xref: /netbsd-src/external/bsd/openldap/dist/tests/scripts/test045-syncreplication-proxied (revision e670fd5c413e99c2f6a37901bb21c537fcd322d2) 
1#! /bin/sh
2# $OpenLDAP$
3## This work is part of OpenLDAP Software <http://www.openldap.org/>.
4##
5## Copyright 1998-2021 The OpenLDAP Foundation.
6## All rights reserved.
7##
8## Redistribution and use in source and binary forms, with or without
9## modification, are permitted only as authorized by the OpenLDAP
10## Public License.
11##
12## A copy of this license is available in the file LICENSE in the
13## top-level directory of the distribution or, alternatively, at
14## <http://www.OpenLDAP.org/license.html>.
15
16
17# test now handles known issues
18#if test x"$PROXYSYNC" = x ; then
19#	echo "Test disabled; set PROXYSYNC=yes to enable"
20#	exit 0
21#fi
22
23echo "running defines.sh"
24. $SRCDIR/scripts/defines.sh
25
26if test $BACKLDAP = ldapno; then
27	echo "LDAP backend not available, test skipped"
28	exit 0
29fi
30
31if test $SYNCPROV = syncprovno; then
32	echo "Syncrepl provider overlay not available, test skipped"
33	exit 0
34fi
35
36mkdir -p $TESTDIR $DBDIR1 $DBDIR2
37
38#
39# Test replication:
40# - start provider
41# - start consumer
42# - populate over ldap
43# - perform some modifies and deleted
44# - attempt to modify the consumer (referral or chain)
45# - retrieve database over ldap and compare against expected results
46#
47
48echo "Starting provider slapd on TCP/IP port $PORT1..."
49. $CONFFILTER $BACKEND < $SRPROVIDERCONF > $CONF1
50$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 &
51PROVIDERPID=$!
52if test $WAIT != 0 ; then
53    echo PROVIDERPID $PROVIDERPID
54    read foo
55fi
56KILLPIDS="$PROVIDERPID"
57
58sleep 1
59
60echo "Using ldapsearch to check that provider slapd is running..."
61for i in 0 1 2 3 4 5; do
62	$LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
63		'(objectClass=*)' > /dev/null 2>&1
64	RC=$?
65	if test $RC = 0 ; then
66		break
67	fi
68	echo "Waiting 5 seconds for slapd to start..."
69	sleep 5
70done
71
72if test $RC != 0 ; then
73	echo "ldapsearch failed ($RC)!"
74	test $KILLSERVERS != no && kill -HUP $KILLPIDS
75	exit $RC
76fi
77
78echo "Using ldapadd to create the context prefix entry in the provider..."
79$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \
80	$LDIFORDEREDCP > /dev/null 2>&1
81RC=$?
82if test $RC != 0 ; then
83	echo "ldapadd failed ($RC)!"
84	test $KILLSERVERS != no && kill -HUP $KILLPIDS
85	exit $RC
86fi
87
88echo "Starting consumer slapd on TCP/IP port $PORT2..."
89. $CONFFILTER $BACKEND < $RCONSUMERCONF > $CONF2
90$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 &
91CONSUMERPID=$!
92if test $WAIT != 0 ; then
93    echo CONSUMERPID $CONSUMERPID
94    read foo
95fi
96KILLPIDS="$PROVIDERPID $CONSUMERPID"
97
98sleep 1
99
100echo "Using ldapsearch to check that consumer slapd is running..."
101for i in 0 1 2 3 4 5; do
102	$LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \
103		'(objectClass=*)' > /dev/null 2>&1
104	RC=$?
105	if test $RC = 0 ; then
106		break
107	fi
108	echo "Waiting 5 seconds for slapd to start..."
109	sleep 5
110done
111
112if test $RC != 0 ; then
113	echo "ldapsearch failed ($RC)!"
114	test $KILLSERVERS != no && kill -HUP $KILLPIDS
115	exit $RC
116fi
117
118echo "Starting proxy slapd on TCP/IP port $PORT3..."
119. $CONFFILTER $BACKEND < $PLSRCONSUMERCONF > $CONF3
120$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 &
121PROXYPID=$!
