1#! /bin/sh 2## This work is part of OpenLDAP Software <http://www.openldap.org/>. 3## 4## Copyright 1998-2009 The OpenLDAP Foundation. 5## All rights reserved. 6## 7## Redistribution and use in source and binary forms, with or without 8## modification, are permitted only as authorized by the OpenLDAP 9## Public License. 10## 11## A copy of this license is available in the file LICENSE in the 12## top-level directory of the distribution or, alternatively, at 13## <http://www.OpenLDAP.org/license.html>. 14 15echo "running defines.sh" 16. $SRCDIR/scripts/defines.sh 17 18if test $DYNLIST = "dynlistno" ; then 19 echo "dynlist overlay not available, test skipped" 20 exit 0 21fi 22 23mkdir -p $TESTDIR $DBDIR1 24 25$SLAPPASSWD -g -n >$CONFIGPWF 26echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf 27 28echo "Running slapadd to build slapd database..." 29. $CONFFILTER $BACKEND $MONITORDB < $MCONF > $ADDCONF 30$SLAPADD -f $ADDCONF -l $LDIFORDERED 31RC=$? 32if test $RC != 0 ; then 33 echo "slapadd failed ($RC)!" 34 exit $RC 35fi 36 37. $CONFFILTER $BACKEND $MONITORDB < $DYNLISTCONF > $CONF1 38 39echo "Starting slapd on TCP/IP port $PORT1..." 40$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 & 41PID=$! 42if test $WAIT != 0 ; then 43 echo PID $PID 44 read foo 45fi 46KILLPIDS="$PID" 47 48sleep 1 49 50echo "Testing slapd searching..." 51for i in 0 1 2 3 4 5; do 52 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \ 53 '(objectclass=*)' > /dev/null 2>&1 54 RC=$? 55 if test $RC = 0 ; then 56 break 57 fi 58 echo "Waiting 5 seconds for slapd to start..." 59 sleep 5 60done 61 62if test $RC != 0 ; then 63 echo "ldapsearch failed ($RC)!" 64 test $KILLSERVERS != no && kill -HUP $KILLPIDS 65 exit $RC 66fi 67 68cat /dev/null > $SEARCHOUT 69 70LISTDN="ou=Dynamic Lists,$BASEDN" 71echo "Adding a dynamic list..." 72$LDAPADD -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 73 > $TESTOUT 2>&1 << EOMODS 74dn: $LISTDN 75objectClass: organizationalUnit 76ou: Dynamic Lists 77 78dn: cn=Dynamic List,$LISTDN 79objectClass: groupOfURLs 80cn: Dynamic List 81memberURL: ldap:///ou=People,${BASEDN}?cn,mail?sub?(objectClass=person) 82EOMODS 83 84echo "Testing list search of all attrs..." 85echo "# Testing list search of all attrs..." >> $SEARCHOUT 86$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 87 '(cn=Dynamic List)' '*' \ 88 >> $SEARCHOUT 2>&1 89RC=$? 90if test $RC != 0 ; then 91 echo "ldapsearch failed ($RC)!" 92 test $KILLSERVERS != no && kill -HUP $KILLPIDS 93 exit $RC 94fi 95 96echo "Testing list search of a listed attr..." 97echo "# Testing list search of a listed attr..." >> $SEARCHOUT 98$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 99 '(cn=Dynamic List)' mail \ 100 >> $SEARCHOUT 2>&1 101RC=$? 102if test $RC != 0 ; then 103 echo "ldapsearch failed ($RC)!" 104 test $KILLSERVERS != no && kill -HUP $KILLPIDS 105 exit $RC 106fi 107 108echo "Testing list search of a non-listed attr..." 109echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT 110$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 111 '(cn=Dynamic List)' objectClass \ 112 >> $SEARCHOUT 2>&1 113RC=$? 114if test $RC != 0 ; then 115 echo "ldapsearch failed ($RC)!" 116 test $KILLSERVERS != no && kill -HUP $KILLPIDS 117 exit $RC 118fi 119 120echo "Testing list search with (critical) manageDSAit..." 121echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT 122$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 -MM \ 123 '(cn=Dynamic List)' '*' \ 124 >> $SEARCHOUT 2>&1 125RC=$? 