype: modify 1722de962bdSlukemadd: drink 1732de962bdSlukemdrink: Orange Juice 1742de962bdSlukem- 1752de962bdSlukemdelete: sn 1762de962bdSlukemsn: Jones 1772de962bdSlukem- 1782de962bdSlukemadd: sn 1792de962bdSlukemsn: Jones 180*e670fd5cSchristos- 181*e670fd5cSchristosadd: displayName 182*e670fd5cSchristosdisplayName: The one 183*e670fd5cSchristos 184*e670fd5cSchristosdn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com 185*e670fd5cSchristoschangetype: modify 186*e670fd5cSchristosadd: displayName 187*e670fd5cSchristosdisplayName: James the First 188*e670fd5cSchristos- 189*e670fd5cSchristosdelete: displayName 190*e670fd5cSchristosdisplayName: The one 1912de962bdSlukem 1922de962bdSlukemdn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 1932de962bdSlukemchangetype: modify 1942de962bdSlukemreplace: drink 1952de962bdSlukemdrink: Iced Tea 1962de962bdSlukem 1972de962bdSlukemdn: cn=ITD Staff,ou=Groups,dc=example,dc=com 1982de962bdSlukemchangetype: modify 1992de962bdSlukemdelete: uniquemember 2002de962bdSlukemuniquemember: cn=James A Jones 2, ou=Information Technology Division, ou=People, dc=example,dc=com 2012de962bdSlukemuniquemember: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 2022de962bdSlukem- 2032de962bdSlukemadd: uniquemember 2042de962bdSlukemuniquemember: cn=Dorothy Stevens, ou=Alumni Association, ou=People, dc=example,dc=com 2052de962bdSlukemuniquemember: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com 2062de962bdSlukem 2072de962bdSlukemdn: cn=All Staff,ou=Groups,dc=example,dc=com 2082de962bdSlukemchangetype: modify 2092de962bdSlukemdelete: description 2102de962bdSlukem 2112de962bdSlukemdn: cn=Gern Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 2122de962bdSlukemchangetype: add 2132de962bdSlukemobjectclass: OpenLDAPperson 2142de962bdSlukemcn: Gern Jensen 2152de962bdSlukemsn: Jensen 2162de962bdSlukemuid: gjensen 2172de962bdSlukemtitle: Chief Investigator, ITD 2182de962bdSlukempostaladdress: ITD $ 535 W. William St $ Ann Arbor, MI 48103 2192de962bdSlukemseealso: cn=All Staff, ou=Groups, dc=example,dc=com 2202de962bdSlukemdrink: Coffee 2212de962bdSlukemhomepostaladdress: 844 Brown St. Apt. 4 $ Ann Arbor, MI 48104 2222de962bdSlukemdescription: Very odd 2232de962bdSlukemfacsimiletelephonenumber: +1 313 555 7557 2242de962bdSlukemtelephonenumber: +1 313 555 8343 2252de962bdSlukemmail: gjensen@mailgw.example.com 2262de962bdSlukemhomephone: +1 313 555 8844 2272de962bdSlukem 2282de962bdSlukemdn: ou=Retired, ou=People, dc=example,dc=com 2292de962bdSlukemchangetype: add 2302de962bdSlukemobjectclass: organizationalUnit 2312de962bdSlukemou: Retired 2322de962bdSlukem 2332de962bdSlukemdn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, dc=example,dc=com 2342de962bdSlukemchangetype: add 2352de962bdSlukemobjectclass: OpenLDAPperson 2362de962bdSlukemcn: Rosco P. Coltrane 2372de962bdSlukemsn: Coltrane 2382de962bdSlukemuid: rosco 2392de962bdSlukemdescription: Fat tycoon 2402de962bdSlukem 2412de962bdSlukemdn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, dc=example,dc=com 2422de962bdSlukemchangetype: modrdn 2432de962bdSlukemnewrdn: cn=Rosco P. Coltrane 2442de962bdSlukemdeleteoldrdn: 1 2452de962bdSlukemnewsuperior: ou=Retired, ou=People, dc=example,dc=com 2462de962bdSlukem 2472de962bdSlukemdn: cn=James A Jones 2, ou=Information Technology Division, ou=People, dc=example,dc=com 2482de962bdSlukemchangetype: delete 2492de962bdSlukem 2502de962bdSlukemEOMODS 2512de962bdSlukemRC=$? 