122if test $WAIT != 0 ; then
123    echo PROXYPID $PROXYPID
124    read foo
125fi
126KILLPIDS="$PROVIDERPID $CONSUMERPID $PROXYPID"
127
128sleep 1
129
130echo "Using ldapsearch to check that proxy slapd is running..."
131for i in 0 1 2 3 4 5; do
132	$LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \
133		'(objectClass=*)' > /dev/null 2>&1
134	RC=$?
135	if test $RC = 0 || test $RC = 53 ; then
136		break
137	fi
138	echo "Waiting 5 seconds for slapd to start..."
139	sleep 5
140done
141
142case $RC in
1430 )
144	echo "ldapsearch should have failed ($RC)!"
145	test $KILLSERVERS != no && kill -HUP $KILLPIDS
146	exit -1
147	;;
14853)
149	;;
150*)
151	echo "ldapsearch failed ($RC)!"
152	test $KILLSERVERS != no && kill -HUP $KILLPIDS
153	exit $RC
154	;;
155esac
156
157CHECK=1
158echo "$CHECK > Using ldapadd to populate the provider directory..."
159$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \
160	$LDIFORDEREDNOCP > /dev/null 2>&1
161RC=$?
162if test $RC != 0 ; then
163	echo "ldapadd failed ($RC)!"
164	test $KILLSERVERS != no && kill -HUP $KILLPIDS
165	exit $RC
166fi
167
168# get provider contextCSN
169$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
170	-s base '(objectClass=*)' contextCSN > "${PROVIDEROUT}.$CHECK" 2>&1
171RC=$?
172if test $RC != 0 ; then
173	echo "ldapsearch failed at provider ($RC)!"
174	test $KILLSERVERS != no && kill -HUP $KILLPIDS
175	exit $RC
176fi
177
178# check consumer contextCSN
179sleep 1
180for i in 1 2 3; do
181	$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
182		-s base '(objectClass=*)' contextCSN > "${CONSUMEROUT}.$CHECK" 2>&1
183	RC=$?
184
185	if test $RC != 0 ; then
186		echo "ldapsearch failed at consumer ($RC)!"
187		test $KILLSERVERS != no && kill -HUP $KILLPIDS
188		exit $RC
189	fi
190
191	$CMP ${PROVIDEROUT}.$CHECK ${CONSUMEROUT}.$CHECK > $CMPOUT
192
193	if test $? = 0 ; then
194		break
195	fi
196
197	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
198	sleep $SLEEP1
199done
200
201#echo "Using ldapsearch to read all the entries from the provider..."
202$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
203	'(objectClass=*)' > "${PROVIDEROUT}.$CHECK" 2>&1
204RC=$?
205
206if test $RC != 0 ; then
207	echo "ldapsearch failed at provider ($RC)!"
208	test $KILLSERVERS != no && kill -HUP $KILLPIDS
209	exit $RC
210fi
211
212#echo "Using ldapsearch to read all the entries from the consumer..."
213$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
214	'(objectClass=*)' > "${CONSUMEROUT}.$CHECK" 2>&1
215RC=$?
216
217if test $RC != 0 ; then
218	echo "ldapsearch failed at consumer ($RC)!"
219	test $KILLSERVERS != no && kill -HUP $KILLPIDS
220	exit $RC
221fi
222
223#echo "Filtering provider results..."
224$LDIFFILTER < "${PROVIDEROUT}.$CHECK" > $PROVIDERFLT
225#echo "Filtering consumer results..."
226$LDIFFILTER < "${CONSUMEROUT}.$CHECK" > $CONSUMERFLT
227
228echo "$CHECK < Comparing retrieved entries from provider and consumer..."
229$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
230
231if test $? != 0 ; then
232	echo "test failed - provider and consumer databases differ"
233	test $KILLSERVERS != no && kill -HUP $KILLPIDS
234	exit 1
235fi
236
237CHECK=`expr $CHECK + 1`
238echo "$CHECK > Stopping the provider, sleeping $SLEEP2 seconds and restarting it..."
239kill -HUP "$PROVIDERPID"
240wait $PROVIDERPID
241sleep $SLEEP2
242
243echo "======================= RESTART =======================" >> $LOG1
244$SLAPD -f $CONF1 -h $URI1 -d $LVL >> $LOG1 2>&1 &
245PROVIDERPID=$!