126if test $RC != 0 ; then 127 echo "ldapsearch failed ($RC)!" 128 test $KILLSERVERS != no && kill -HUP $KILLPIDS 129 exit $RC 130fi 131 132echo "Testing list compare..." 133echo "# Testing list compare..." >> $SEARCHOUT 134$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \ 135 "cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \ 136 >> $SEARCHOUT 2>&1 137RC=$? 138case $RC in 1395) 140 echo "ldapcompare returned FALSE ($RC)!" 141 test $KILLSERVERS != no && kill -HUP $KILLPIDS 142 exit $RC 143 ;; 1446) 145 echo "ldapcompare returned TRUE ($RC)" 146 ;; 1470) 148 echo "ldapcompare returned success ($RC)!" 149 test $KILLSERVERS != no && kill -HUP $KILLPIDS 150 exit -1 151 ;; 152*) 153 echo "ldapcompare failed ($RC)!" 154 test $KILLSERVERS != no && kill -HUP $KILLPIDS 155 exit $RC 156 ;; 157esac 158echo "" >> $SEARCHOUT 159 160echo "Testing list compare (should return FALSE)..." 161echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT 162$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \ 163 "cn=Dynamic List,$LISTDN" "cn:FALSE" \ 164 >> $SEARCHOUT 2>&1 165RC=$? 166case $RC in 1675) 168 echo "ldapcompare returned FALSE ($RC)" 169 ;; 1706) 171 echo "ldapcompare returned TRUE ($RC)!" 172 test $KILLSERVERS != no && kill -HUP $KILLPIDS 173 exit $RC 174 ;; 1750) 176 echo "ldapcompare returned success ($RC)!" 177 test $KILLSERVERS != no && kill -HUP $KILLPIDS 178 exit -1 179 ;; 180*) 181 echo "ldapcompare failed ($RC)!" 182 test $KILLSERVERS != no && kill -HUP $KILLPIDS 183 exit $RC 184 ;; 185esac 186echo "" >> $SEARCHOUT 187 188echo "Testing list compare (should return UNDEFINED)..." 189echo "# Testing list compare (should return UNDEFINED)..." >> $SEARCHOUT 190$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \ 191 "cn=Dynamic List,$LISTDN" "dc:UNDEFINED" \ 192 >> $SEARCHOUT 2>&1 193RC=$? 194case $RC in 1955) 196 echo "ldapcompare returned FALSE ($RC)!" 197 test $KILLSERVERS != no && kill -HUP $KILLPIDS 198 exit $RC 199 ;; 2006) 201 echo "ldapcompare returned TRUE ($RC)!" 202 test $KILLSERVERS != no && kill -HUP $KILLPIDS 203 exit $RC 204 ;; 20516|32) 206 echo "ldapcompare returned UNDEFINED ($RC)" 207 ;; 2080) 209 echo "ldapcompare returned success ($RC)!" 210 test $KILLSERVERS != no && kill -HUP $KILLPIDS 211 exit -1 212 ;; 213*) 214 echo "ldapcompare failed ($RC)" 215 ;; 216esac 217echo "" >> $SEARCHOUT 218 219echo "Testing list compare with manageDSAit..." 220echo "# Testing list compare with manageDSAit..." >> $SEARCHOUT 221$LDAPCOMPARE -h $LOCALHOST -p $PORT1 -MM \ 222 "cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \ 223 >> $SEARCHOUT 2>&1 224RC=$? 225case $RC in 2265) 227 echo "ldapcompare returned FALSE ($RC)" 228 ;; 2296) 230 echo "ldapcompare returned TRUE ($RC)!" 231 test $KILLSERVERS != no && kill -HUP $KILLPIDS 232 exit $RC 233 ;; 2340) 235 echo "ldapcompare returned success ($RC)!" 236 test $KILLSERVERS != no && kill -HUP $KILLPIDS 237 exit -1 238 ;; 239*) 240 echo "ldapcompare failed ($RC)!" 241 test $KILLSERVERS != no && kill -HUP $KILLPIDS 242 exit $RC 243 ;; 244esac 245echo "" >> $SEARCHOUT 246 247echo "Reconfiguring slapd..." 248$LDAPMODIFY -x -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF > \ 249 $TESTOUT 2>&1 << EOMODS 250version: 1 251dn: olcOverlay={0}dynlist,olcDatabase={2}$BACKEND,cn=config 252changetype: modify 253delete: olcDLattrSet 254olcDLattrSet: {0} 255- 256add: olcDLattrSet 257olcDLattrSet: groupOfURLs memberURL sn:cn mail 258- 259EOMODS 260 261echo "==========================================================" >> $LOG1 262 263echo "Testing attribute mapping" 264 265echo "Testing list search of all (mapped) attrs..." 