xref: /netbsd-src/external/bsd/openldap/dist/tests/scripts/test086-delta-consumer-config (revision e670fd5c413e99c2f6a37901bb21c537fcd322d2) 
1*e670fd5cSchristos#! /bin/sh
2*e670fd5cSchristos# $OpenLDAP$
3*e670fd5cSchristos## This work is part of OpenLDAP Software <http://www.openldap.org/>.
4*e670fd5cSchristos##
5*e670fd5cSchristos## Copyright 1998-2021 The OpenLDAP Foundation.
6*e670fd5cSchristos## All rights reserved.
7*e670fd5cSchristos##
8*e670fd5cSchristos## Redistribution and use in source and binary forms, with or without
9*e670fd5cSchristos## modification, are permitted only as authorized by the OpenLDAP
10*e670fd5cSchristos## Public License.
11*e670fd5cSchristos##
12*e670fd5cSchristos## A copy of this license is available in the file LICENSE in the
13*e670fd5cSchristos## top-level directory of the distribution or, alternatively, at
14*e670fd5cSchristos## <http://www.OpenLDAP.org/license.html>.
15*e670fd5cSchristos
16*e670fd5cSchristosecho "running defines.sh"
17*e670fd5cSchristos. $SRCDIR/scripts/defines.sh
18*e670fd5cSchristos
19*e670fd5cSchristosif test $SYNCPROV = syncprovno; then
20*e670fd5cSchristos	echo "Syncrepl provider overlay not available, test skipped"
21*e670fd5cSchristos	exit 0
22*e670fd5cSchristosfi
23*e670fd5cSchristosif test $ACCESSLOG = accesslogno; then
24*e670fd5cSchristos	echo "Accesslog overlay not available, test skipped"
25*e670fd5cSchristos	exit 0
26*e670fd5cSchristosfi
27*e670fd5cSchristos
28*e670fd5cSchristosCFPRO=$TESTDIR/cfpro.d
29*e670fd5cSchristosCFCON=$TESTDIR/cfcon.d
30*e670fd5cSchristos
31*e670fd5cSchristosmkdir -p $TESTDIR $DBDIR1A $DBDIR1B $DBDIR1C $DBDIR1D $DBDIR2A $CFPRO $CFCON
32*e670fd5cSchristos
33*e670fd5cSchristos$SLAPPASSWD -g -n >$CONFIGPWF
34*e670fd5cSchristos
35*e670fd5cSchristosif test x"$SYNCMODE" = x ; then
36*e670fd5cSchristos	SYNCMODE=rp
37*e670fd5cSchristosfi
38*e670fd5cSchristoscase "$SYNCMODE" in
39*e670fd5cSchristos	ro)
40*e670fd5cSchristos		SYNCTYPE="type=refreshOnly interval=00:00:00:03"
41*e670fd5cSchristos		;;
42*e670fd5cSchristos	rp)
43*e670fd5cSchristos		SYNCTYPE="type=refreshAndPersist"
44*e670fd5cSchristos		;;
45*e670fd5cSchristos	*)
46*e670fd5cSchristos		echo "unknown sync mode $SYNCMODE"
47*e670fd5cSchristos		exit 1;
48*e670fd5cSchristos		;;
49*e670fd5cSchristosesac
50*e670fd5cSchristos
51*e670fd5cSchristos#
52*e670fd5cSchristos# Test replication of dynamic config with alternate consumer config:
53*e670fd5cSchristos# - start provider
54*e670fd5cSchristos# - start consumer
55*e670fd5cSchristos# - configure over ldap
56*e670fd5cSchristos# - populate over ldap
57*e670fd5cSchristos# - configure syncrepl over ldap
58*e670fd5cSchristos# - retrieve database over ldap and compare against expected results
59*e670fd5cSchristos#
60*e670fd5cSchristos
61*e670fd5cSchristosecho "Starting provider slapd on TCP/IP port $PORT1..."