246if test $WAIT != 0 ; then
247    echo PROVIDERPID $PROVIDERPID
248    read foo
249fi
250KILLPIDS="$PROVIDERPID $CONSUMERPID $PROXYPID"
251
252sleep 1
253
254echo "Using ldapsearch to check that provider slapd is running..."
255for i in 0 1 2 3 4 5; do
256	$LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
257		'(objectClass=*)' > /dev/null 2>&1
258	RC=$?
259	if test $RC = 0 ; then
260		break
261	fi
262	echo "Waiting 5 seconds for slapd to start..."
263	sleep 5
264done
265
266if test $RC != 0 ; then
267	echo "ldapsearch failed ($RC)!"
268	test $KILLSERVERS != no && kill -HUP $KILLPIDS
269	exit $RC
270fi
271
272echo "Using ldapmodify to modify provider directory..."
273
274#
275# Do some modifications
276#
277
278$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \
279	$TESTOUT 2>&1 << EOMODS
280dn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com
281changetype: modify
282add: drink
283drink: Orange Juice
284-
285delete: sn
286sn: Jones
287-
288add: sn
289sn: Jones
290
291dn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
292changetype: modify
293replace: drink
294drink: Iced Tea
295
296dn: cn=ITD Staff,ou=Groups,dc=example,dc=com
297changetype: modify
298delete: uniquemember
299uniquemember: cn=James A Jones 2, ou=Information Technology Division, ou=People, dc=example,dc=com
300uniquemember: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
301-
302add: uniquemember
303uniquemember: cn=Dorothy Stevens, ou=Alumni Association, ou=People, dc=example,dc=com
304uniquemember: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com
305
306dn: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc
307 =com
308changetype: modify
309delete: cn
310cn: Biiff Jensen
311
312dn: cn=Gern Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
313changetype: add
314objectclass: OpenLDAPperson
315cn: Gern Jensen
316sn: Jensen
317uid: gjensen
318title: Chief Investigator, ITD
319postaladdress: ITD $ 535 W. William St $ Ann Arbor, MI 48103
320seealso: cn=All Staff, ou=Groups, dc=example,dc=com
321drink: Coffee
322homepostaladdress: 844 Brown St. Apt. 4 $ Ann Arbor, MI 48104
323description: Very odd
324facsimiletelephonenumber: +1 313 555 7557
325telephonenumber: +1 313 555 8343
326mail: gjensen@mailgw.example.com
327homephone: +1 313 555 8844
328
329dn: ou=Retired, ou=People, dc=example,dc=com
330changetype: add
331objectclass: organizationalUnit
332ou: Retired
333
334dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, dc=example,dc=com
335changetype: add
336objectclass: OpenLDAPperson
337cn: Rosco P. Coltrane
338sn: Coltrane
339uid: rosco
340description: Fat tycoon
341
342dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, dc=example,dc=com
343changetype: modrdn
344newrdn: cn=Rosco P. Coltrane
345deleteoldrdn: 1
346newsuperior: ou=Retired, ou=People, dc=example,dc=com
347
348dn: cn=James A Jones 2, ou=Information Technology Division, ou=People, dc=example,dc=com
349changetype: delete
350EOMODS
351
352RC=$?
353if test $RC != 0 ; then
354	echo "ldapmodify failed ($RC)!"
355	test $KILLSERVERS != no && kill -HUP $KILLPIDS
356	exit $RC
357fi
358
359# get provider contextCSN
360$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
361	-s base '(objectClass=*)' contextCSN > "${PROVIDEROUT}.$CHECK" 2>&1
362RC=$?
363if test $RC != 0 ; then
364	echo "ldapsearch failed at provider ($RC)!"
365	test $KILLSERVERS != no && kill -HUP $KILLPIDS
366	exit $RC
367fi
368
369# check consumer contextCSN
370for i in 1 2 3; do
371	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
372	sleep $SLEEP1
373
374	$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
375		-s base '(objectClass=*)' contextCSN > "${CONSUMEROUT}.$CHECK" 2>&1
376	RC=$?
377
378	if test $RC != 0 ; then
379		echo "ldapsearch failed at consumer ($RC)!"
380		test $KILLSERVERS != no && kill -HUP $KILLPIDS
381		exit $RC
382	fi
383
384	$CMP ${PROVIDEROUT}.$CHECK ${CONSUMEROUT}.$CHECK > $CMPOUT
385
386	if test $? = 0 ; then
387		break
388	fi
389done
390
391#echo "Using ldapsearch to read all the entries from the provider..."
