14e6df137Slukem#! /bin/sh 2d11b170bStron# $OpenLDAP$ 34e6df137Slukem## This work is part of OpenLDAP Software <http://www.openldap.org/>. 44e6df137Slukem## 5*e670fd5cSchristos## Copyright 1998-2021 The OpenLDAP Foundation. 64e6df137Slukem## All rights reserved. 74e6df137Slukem## 84e6df137Slukem## Redistribution and use in source and binary forms, with or without 94e6df137Slukem## modification, are permitted only as authorized by the OpenLDAP 104e6df137Slukem## Public License. 114e6df137Slukem## 124e6df137Slukem## A copy of this license is available in the file LICENSE in the 134e6df137Slukem## top-level directory of the distribution or, alternatively, at 144e6df137Slukem## <http://www.OpenLDAP.org/license.html>. 154e6df137Slukem 164e6df137Slukemecho "running defines.sh" 174e6df137Slukem. $SRCDIR/scripts/defines.sh 184e6df137Slukem 194e6df137Slukemif test $SYNCPROV = syncprovno; then 204e6df137Slukem echo "Syncrepl provider overlay not available, test skipped" 214e6df137Slukem exit 0 224e6df137Slukemfi 234e6df137Slukem 244e6df137Slukemmkdir -p $TESTDIR $DBDIR1 $DBDIR4 254e6df137Slukem 264e6df137Slukem# 274e6df137Slukem# Test replication: 28d11b170bStron# - start provider 294e6df137Slukem# - start consumer 304e6df137Slukem# - populate over ldap 314e6df137Slukem# - perform some modifies and deleted 324e6df137Slukem# - attempt to modify the consumer (referral or chain) 334e6df137Slukem# - retrieve database over ldap and compare against expected results 344e6df137Slukem# 354e6df137Slukem 36d11b170bStronecho "Starting provider slapd on TCP/IP port $PORT1..." 37*e670fd5cSchristos. $CONFFILTER $BACKEND < $SRPROVIDERCONF > $CONF1 38*e670fd5cSchristos$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & 394e6df137SlukemPID=$! 404e6df137Slukemif test $WAIT != 0 ; then 414e6df137Slukem echo PID $PID 424e6df137Slukem read foo 434e6df137Slukemfi 444e6df137SlukemKILLPIDS="$PID" 454e6df137Slukem 464e6df137Slukemsleep 1 474e6df137Slukem 48d11b170bStronecho "Using ldapsearch to check that provider slapd is running..." 494e6df137Slukemfor i in 0 1 2 3 4 5; do 50*e670fd5cSchristos $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 514e6df137Slukem 'objectclass=*' > /dev/null 2>&1 524e6df137Slukem RC=$? 534e6df137Slukem if test $RC = 0 ; then 544e6df137Slukem break 554e6df137Slukem fi 564e6df137Slukem echo "Waiting 5 seconds for slapd to start..." 574e6df137Slukem sleep 5 584e6df137Slukemdone 594e6df137Slukem 604e6df137Slukemif test $RC != 0 ; then 614e6df137Slukem echo "ldapsearch failed ($RC)!" 624e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 634e6df137Slukem exit $RC 644e6df137Slukemfi 654e6df137Slukem 66d11b170bStronecho "Using ldapadd to create the context prefix entry in the provider..." 67*e670fd5cSchristos$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \ 684e6df137Slukem $LDIFORDEREDCP > /dev/null 2>&1 694e6df137SlukemRC=$? 704e6df137Slukemif test $RC != 0 ; then 714e6df137Slukem echo "ldapadd failed ($RC)!" 724e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 734e6df137Slukem exit $RC 744e6df137Slukemfi 754e6df137Slukem 764e6df137Slukemecho "Starting consumer slapd on TCP/IP port $PORT4..." 