266echo "# Testing list search of all (mapped) attrs..." >> $SEARCHOUT 267$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 268 '(cn=Dynamic List)' '*' \ 269 >> $SEARCHOUT 2>&1 270RC=$? 271if test $RC != 0 ; then 272 echo "ldapsearch failed ($RC)!" 273 test $KILLSERVERS != no && kill -HUP $KILLPIDS 274 exit $RC 275fi 276 277echo "Testing list search of a (mapped) listed attr..." 278echo "# Testing list search of a (mapped) listed attr..." >> $SEARCHOUT 279$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 280 '(cn=Dynamic List)' sn \ 281 >> $SEARCHOUT 2>&1 282RC=$? 283if test $RC != 0 ; then 284 echo "ldapsearch failed ($RC)!" 285 test $KILLSERVERS != no && kill -HUP $KILLPIDS 286 exit $RC 287fi 288 289echo "Testing list search of a (n unmapped) listed attr..." 290echo "# Testing list search of a (n unmapped) listed attr..." >> $SEARCHOUT 291$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 292 '(cn=Dynamic List)' mail \ 293 >> $SEARCHOUT 2>&1 294RC=$? 295if test $RC != 0 ; then 296 echo "ldapsearch failed ($RC)!" 297 test $KILLSERVERS != no && kill -HUP $KILLPIDS 298 exit $RC 299fi 300 301echo "Testing list compare (mapped attrs) ..." 302echo "# Testing list compare (mapped attrs) ..." >> $SEARCHOUT 303$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \ 304 "cn=Dynamic List,$LISTDN" "sn:Bjorn Jensen" \ 305 >> $SEARCHOUT 2>&1 306RC=$? 307case $RC in 3085) 309 echo "ldapcompare returned FALSE ($RC)!" 310 test $KILLSERVERS != no && kill -HUP $KILLPIDS 311 exit $RC 312 ;; 3136) 314 echo "ldapcompare returned TRUE ($RC)" 315 ;; 3160) 317 echo "ldapcompare returned success ($RC)!" 318 test $KILLSERVERS != no && kill -HUP $KILLPIDS 319 exit -1 320 ;; 321*) 322 echo "ldapcompare failed ($RC)!" 323 test $KILLSERVERS != no && kill -HUP $KILLPIDS 324 exit $RC 325 ;; 326esac 327echo "" >> $SEARCHOUT 328 329echo "Testing list compare (mapped attrs; should return FALSE)..." 330echo "# Testing list compare (mapped attrs; should return FALSE)..." >> $SEARCHOUT 331$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \ 332 "cn=Dynamic List,$LISTDN" "sn:FALSE" \ 333 >> $SEARCHOUT 2>&1 334RC=$? 335case $RC in 3365) 337 echo "ldapcompare returned FALSE ($RC)" 338 ;; 3396) 340 echo "ldapcompare returned TRUE ($RC)!" 341 test $KILLSERVERS != no && kill -HUP $KILLPIDS 342 exit $RC 343 ;; 3440) 345 echo "ldapcompare returned success ($RC)!" 346 test $KILLSERVERS != no && kill -HUP $KILLPIDS 347 exit -1 348 ;; 349*) 350 echo "ldapcompare failed ($RC)!" 351 test $KILLSERVERS != no && kill -HUP $KILLPIDS 352 exit $RC 353 ;; 354esac 355echo "" >> $SEARCHOUT 356 357echo "Reconfiguring slapd..." 358$LDAPMODIFY -x -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF > \ 359 $TESTOUT 2>&1 << EOMODS 360version: 1 361dn: olcOverlay={0}dynlist,olcDatabase={2}$BACKEND,cn=config 362changetype: modify 363delete: olcDLattrSet 364olcDLattrSet: {0} 365- 366add: olcDLattrSet 367olcDLattrSet: groupOfURLs memberURL member 368- 369EOMODS 370 371echo "==========================================================" >> $LOG1 372 373echo "Adding a dynamic list..." 374$LDAPADD -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 375 > $TESTOUT 2>&1 << EOMODS 376dn: cn=Dynamic List of Members,$LISTDN 377objectClass: groupOfURLs 378cn: Dynamic List of Members 379memberURL: ldap:///ou=People,${BASEDN}??sub?(objectClass=person) 380EOMODS 381 382echo "Testing list search of all attrs..." 