392$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
393	'(objectClass=*)' > "${PROVIDEROUT}.$CHECK" 2>&1
394RC=$?
395
396if test $RC != 0 ; then
397	echo "ldapsearch failed at provider ($RC)!"
398	test $KILLSERVERS != no && kill -HUP $KILLPIDS
399	exit $RC
400fi
401
402#echo "Using ldapsearch to read all the entries from the consumer..."
403$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
404	'(objectClass=*)' > "${CONSUMEROUT}.$CHECK" 2>&1
405RC=$?
406
407if test $RC != 0 ; then
408	echo "ldapsearch failed at consumer ($RC)!"
409	test $KILLSERVERS != no && kill -HUP $KILLPIDS
410	exit $RC
411fi
412
413#echo "Filtering provider results..."
414$LDIFFILTER < "${PROVIDEROUT}.$CHECK" > $PROVIDERFLT
415#echo "Filtering consumer results..."
416$LDIFFILTER < "${CONSUMEROUT}.$CHECK" > $CONSUMERFLT
417
418echo "$CHECK < Comparing retrieved entries from provider and consumer..."
419$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
420
421if test $? != 0 ; then
422	echo "test failed - provider and consumer databases differ"
423	test $KILLSERVERS != no && kill -HUP $KILLPIDS
424	exit 1
425fi
426
427CHECK=`expr $CHECK + 1`
428echo "$CHECK > Stopping proxy to test recovery..."
429kill -HUP $PROXYPID
430wait $PROXYPID
431
432echo "Modifying more entries on the provider..."
433$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD >> \
434	$TESTOUT 2>&1 << EOMODS
435dn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
436changetype: modify
437add: description
438description: proxy is down...
439
440dn: cn=James T. Kirk, ou=Retired, ou=People, dc=example,dc=com
441changetype: add
442objectclass: OpenLDAPperson
443sn: Kirk
444uid: jtk
445cn: James T. Kirk
446
447dn: cn=Tiberius J. Hooker, ou=Retired, ou=People, dc=example,dc=com
448changetype: add
449objectclass: OpenLDAPperson
450sn: Hooker
451uid: tjh
452cn: Tiberius J. Hooker
453
454EOMODS
455
456echo "Restarting proxy..."
457echo "======================= RESTART =======================" >> $LOG3
458$SLAPD -f $CONF3 -h $URI3 -d $LVL >> $LOG3 2>&1 &
459PROXYPID=$!
460if test $WAIT != 0 ; then
461    echo PROXYPID $PROXYPID
462    read foo
463fi
464KILLPIDS="$PROVIDERPID $CONSUMERPID $PROXYPID"
465
466# get provider contextCSN
467$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
468	-s base '(objectClass=*)' contextCSN > "${PROVIDEROUT}.$CHECK" 2>&1
469RC=$?
470if test $RC != 0 ; then
471	echo "ldapsearch failed at provider ($RC)!"
472	test $KILLSERVERS != no && kill -HUP $KILLPIDS
473	exit $RC
474fi
475
476# check consumer contextCSN
477for i in 1 2 3 4 5; do
478	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
479	sleep $SLEEP1
480
481	$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
482		-s base '(objectClass=*)' contextCSN > "${CONSUMEROUT}.$CHECK" 2>&1
483	RC=$?
484
485	if test $RC != 0 ; then
486		echo "ldapsearch failed at consumer ($RC)!"
487		test $KILLSERVERS != no && kill -HUP $KILLPIDS
488		exit $RC
489	fi
490
491	$CMP ${PROVIDEROUT}.$CHECK ${CONSUMEROUT}.$CHECK > $CMPOUT
492
493	if test $? = 0 ; then
494		break
495	fi
496done
497
498#echo "Using ldapsearch to read all the entries from the provider..."
499$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
500	'(objectClass=*)' > "${PROVIDEROUT}.$CHECK" 2>&1
501RC=$?
502
503if test $RC != 0 ; then
504	echo "ldapsearch failed at provider ($RC)!"
505	test $KILLSERVERS != no && kill -HUP $KILLPIDS
506	exit $RC
507fi
508
509#echo "Using ldapsearch to read all the entries from the consumer..."