62*e670fd5cSchristos. $CONFFILTER $BACKEND < $DYNAMICCONF > $CONFLDIF
63*e670fd5cSchristos$SLAPADD -F $CFPRO -n 0 -l $CONFLDIF
64*e670fd5cSchristos$SLAPD -F $CFPRO -h $URI1 -d $LVL > $LOG1 2>&1 &
65*e670fd5cSchristosPID=$!
66*e670fd5cSchristosif test $WAIT != 0 ; then
67*e670fd5cSchristos    echo PID $PID
68*e670fd5cSchristos    read foo
69*e670fd5cSchristosfi
70*e670fd5cSchristosKILLPIDS="$PID"
71*e670fd5cSchristos
72*e670fd5cSchristossleep 1
73*e670fd5cSchristos
74*e670fd5cSchristosecho "Using ldapsearch to check that provider slapd is running..."
75*e670fd5cSchristosfor i in 0 1 2 3 4 5; do
76*e670fd5cSchristos	$LDAPSEARCH -s base -b "" -H $URI1 \
77*e670fd5cSchristos		'objectclass=*' > /dev/null 2>&1
78*e670fd5cSchristos	RC=$?
79*e670fd5cSchristos	if test $RC = 0 ; then
80*e670fd5cSchristos		break
81*e670fd5cSchristos	fi
82*e670fd5cSchristos	echo "Waiting 5 seconds for slapd to start..."
83*e670fd5cSchristos	sleep 5
84*e670fd5cSchristosdone
85*e670fd5cSchristos
86*e670fd5cSchristosif test $RC != 0 ; then
87*e670fd5cSchristos	echo "ldapsearch failed ($RC)!"
88*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
89*e670fd5cSchristos	exit $RC
90*e670fd5cSchristosfi
91*e670fd5cSchristos
92*e670fd5cSchristosecho "Inserting syncprov and accesslog overlays on provider..."
93*e670fd5cSchristosif [ "$SYNCPROV" = syncprovmod -a "$ACCESSLOG" = accesslogmod ]; then
94*e670fd5cSchristos    $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1
95*e670fd5cSchristosdn: cn=module,cn=config
96*e670fd5cSchristosobjectClass: olcModuleList
97*e670fd5cSchristoscn: module
98*e670fd5cSchristosolcModulePath: ../servers/slapd/overlays
99*e670fd5cSchristosolcModuleLoad: syncprov.la
100*e670fd5cSchristosolcModuleLoad: accesslog.la
101*e670fd5cSchristosEOF
102*e670fd5cSchristos    RC=$?
103*e670fd5cSchristos    if test $RC != 0 ; then
104*e670fd5cSchristos        echo "ldapadd failed for moduleLoad of syncprov and accesslog ($RC)!"
105*e670fd5cSchristos        test $KILLSERVERS != no && kill -HUP $KILLPIDS
106*e670fd5cSchristos        exit $RC
107*e670fd5cSchristos    fi
108*e670fd5cSchristoselif [ "$SYNCPROV" = syncprovmod ]; then
109*e670fd5cSchristos    $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1
110*e670fd5cSchristosdn: cn=module,cn=config
111*e670fd5cSchristosobjectClass: olcModuleList
112*e670fd5cSchristoscn: module
113*e670fd5cSchristosolcModulePath: ../servers/slapd/overlays
114*e670fd5cSchristosolcModuleLoad: syncprov.la
115*e670fd5cSchristosEOF
116*e670fd5cSchristos    RC=$?
117*e670fd5cSchristos    if test $RC != 0 ; then
118*e670fd5cSchristos        echo "ldapadd failed for moduleLoad of syncprov ($RC)!"