77*e670fd5cSchristos. $CONFFILTER $BACKEND < $P1SRCONSUMERCONF > $CONF4 78*e670fd5cSchristos$SLAPD -f $CONF4 -h $URI4 -d $LVL > $LOG4 2>&1 & 79*e670fd5cSchristosCONSUMERPID=$! 804e6df137Slukemif test $WAIT != 0 ; then 81*e670fd5cSchristos echo CONSUMERPID $CONSUMERPID 824e6df137Slukem read foo 834e6df137Slukemfi 84*e670fd5cSchristosKILLPIDS="$KILLPIDS $CONSUMERPID" 854e6df137Slukem 864e6df137Slukemsleep 1 874e6df137Slukem 884e6df137Slukemecho "Using ldapsearch to check that consumer slapd is running..." 894e6df137Slukemfor i in 0 1 2 3 4 5; do 90*e670fd5cSchristos $LDAPSEARCH -s base -b "$MONITOR" -H $URI4 \ 914e6df137Slukem 'objectclass=*' > /dev/null 2>&1 924e6df137Slukem RC=$? 934e6df137Slukem if test $RC = 0 ; then 944e6df137Slukem break 954e6df137Slukem fi 964e6df137Slukem echo "Waiting 5 seconds for slapd to start..." 974e6df137Slukem sleep 5 984e6df137Slukemdone 994e6df137Slukem 1004e6df137Slukemif test $RC != 0 ; then 1014e6df137Slukem echo "ldapsearch failed ($RC)!" 1024e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1034e6df137Slukem exit $RC 1044e6df137Slukemfi 1054e6df137Slukem 1064e6df137SlukemMORELDIF=$TESTDIR/more.ldif 1074e6df137SlukemTESTOUT1=$TESTDIR/testout1.out 1084e6df137SlukemTESTOUT2=$TESTDIR/testout2.out 1094e6df137Slukemsed -e 's/[Oo][Uu]=/ou=More /g' -e 's/^[Oo][Uu]: /ou: More /' \ 1104e6df137Slukem -e 's/cn=Manager/cn=More Manager/g' \ 1114e6df137Slukem -e 's/^cn: Manager/cn: More Manager/' \ 1124e6df137Slukem $LDIFORDEREDNOCP > $MORELDIF 1134e6df137Slukem 114d11b170bStronecho "Using ldapadd to populate the provider directory..." 115*e670fd5cSchristos$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \ 1164e6df137Slukem $LDIFORDEREDNOCP > $TESTOUT1 2>&1 & 1174e6df137SlukemC1PID=$! 118*e670fd5cSchristos$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \ 1194e6df137Slukem $MORELDIF > $TESTOUT2 2>&1 & 1204e6df137SlukemC2PID=$! 1214e6df137Slukemwait $C1PID $C2PID 1224e6df137Slukem 1234e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 1244e6df137Slukemsleep $SLEEP1 1254e6df137Slukem 1264e6df137Slukemecho "Stopping the provider, sleeping 10 seconds and restarting it..." 1274e6df137Slukemkill -HUP "$PID" 1284e6df137Slukemwait $PID 1294e6df137Slukemsleep 10 1304e6df137Slukemecho "RESTART" >> $LOG1 131*e670fd5cSchristos$SLAPD -f $CONF1 -h $URI1 -d $LVL >> $LOG1 2>&1 & 1324e6df137SlukemPID=$! 1334e6df137Slukemif test $WAIT != 0 ; then 1344e6df137Slukem echo PID $PID 1354e6df137Slukem read foo 1364e6df137Slukemfi 137*e670fd5cSchristosKILLPIDS="$PID $CONSUMERPID" 1384e6df137Slukem 1394e6df137Slukemsleep 1 1404e6df137Slukem 141d11b170bStronecho "Using ldapsearch to check that provider slapd is running..." 1424e6df137Slukemfor i in 0 1 2 3 4 5; do 143*e670fd5cSchristos $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 1444e6df137Slukem 'objectclass=*' > /dev/null 2>&1 1454e6df137Slukem RC=$? 1464e6df137Slukem if test $RC = 0 ; then 1474e6df137Slukem break 1484e6df137Slukem fi 1494e6df137Slukem echo "Waiting 5 seconds for slapd to start..." 1504e6df137Slukem sleep 5 1514e6df137Slukemdone 1524e6df137Slukem 1534e6df137Slukemif test $RC != 0 ; then 1544e6df137Slukem echo "ldapsearch failed ($RC)!" 