510$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
511	'(objectClass=*)' > "${CONSUMEROUT}.$CHECK" 2>&1
512RC=$?
513
514if test $RC != 0 ; then
515	echo "ldapsearch failed at consumer ($RC)!"
516	test $KILLSERVERS != no && kill -HUP $KILLPIDS
517	exit $RC
518fi
519
520#echo "Filtering provider results..."
521$LDIFFILTER < "${PROVIDEROUT}.$CHECK" > $PROVIDERFLT
522#echo "Filtering consumer results..."
523$LDIFFILTER < "${CONSUMEROUT}.$CHECK" > $CONSUMERFLT
524
525echo "$CHECK < Comparing retrieved entries from provider and consumer..."
526$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
527
528if test $? != 0 ; then
529	echo "test failed - provider and consumer databases differ"
530	test $KILLSERVERS != no && kill -HUP $KILLPIDS
531	exit 1
532fi
533
534CHECK=`expr $CHECK + 1`
535echo "$CHECK > Try updating the consumer slapd..."
536$LDAPMODIFY -v -D "$MANAGERDN" -H $URI2 -w $PASSWD > \
537	$TESTOUT 2>&1 << EOMODS
538dn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example, dc=com
539changetype: modify
540add: description
541description: This write must fail because directed to a shadow context,
542description: unless the chain overlay is configured appropriately ;)
543
544EOMODS
545
546RC=$?
547if test $RC != 0 ; then
548	echo "ldapmodify failed ($RC)!"
549	test $KILLSERVERS != no && kill -HUP $KILLPIDS
550	exit $RC
551fi
552
553# get provider contextCSN
554$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
555	-s base '(objectClass=*)' contextCSN > "${PROVIDEROUT}.$CHECK" 2>&1
556RC=$?
557if test $RC != 0 ; then
558	echo "ldapsearch failed at provider ($RC)!"
559	test $KILLSERVERS != no && kill -HUP $KILLPIDS
560	exit $RC
561fi
562
563# check consumer contextCSN
564sleep 1
565
566for i in 1 2 3; do
567	$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
568		-s base '(objectClass=*)' contextCSN > "${CONSUMEROUT}.$CHECK" 2>&1
569	RC=$?
570
571	if test $RC != 0 ; then
572		echo "ldapsearch failed at consumer ($RC)!"
573		test $KILLSERVERS != no && kill -HUP $KILLPIDS
574		exit $RC
575	fi
576
577	$CMP ${PROVIDEROUT}.$CHECK ${CONSUMEROUT}.$CHECK > $CMPOUT
578
579	if test $? = 0 ; then
580		break
581	fi
582
583	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
584	sleep $SLEEP1
585done
586
587#echo "Using ldapsearch to read all the entries from the provider..."
588$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
589	'(objectClass=*)' > "${PROVIDEROUT}.$CHECK" 2>&1
590RC=$?
591
592if test $RC != 0 ; then
593	echo "ldapsearch failed at provider ($RC)!"
594	test $KILLSERVERS != no && kill -HUP $KILLPIDS
595	exit $RC
596fi
597
598#echo "Using ldapsearch to read all the entries from the consumer..."
599$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
600'(objectClass=*)' > "${CONSUMEROUT}.$CHECK" 2>&1
601RC=$?
602
603if test $RC != 0 ; then
604	echo "ldapsearch failed at consumer ($RC)!"
605	test $KILLSERVERS != no && kill -HUP $KILLPIDS
606	exit $RC
607fi
608
609#echo "Filtering provider results..."
610$LDIFFILTER < "${PROVIDEROUT}.$CHECK" > $PROVIDERFLT
611#echo "Filtering consumer results..."
612$LDIFFILTER < "${CONSUMEROUT}.$CHECK" > $CONSUMERFLT
613
614echo "$CHECK < Comparing retrieved entries from provider and consumer..."
615$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
616
617if test $? != 0 ; then
618	echo "test failed - provider and consumer databases differ"
619	test $KILLSERVERS != no && kill -HUP $KILLPIDS
620	exit 1
621fi
622
623CHECK=`expr $CHECK + 1`
624echo "$CHECK > Stopping consumer to test recovery..."
625kill -HUP $CONSUMERPID
626wait $CONSUMERPID
627
628echo "Modifying more entries on the provider..."