383echo "# Testing list search of all attrs..." >> $SEARCHOUT 384$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 385 '(cn=Dynamic List of Members)' '*' \ 386 >> $SEARCHOUT 2>&1 387RC=$? 388if test $RC != 0 ; then 389 echo "ldapsearch failed ($RC)!" 390 test $KILLSERVERS != no && kill -HUP $KILLPIDS 391 exit $RC 392fi 393 394echo "Testing list search of a listed attr..." 395echo "# Testing list search of a listed attr..." >> $SEARCHOUT 396$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 397 '(cn=Dynamic List of Members)' member \ 398 >> $SEARCHOUT 2>&1 399RC=$? 400if test $RC != 0 ; then 401 echo "ldapsearch failed ($RC)!" 402 test $KILLSERVERS != no && kill -HUP $KILLPIDS 403 exit $RC 404fi 405 406echo "Testing list search of a non-listed attr..." 407echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT 408$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 409 '(cn=Dynamic List of Members)' objectClass \ 410 >> $SEARCHOUT 2>&1 411RC=$? 412if test $RC != 0 ; then 413 echo "ldapsearch failed ($RC)!" 414 test $KILLSERVERS != no && kill -HUP $KILLPIDS 415 exit $RC 416fi 417 418echo "Testing list search with (critical) manageDSAit..." 419echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT 420$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 -MM \ 421 '(&(cn=Dynamic List of Members)(objectClass=groupOfURLs))' '*' \ 422 >> $SEARCHOUT 2>&1 423RC=$? 424if test $RC != 0 ; then 425 echo "ldapsearch failed ($RC)!" 426 test $KILLSERVERS != no && kill -HUP $KILLPIDS 427 exit $RC 428fi 429 430CMPDN="$BJORNSDN" 431echo "Testing list compare..." 432echo "# Testing list compare..." >> $SEARCHOUT 433$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \ 434 "cn=Dynamic List of Members,$LISTDN" "member:$CMPDN" \ 435 >> $SEARCHOUT 2>&1 436RC=$? 437case $RC in 4385) 439 echo "ldapcompare returned FALSE ($RC)!" 440 test $KILLSERVERS != no && kill -HUP $KILLPIDS 441 exit $RC 442 ;; 4436) 444 echo "ldapcompare returned TRUE ($RC)" 445 ;; 4460) 447 echo "ldapcompare returned success ($RC)!" 448 test $KILLSERVERS != no && kill -HUP $KILLPIDS 449 exit -1 450 ;; 451*) 452 echo "ldapcompare failed ($RC)!" 453 test $KILLSERVERS != no && kill -HUP $KILLPIDS 454 exit $RC 455 ;; 456esac 457echo "" >> $SEARCHOUT 458 459echo "Testing list compare (should return FALSE)..." 460echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT 461$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \ 462 "cn=Dynamic List of Members,$LISTDN" "member:cn=Foo Bar" \ 463 >> $SEARCHOUT 2>&1 464RC=$? 465case $RC in 4665) 467 echo "ldapcompare returned FALSE ($RC)" 468 ;; 4696) 470 echo "ldapcompare returned TRUE ($RC)!" 471 test $KILLSERVERS != no && kill -HUP $KILLPIDS 472 exit $RC 473 ;; 4740) 475 echo "ldapcompare returned success ($RC)!" 476 test $KILLSERVERS != no && kill -HUP $KILLPIDS 477 exit -1 478 ;; 479*) 480 echo "ldapcompare failed ($RC)!" 481 test $KILLSERVERS != no && kill -HUP $KILLPIDS 482 exit $RC 483 ;; 484esac 485echo "" >> $SEARCHOUT 486 487echo "Testing list compare with manageDSAit..." 488echo "# Testing list compare with manageDSAit..." >> $SEARCHOUT 489$LDAPCOMPARE -h $LOCALHOST -p $PORT1 -MM \ 490 "cn=Dynamic List,$LISTDN" "member:$CMPDN" \ 491 >> $SEARCHOUT 2>&1 492RC=$? 493case $RC in 4945) 495 echo "ldapcompare returned FALSE ($RC)" 496 ;; 4976) 498 echo "ldapcompare returned TRUE ($RC)!" 499 test $KILLSERVERS != no && kill -HUP $KILLPIDS 500 exit $RC 501 ;; 5020) 503 echo "ldapcompare returned success ($RC)!" 