1554e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1564e6df137Slukem exit $RC 1574e6df137Slukemfi 1584e6df137Slukem 1594e6df137Slukemecho "Waiting 10 seconds to let the system catch up" 1604e6df137Slukemsleep 10 1614e6df137Slukem 162d11b170bStronecho "Using ldapmodify to modify provider directory..." 1634e6df137Slukem 1644e6df137Slukem# 1654e6df137Slukem# Do some modifications 1664e6df137Slukem# 1674e6df137Slukem 168*e670fd5cSchristos$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \ 1694e6df137Slukem $TESTOUT 2>&1 << EOMODS 1704e6df137Slukemdn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com 1714e6df137Slukemchangetype: modify 1724e6df137Slukemadd: drink 1734e6df137Slukemdrink: Orange Juice 1744e6df137Slukem- 1754e6df137Slukemdelete: sn 1764e6df137Slukemsn: Jones 1774e6df137Slukem- 1784e6df137Slukemadd: sn 1794e6df137Slukemsn: Jones 1804e6df137Slukem 1814e6df137Slukemdn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 1824e6df137Slukemchangetype: modify 1834e6df137Slukemreplace: drink 1844e6df137Slukemdrink: Iced Tea 1854e6df137Slukem 1864e6df137Slukemdn: cn=ITD Staff,ou=Groups,dc=example,dc=com 1874e6df137Slukemchangetype: modify 1884e6df137Slukemdelete: uniquemember 1894e6df137Slukemuniquemember: cn=James A Jones 2, ou=Information Technology Division, ou=People, dc=example,dc=com 1904e6df137Slukemuniquemember: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 1914e6df137Slukem- 1924e6df137Slukemadd: uniquemember 1934e6df137Slukemuniquemember: cn=Dorothy Stevens, ou=Alumni Association, ou=People, dc=example,dc=com 1944e6df137Slukemuniquemember: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com 1954e6df137Slukem 1964e6df137Slukemdn: cn=All Staff,ou=Groups,dc=example,dc=com 1974e6df137Slukemchangetype: modify 1984e6df137Slukemdelete: description 1994e6df137Slukem 2004e6df137Slukemdn: cn=Gern Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 2014e6df137Slukemchangetype: add 2024e6df137Slukemobjectclass: OpenLDAPperson 2034e6df137Slukemcn: Gern Jensen 2044e6df137Slukemsn: Jensen 2054e6df137Slukemuid: gjensen 2064e6df137Slukemtitle: Chief Investigator, ITD 2074e6df137Slukempostaladdress: ITD $ 535 W. William St $ Ann Arbor, MI 48103 2084e6df137Slukemseealso: cn=All Staff, ou=Groups, dc=example,dc=com 2094e6df137Slukemdrink: Coffee 2104e6df137Slukemhomepostaladdress: 844 Brown St. Apt. 4 $ Ann Arbor, MI 48104 2114e6df137Slukemdescription: Very odd 2124e6df137Slukemfacsimiletelephonenumber: +1 313 555 7557 2134e6df137Slukemtelephonenumber: +1 313 555 8343 2144e6df137Slukemmail: gjensen@mailgw.example.com 2154e6df137Slukemhomephone: +1 313 555 8844 2164e6df137Slukem 2174e6df137Slukemdn: ou=Retired, ou=People, dc=example,dc=com 2184e6df137Slukemchangetype: add 2194e6df137Slukemobjectclass: organizationalUnit 2204e6df137Slukemou: Retired 2214e6df137Slukem 2224e6df137Slukemdn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, dc=example,dc=com 2234e6df137Slukemchangetype: add 2244e6df137Slukemobjectclass: OpenLDAPperson 2254e6df137Slukemcn: Rosco P. Coltrane 2264e6df137Slukemsn: Coltrane 2274e6df137Slukemuid: rosco 2284e6df137Slukemdescription: Fat tycoon 2294e6df137Slukem 