629$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD >> \
630	$TESTOUT 2>&1 << EOMODS
631dn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
632changetype: modify
633add: drink
634drink: Mad Dog 20/20
635
636EOMODS
637
638echo "Waiting $SLEEP2 seconds for syncrepl to retry..."
639sleep $SLEEP2
640
641echo "Restarting consumer..."
642echo "======================= RESTART =======================" >> $LOG2
643$SLAPD -f $CONF2 -h $URI2 -d $LVL >> $LOG2 2>&1 &
644CONSUMERPID=$!
645if test $WAIT != 0 ; then
646    echo CONSUMERPID $CONSUMERPID
647    read foo
648fi
649KILLPIDS="$PROVIDERPID $CONSUMERPID $PROXYPID"
650
651# get provider contextCSN
652$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
653	-s base '(objectClass=*)' contextCSN > "${PROVIDEROUT}.$CHECK" 2>&1
654RC=$?
655if test $RC != 0 ; then
656	echo "ldapsearch failed at provider ($RC)!"
657	test $KILLSERVERS != no && kill -HUP $KILLPIDS
658	exit $RC
659fi
660
661# check consumer contextCSN
662
663for i in 1 2 3 4 5; do
664	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
665	sleep $SLEEP1
666
667	$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
668		-s base '(objectClass=*)' contextCSN > "${CONSUMEROUT}.$CHECK" 2>&1
669	RC=$?
670
671	if test $RC != 0 ; then
672		echo "ldapsearch failed at consumer ($RC)!"
673		test $KILLSERVERS != no && kill -HUP $KILLPIDS
674		exit $RC
675	fi
676
677	$CMP ${PROVIDEROUT}.$CHECK ${CONSUMEROUT}.$CHECK > $CMPOUT
678
679	if test $? = 0 ; then
680		break
681	fi
682done
683
684#echo "Using ldapsearch to read all the entries from the provider..."
685$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
686	'(objectClass=*)' > "${PROVIDEROUT}.$CHECK" 2>&1
687RC=$?
688
689if test $RC != 0 ; then
690	echo "ldapsearch failed at provider ($RC)!"
691	test $KILLSERVERS != no && kill -HUP $KILLPIDS
692	exit $RC
693fi
694
695#echo "Using ldapsearch to read all the entries from the consumer..."
696$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
697	'(objectClass=*)' > "${CONSUMEROUT}.$CHECK" 2>&1
698RC=$?
699
700if test $RC != 0 ; then
701	echo "ldapsearch failed at consumer ($RC)!"
702	test $KILLSERVERS != no && kill -HUP $KILLPIDS
703	exit $RC
704fi
705
706#echo "Filtering provider results..."
707$LDIFFILTER < "${PROVIDEROUT}.$CHECK" > $PROVIDERFLT
708#echo "Filtering consumer results..."
709$LDIFFILTER < "${CONSUMEROUT}.$CHECK" > $CONSUMERFLT
710
711echo "$CHECK < Comparing retrieved entries from provider and consumer..."
712$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
713
714if test $? != 0 ; then
715	# FIXME: keep the original workaround in place, in case we needed again
716	if test 1 = 1 ; then
717		echo "test failed - provider and consumer databases differ"
718		test $KILLSERVERS != no && kill -HUP $KILLPIDS
719		exit 1
720	fi
721
722	echo "	test failed - provider and consumer databases differ (ignored by now)"
723	echo "	Stopping proxy to see if it auto-recovers..."
724	kill -HUP $PROXYPID
725	wait $PROXYPID
726
727	echo "	${CHECK}.1 > Restarting proxy..."
728	echo "======================= RESTART =======================" >> $LOG3
729	$SLAPD -f $CONF3 -h $URI3 -d $LVL >> $LOG3 2>&1 &
730	PROXYPID=$!
731	if test $WAIT != 0 ; then
732		echo PROXYPID $PROXYPID
733		read foo
734	fi
735	KILLPIDS="$PROVIDERPID $CONSUMERPID $PROXYPID"
736
737	echo "	Waiting $SLEEP2 seconds for syncrepl to receive changes..."
738	sleep $SLEEP2
739
740	#echo "Using ldapsearch to read all the entries from the consumer..."