504 test $KILLSERVERS != no && kill -HUP $KILLPIDS 505 exit -1 506 ;; 507*) 508 echo "ldapcompare failed ($RC)!" 509 test $KILLSERVERS != no && kill -HUP $KILLPIDS 510 exit $RC 511 ;; 512esac 513echo "" >> $SEARCHOUT 514 515echo "==========================================================" >> $LOG1 516 517echo "Testing dgIdentity..." 518 519# Set ACL, require authentication to get list contents 520$LDAPMODIFY -x -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF > \ 521 $TESTOUT 2>&1 << EOMODS 522version: 1 523dn: olcDatabase={2}$BACKEND,cn=config 524changetype: modify 525add: olcAccess 526olcAccess: to dn.base="cn=Dynamic List of Members,$LISTDN" by * read 527olcAccess: to * by users read by * search 528EOMODS 529 530echo "Testing list search without dgIdentity..." 531echo "# Testing list search without dgIdentity..." >> $SEARCHOUT 532$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 533 '(cn=Dynamic List of Members)' '*' \ 534 >> $SEARCHOUT 2>&1 535RC=$? 536if test $RC != 0 ; then 537 echo "ldapsearch failed ($RC)!" 538 test $KILLSERVERS != no && kill -HUP $KILLPIDS 539 exit $RC 540fi 541 542$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 543 > $TESTOUT 2>&1 << EOMODS 544dn: cn=Dynamic List of Members,$LISTDN 545changetype: modify 546add: objectClass 547objectClass: dgIdentityAux 548- 549add: dgIdentity 550dgIdentity: $CMPDN 551EOMODS 552 553echo "Testing list search with dgIdentity..." 554echo "# Testing list search with dgIdentity..." >> $SEARCHOUT 555$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 556 '(cn=Dynamic List of Members)' '*' \ 557 >> $SEARCHOUT 2>&1 558RC=$? 559if test $RC != 0 ; then 560 echo "ldapsearch failed ($RC)!" 561 test $KILLSERVERS != no && kill -HUP $KILLPIDS 562 exit $RC 563fi 564 565echo "Testing dgAuthz..." 566 567CMPDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN" 568$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \ 569 > $TESTOUT 2>&1 << EOMODS 570dn: cn=Dynamic List of Members,$LISTDN 571changetype: modify 572add: dgAuthz 573dgAuthz: dn:$BABSDN 574EOMODS 575 576echo "Testing list search with dgIdentity and dgAuthz anonymously..." 577echo "# Testing list search with dgIdentity and dgAuthz anonymously..." >> $SEARCHOUT 578$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 579 '(cn=Dynamic List of Members)' '*' \ 580 >> $SEARCHOUT 2>&1 581RC=$? 582if test $RC != 0 ; then 583 echo "ldapsearch failed ($RC)!" 584 test $KILLSERVERS != no && kill -HUP $KILLPIDS 585 exit $RC 586fi 587 588echo "Testing list search with dgIdentity and dgAuthz as the authorized identity..." 589echo "# Testing list search with dgIdentity and dgAuthz as the authorized identity..." >> $SEARCHOUT 590$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \ 591 -D "$BABSDN" -w bjensen \ 592 '(cn=Dynamic List of Members)' '*' \ 593 >> $SEARCHOUT 2>&1 594RC=$? 595if test $RC != 0 ; then 596 echo "ldapsearch failed ($RC)!" 597 test $KILLSERVERS != no && kill -HUP $KILLPIDS 598 exit $RC 599fi 600 601test $KILLSERVERS != no && kill -HUP $KILLPIDS 602 603LDIF=$DYNLISTOUT 604 605echo "Filtering ldapsearch results..." 606. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT 607echo "Filtering original ldif used to create database..." 608. $LDIFFILTER < $LDIF > $LDIFFLT 609echo "Comparing filter output..." 610$CMP $SEARCHFLT $LDIFFLT > $CMPOUT 611 612if test $? != 0 ; then 613 echo "Comparison failed" 614 exit 1 615fi 616 617echo ">>>>> Test succeeded" 618 619test $KILLSERVERS != no && wait 620 621exit 0 622