2304e6df137Slukemdn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, dc=example,dc=com 2314e6df137Slukemchangetype: modrdn 2324e6df137Slukemnewrdn: cn=Rosco P. Coltrane 2334e6df137Slukemdeleteoldrdn: 1 2344e6df137Slukemnewsuperior: ou=Retired, ou=People, dc=example,dc=com 2354e6df137Slukem 2364e6df137Slukemdn: cn=James A Jones 2, ou=Information Technology Division, ou=People, dc=example,dc=com 2374e6df137Slukemchangetype: delete 2384e6df137Slukem 2394e6df137SlukemEOMODS 2404e6df137Slukem 2414e6df137SlukemRC=$? 2424e6df137Slukemif test $RC != 0 ; then 2434e6df137Slukem echo "ldapmodify failed ($RC)!" 2444e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2454e6df137Slukem exit $RC 2464e6df137Slukemfi 2474e6df137Slukem 2484e6df137Slukemecho "Using ldappasswd to change some passwords..." 249*e670fd5cSchristos$LDAPPASSWD -D "$MANAGERDN" -H $URI1 -w $PASSWD \ 2504e6df137Slukem 'cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com' \ 2514e6df137Slukem > $TESTOUT 2>&1 2524e6df137SlukemRC=$? 2534e6df137Slukemif test $RC != 0 ; then 2544e6df137Slukem echo "ldapmodify failed ($RC)!" 2554e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2564e6df137Slukem exit $RC 2574e6df137Slukemfi 2584e6df137Slukem 2594e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 2604e6df137Slukemsleep $SLEEP1 2614e6df137Slukem 2624e6df137Slukemecho "Stopping consumer to test recovery..." 263*e670fd5cSchristoskill -HUP $CONSUMERPID 264*e670fd5cSchristoswait $CONSUMERPID 2654e6df137Slukem 266d11b170bStronecho "Modifying more entries on the provider..." 267*e670fd5cSchristos$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD >> \ 2684e6df137Slukem $TESTOUT 2>&1 << EOMODS 2694e6df137Slukemdn: cn=Rosco P. Coltrane, ou=Retired, ou=People, dc=example,dc=com 2704e6df137Slukemchangetype: delete 2714e6df137Slukem 2724e6df137Slukemdn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com 2734e6df137Slukemchangetype: modify 2744e6df137Slukemadd: drink 2754e6df137Slukemdrink: Mad Dog 20/20 2764e6df137Slukem 2774e6df137Slukemdn: cn=Rosco P. Coltrane, ou=Retired, ou=People, dc=example,dc=com 2784e6df137Slukemchangetype: add 2794e6df137Slukemobjectclass: OpenLDAPperson 2804e6df137Slukemsn: Coltrane 2814e6df137Slukemuid: rosco 2824e6df137Slukemcn: Rosco P. Coltrane 2834e6df137Slukem 2844e6df137SlukemEOMODS 2854e6df137Slukem 2864e6df137Slukemecho "Restarting consumer..." 2874e6df137Slukemecho "RESTART" >> $LOG4 288*e670fd5cSchristos$SLAPD -f $CONF4 -h $URI4 -d $LVL >> $LOG4 2>&1 & 289*e670fd5cSchristosCONSUMERPID=$! 2904e6df137Slukemif test $WAIT != 0 ; then 291*e670fd5cSchristos echo CONSUMERPID $CONSUMERPID 2924e6df137Slukem read foo 2934e6df137Slukemfi 294*e670fd5cSchristosKILLPIDS="$PID $CONSUMERPID" 2954e6df137Slukem 2964e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 2974e6df137Slukemsleep $SLEEP1 2984e6df137Slukem 2994e6df137Slukemif test ! $BACKLDAP = "ldapno" ; then 3004e6df137Slukem echo "Try updating the consumer slapd..." 