2522de962bdSlukemif test $RC != 0 ; then 2532de962bdSlukem echo "ldapmodify failed ($RC)!" 2542de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2552de962bdSlukem exit $RC 2562de962bdSlukemfi 2572de962bdSlukem 2584e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 2594e6df137Slukemsleep $SLEEP1 2602de962bdSlukem 261d11b170bStronecho "Using ldapsearch to read all the entries from the provider..." 262*e670fd5cSchristos$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ 263*e670fd5cSchristos 'objectclass=*' \* + > $PROVIDEROUT 2>&1 264d11b170bStronRC=$? 265d11b170bStron 266d11b170bStronif test $RC != 0 ; then 267d11b170bStron echo "ldapsearch failed at provider ($RC)!" 268d11b170bStron test $KILLSERVERS != no && kill -HUP $KILLPIDS 269d11b170bStron exit $RC 270d11b170bStronfi 271d11b170bStron 272d11b170bStronecho "Using ldapsearch to read all the entries from the consumer..." 273*e670fd5cSchristos$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \ 274*e670fd5cSchristos 'objectclass=*' \* + > $CONSUMEROUT 2>&1 275d11b170bStronRC=$? 276d11b170bStron 277d11b170bStronif test $RC != 0 ; then 278d11b170bStron echo "ldapsearch failed at consumer ($RC)!" 279d11b170bStron test $KILLSERVERS != no && kill -HUP $KILLPIDS 280d11b170bStron exit $RC 281d11b170bStronfi 282d11b170bStron 283d11b170bStronecho "Filtering provider results..." 284*e670fd5cSchristos$LDIFFILTER -b $BACKEND -s $SPEC < $PROVIDEROUT | grep -iv "^auditcontext:" > $PROVIDERFLT 285d11b170bStronecho "Filtering consumer results..." 286*e670fd5cSchristos$LDIFFILTER -b $BACKEND -s $SPEC < $CONSUMEROUT | grep -iv "^auditcontext:" > $CONSUMERFLT 287d11b170bStron 288d11b170bStronecho "Comparing retrieved entries from provider and consumer..." 289*e670fd5cSchristos$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT 290d11b170bStron 291d11b170bStronif test $? != 0 ; then 292d11b170bStron echo "test failed - provider and consumer databases differ" 293d11b170bStron test $KILLSERVERS != no && kill -HUP $KILLPIDS 294d11b170bStron exit 1 295d11b170bStronfi 296d11b170bStron 2972de962bdSlukemecho "Stopping consumer to test recovery..." 298*e670fd5cSchristoskill -HUP $CONSUMERPID 2992de962bdSlukemsleep 10 3002de962bdSlukem 301d11b170bStronecho "Modifying more entries on the provider..." 302*e670fd5cSchristos$LDAPMODIFY -v -D "$BJORNSDN" -H $URI1 -w bjorn >> \ 3032de962bdSlukem $TESTOUT 2>&1 << EOMODS 3042de962bdSlukemdn: cn=Rosco P. Coltrane, ou=Retired, ou=People, dc=example,dc=com 3052de962bdSlukemchangetype: delete 3062de962bdSlukem 3072de962bdSlukemdn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 3082de962bdSlukemchangetype: modify 3092de962bdSlukemadd: drink 3102de962bdSlukemdrink: Mad Dog 20/20 3112de962bdSlukem 3122de962bdSlukemdn: cn=Rosco P. Coltrane, ou=Retired, ou=People, dc=example,dc=com 3132de962bdSlukemchangetype: add 3142de962bdSlukemobjectclass: OpenLDAPperson 3152de962bdSlukemsn: Coltrane 3162de962bdSlukemuid: rosco 3172de962bdSlukemcn: Rosco P. Coltrane 3182de962bdSlukem 3192de962bdSlukemdn: cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com 3202de962bdSlukemchangetype: modify 3212de962bdSlukemreplace: drink 322648e71e5Schristosdrink: Red Wine 323648e71e5Schristos- 324648e71e5Schristosreplace: drink 3252de962bdSlukem 3262de962bdSlukemdn: cn=All Staff,ou=Groups,dc=example,dc=com 3272de962bdSlukemchangetype: modrdn 3282de962bdSlukemnewrdn: cn=Some Staff 3292de962bdSlukemdeleteoldrdn: 1 3302de962bdSlukem 3312de962bdSlukemEOMODS 3322de962bdSlukem 3332de962bdSlukemecho "Restarting consumer..." 