741	$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
742		'(objectClass=*)' > "${CONSUMEROUT}.5.1" 2>&1
743	RC=$?
744
745	if test $RC != 0 ; then
746		echo "	ldapsearch failed at consumer ($RC)!"
747		test $KILLSERVERS != no && kill -HUP $KILLPIDS
748		exit $RC
749	fi
750
751	#echo "Filtering consumer results..."
752	$LDIFFILTER < "${CONSUMEROUT}.5.1" > $CONSUMERFLT
753
754	echo "	${CHECK}.1 < Comparing retrieved entries from provider and consumer..."
755	$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
756
757	if test $? != 0 ; then
758		echo "	test failed - provider and consumer databases differ"
759		test $KILLSERVERS != no && kill -HUP $KILLPIDS
760		exit 1
761	fi
762fi
763
764#
765# Modifications formerly known to fail
766#
767CHECK=`expr $CHECK + 1`
768echo "$CHECK > Performing modifications that were formerly known to fail..."
769$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \
770	$TESTOUT 2>&1 << EOMODS
771# First, back out previous change
772dn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
773changetype: modify
774delete: drink
775drink: Mad Dog 20/20
776
777# From now on, perform modifications that were formerly known to fail
778dn: cn=All Staff,ou=Groups,dc=example,dc=com
779changetype: modify
780delete: description
781
782EOMODS
783
784RC=$?
785if test $RC != 0 ; then
786	echo "ldapmodify failed ($RC)!"
787	test $KILLSERVERS != no && kill -HUP $KILLPIDS
788	exit $RC
789fi
790
791# get provider contextCSN
792$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
793	-s base '(objectClass=*)' contextCSN > "${PROVIDEROUT}.$CHECK" 2>&1
794RC=$?
795if test $RC != 0 ; then
796	echo "ldapsearch failed at provider ($RC)!"
797	test $KILLSERVERS != no && kill -HUP $KILLPIDS
798	exit $RC
799fi
800
801# check consumer contextCSN
802sleep 1
803for i in 1 2 3; do
804	$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
805		-s base '(objectClass=*)' contextCSN > "${CONSUMEROUT}.$CHECK" 2>&1
806	RC=$?
807
808	if test $RC != 0 ; then
809		echo "ldapsearch failed at consumer ($RC)!"
810		test $KILLSERVERS != no && kill -HUP $KILLPIDS
811		exit $RC
812	fi
813
814	$CMP ${PROVIDEROUT}.$CHECK ${CONSUMEROUT}.$CHECK > $CMPOUT
815
816	if test $? = 0 ; then
817		break
818	fi
819
820	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
821	sleep $SLEEP1
822done
823
824#echo "Using ldapsearch to read all the entries from the provider..."
825$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
826	'(objectClass=*)' > "${PROVIDEROUT}.$CHECK" 2>&1
827RC=$?
828
829if test $RC != 0 ; then
830	echo "ldapsearch failed at provider ($RC)!"
831	test $KILLSERVERS != no && kill -HUP $KILLPIDS
832	exit $RC
833fi
834
835#echo "Using ldapsearch to read all the entries from the consumer..."
836$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 \
837	'(objectClass=*)' > "${CONSUMEROUT}.$CHECK" 2>&1
838RC=$?
839
840if test $RC != 0 ; then
841	echo "ldapsearch failed at consumer ($RC)!"
842	test $KILLSERVERS != no && kill -HUP $KILLPIDS
843	exit $RC
844fi
845
846#echo "Filtering provider results..."
847$LDIFFILTER < "${PROVIDEROUT}.$CHECK" > $PROVIDERFLT
848#echo "Filtering consumer results..."
849$LDIFFILTER < "${CONSUMEROUT}.$CHECK" > $CONSUMERFLT
850
851echo "$CHECK < Comparing retrieved entries from provider and consumer..."
852$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
853
854if test $? != 0 ; then
855	echo "test failed - provider and consumer databases differ (ignored by now)"
856	#echo "test failed - provider and consumer databases differ"
857	#test $KILLSERVERS != no && kill -HUP $KILLPIDS
858	#exit 1
859fi
860
861test $KILLSERVERS != no && kill -HUP $KILLPIDS
862
863echo ">>>>> Test succeeded"
864
865test $KILLSERVERS != no && wait
866
867exit 0
868