301*e670fd5cSchristos $LDAPMODIFY -v -D "$MANAGERDN" -H $URI4 -w $PASSWD > \ 3024e6df137Slukem $TESTOUT 2>&1 << EOMODS 3034e6df137Slukemdn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example, dc=com 3044e6df137Slukemchangetype: modify 3054e6df137Slukemadd: description 3064e6df137Slukemdescription: This write must fail because directed to a shadow context, 3074e6df137Slukemdescription: unless the chain overlay is configured appropriately ;) 3084e6df137Slukem 3094e6df137SlukemEOMODS 3104e6df137Slukem 3114e6df137Slukem RC=$? 3124e6df137Slukem if test $RC != 0 ; then 3134e6df137Slukem echo "ldapmodify failed ($RC)!" 3144e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3154e6df137Slukem exit $RC 3164e6df137Slukem fi 3174e6df137Slukem 3184e6df137Slukem # ITS#4964 3194e6df137Slukem echo "Trying to change some passwords on the consumer..." 320*e670fd5cSchristos $LDAPPASSWD -D "$MANAGERDN" -H $URI4 -w $PASSWD \ 3214e6df137Slukem 'cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com' \ 3224e6df137Slukem > $TESTOUT 2>&1 3234e6df137Slukem RC=$? 3244e6df137Slukem if test $RC != 0 ; then 3254e6df137Slukem echo "ldapmodify failed ($RC)!" 3264e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3274e6df137Slukem exit $RC 3284e6df137Slukem fi 3294e6df137Slukem 3304e6df137Slukem echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 3314e6df137Slukem sleep $SLEEP1 3324e6df137Slukemfi 3334e6df137Slukem 3344e6df137SlukemOPATTRS="entryUUID creatorsName createTimestamp modifiersName modifyTimestamp" 3354e6df137Slukem 336d11b170bStronecho "Using ldapsearch to read all the entries from the provider..." 337*e670fd5cSchristos$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \ 338*e670fd5cSchristos '(objectclass=*)' '*' $OPATTRS > $PROVIDEROUT 2>&1 3394e6df137SlukemRC=$? 3404e6df137Slukem 3414e6df137Slukemif test $RC != 0 ; then 342d11b170bStron echo "ldapsearch failed at provider ($RC)!" 3434e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3444e6df137Slukem exit $RC 3454e6df137Slukemfi 3464e6df137Slukem 3474e6df137Slukemecho "Using ldapsearch to read all the entries from the consumer..." 348*e670fd5cSchristos$LDAPSEARCH -S "" -b "$BASEDN" -H $URI4 \ 349*e670fd5cSchristos '(objectclass=*)' '*' $OPATTRS > $CONSUMEROUT 2>&1 3504e6df137SlukemRC=$? 3514e6df137Slukem 3524e6df137Slukemif test $RC != 0 ; then 3534e6df137Slukem echo "ldapsearch failed at consumer ($RC)!" 3544e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3554e6df137Slukem exit $RC 3564e6df137Slukemfi 3574e6df137Slukem 3584e6df137Slukemtest $KILLSERVERS != no && kill -HUP $KILLPIDS 3594e6df137Slukem 360d11b170bStronecho "Filtering provider results..." 361*e670fd5cSchristos$LDIFFILTER < $PROVIDEROUT > $PROVIDERFLT 3624e6df137Slukemecho "Filtering consumer results..." 363*e670fd5cSchristos$LDIFFILTER < $CONSUMEROUT > $CONSUMERFLT 3644e6df137Slukem 365d11b170bStronecho "Comparing retrieved entries from provider and consumer..." 366*e670fd5cSchristos$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT 3674e6df137Slukem 3684e6df137Slukemif test $? != 0 ; then 369d11b170bStron echo "test failed - provider and consumer databases differ" 3704e6df137Slukem exit 1 3714e6df137Slukemfi 3724e6df137Slukem 3734e6df137Slukemecho ">>>>> Test succeeded" 3744e6df137Slukem 3754e6df137Slukemtest $KILLSERVERS != no && wait 3764e6df137Slukem 3774e6df137Slukemexit 0 378