3342de962bdSlukemecho "RESTART" >> $LOG2 335*e670fd5cSchristos$SLAPD -f $CONF2 -h $URI2 -d $LVL >> $LOG2 2>&1 & 336*e670fd5cSchristosCONSUMERPID=$! 3372de962bdSlukemif test $WAIT != 0 ; then 338*e670fd5cSchristos echo CONSUMERPID $CONSUMERPID 3392de962bdSlukem read foo 3402de962bdSlukemfi 341*e670fd5cSchristosKILLPIDS="$PID $CONSUMERPID" 3422de962bdSlukem 3434e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 3444e6df137Slukemsleep $SLEEP1 3452de962bdSlukem 3462de962bdSlukemif test ! $BACKLDAP = "ldapno" ; then 3472de962bdSlukem echo "Try updating the consumer slapd..." 348*e670fd5cSchristos $LDAPMODIFY -v -D "$MANAGERDN" -H $URI2 -w $PASSWD > \ 3492de962bdSlukem $TESTOUT 2>&1 << EOMODS 3502de962bdSlukemdn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example, dc=com 3512de962bdSlukemchangetype: modify 3522de962bdSlukemadd: description 3532de962bdSlukemdescription: This write must fail because directed to a shadow context, 3542de962bdSlukemdescription: unless the chain overlay is configured appropriately ;) 3552de962bdSlukem 3562de962bdSlukemEOMODS 3572de962bdSlukem 3582de962bdSlukem RC=$? 3592de962bdSlukem if test $RC != 0 ; then 3602de962bdSlukem echo "ldapmodify failed ($RC)!" 3612de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3622de962bdSlukem exit $RC 3632de962bdSlukem fi 3642de962bdSlukem 3654e6df137Slukem echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 3664e6df137Slukem sleep $SLEEP1 3672de962bdSlukemfi 3682de962bdSlukem 369d11b170bStronecho "Using ldapsearch to read all the entries from the provider..." 370*e670fd5cSchristos$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ 371*e670fd5cSchristos 'objectclass=*' \* + > $PROVIDEROUT 2>&1 3722de962bdSlukemRC=$? 3732de962bdSlukem 3742de962bdSlukemif test $RC != 0 ; then 375d11b170bStron echo "ldapsearch failed at provider ($RC)!" 3762de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3772de962bdSlukem exit $RC 3782de962bdSlukemfi 3792de962bdSlukem 3802de962bdSlukemecho "Using ldapsearch to read all the entries from the consumer..." 381*e670fd5cSchristos$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \ 382*e670fd5cSchristos 'objectclass=*' \* + > $CONSUMEROUT 2>&1 3832de962bdSlukemRC=$? 3842de962bdSlukem 3852de962bdSlukemif test $RC != 0 ; then 3862de962bdSlukem echo "ldapsearch failed at consumer ($RC)!" 3872de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3882de962bdSlukem exit $RC 3892de962bdSlukemfi 3902de962bdSlukem 3912de962bdSlukemtest $KILLSERVERS != no && kill -HUP $KILLPIDS 3922de962bdSlukem 393d11b170bStronecho "Filtering provider results..." 394*e670fd5cSchristos$LDIFFILTER -b $BACKEND -s $SPEC < $PROVIDEROUT | grep -iv "^auditcontext:" > $PROVIDERFLT 3952de962bdSlukemecho "Filtering consumer results..." 396*e670fd5cSchristos$LDIFFILTER -b $BACKEND -s $SPEC < $CONSUMEROUT | grep -iv "^auditcontext:" > $CONSUMERFLT 3972de962bdSlukem 398d11b170bStronecho "Comparing retrieved entries from provider and consumer..." 399*e670fd5cSchristos$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT 4002de962bdSlukem 4012de962bdSlukemif test $? != 0 ; then 402d11b170bStron echo "test failed - provider and consumer databases differ" 4032de962bdSlukem exit 1 4042de962bdSlukemfi 4052de962bdSlukem 4062de962bdSlukemecho ">>>>> Test succeeded" 4072de962bdSlukem 4082de962bdSlukemtest $KILLSERVERS != no && wait 4092de962bdSlukem 4102de962bdSlukemexit 0 411