119*e670fd5cSchristos        test $KILLSERVERS != no && kill -HUP $KILLPIDS
120*e670fd5cSchristos        exit $RC
121*e670fd5cSchristos    fi
122*e670fd5cSchristoselif [ "$ACCESSLOG" = accesslogmod ]; then
123*e670fd5cSchristos    $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1
124*e670fd5cSchristosdn: cn=module,cn=config
125*e670fd5cSchristosobjectClass: olcModuleList
126*e670fd5cSchristoscn: module
127*e670fd5cSchristosolcModulePath: ../servers/slapd/overlays
128*e670fd5cSchristosolcModuleLoad: accesslog.la
129*e670fd5cSchristosEOF
130*e670fd5cSchristos    RC=$?
131*e670fd5cSchristos    if test $RC != 0 ; then
132*e670fd5cSchristos        echo "ldapadd failed for moduleLoad of accesslog ($RC)!"
133*e670fd5cSchristos        test $KILLSERVERS != no && kill -HUP $KILLPIDS
134*e670fd5cSchristos        exit $RC
135*e670fd5cSchristos    fi
136*e670fd5cSchristosfi
137*e670fd5cSchristos
138*e670fd5cSchristosecho "Adding backend accesslog databases using $BACKEND..."
139*e670fd5cSchristosif [ "$BACKENDTYPE" = mod ]; then
140*e670fd5cSchristos    $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1
141*e670fd5cSchristosdn: cn=module,cn=config
142*e670fd5cSchristosobjectClass: olcModuleList
143*e670fd5cSchristoscn: module
144*e670fd5cSchristosolcModulePath: $TESTWD/../servers/slapd/back-$BACKEND
145*e670fd5cSchristosolcModuleLoad: back_$BACKEND.la
146*e670fd5cSchristosEOF
147*e670fd5cSchristos    RC=$?
148*e670fd5cSchristos    if test $RC != 0 ; then
149*e670fd5cSchristos        echo "ldapadd failed for moduleLoad of $BACKEND ($RC)!"
150*e670fd5cSchristos        test $KILLSERVERS != no && kill -HUP $KILLPIDS
151*e670fd5cSchristos        exit $RC
152*e670fd5cSchristos    fi
153*e670fd5cSchristosfi
154*e670fd5cSchristos
155*e670fd5cSchristosread CONFIGPW < $CONFIGPWF
156*e670fd5cSchristos$LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1
157*e670fd5cSchristosdn: olcDatabase={1}$BACKEND,cn=config
158*e670fd5cSchristosobjectClass: olcDatabaseConfig
159*e670fd5cSchristosobjectClass: olc${BACKEND}Config
160*e670fd5cSchristosolcDatabase: {1}$BACKEND
161*e670fd5cSchristosolcSuffix: cn=accesslog
162*e670fd5cSchristos${nullExclude}olcDbDirectory: $DBDIR1C
163*e670fd5cSchristosolcRootDN: cn=config
164*e670fd5cSchristosolcSizeLimit: unlimited
165*e670fd5cSchristosolcTimeLimit: unlimited
166*e670fd5cSchristosolcDbIndex: default eq
167*e670fd5cSchristosolcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart,reqDN
168*e670fd5cSchristos
169*e670fd5cSchristosdn: olcOverlay=syncprov,olcDatabase={1}${BACKEND},cn=config
170*e670fd5cSchristoschangetype: add
171*e670fd5cSchristosobjectClass: olcOverlayConfig
172*e670fd5cSchristosobjectClass: olcSyncProvConfig
173*e670fd5cSchristosolcOverlay: syncprov
174*e670fd5cSchristosolcSpNoPresent: TRUE
175*e670fd5cSchristosolcSpReloadHint: TRUE
176*e670fd5cSchristos
177*e670fd5cSchristosdn: olcDatabase={2}$BACKEND,cn=config
178*e670fd5cSchristosobjectClass: olcDatabaseConfig
179*e670fd5cSchristosobjectClass: olc${BACKEND}Config
180*e670fd5cSchristosolcDatabase: {2}$BACKEND
181*e670fd5cSchristosolcSuffix: cn=consumer-accesslog
182*e670fd5cSchristos${nullExclude}olcDbDirectory: $DBDIR1D
183*e670fd5cSchristosolcRootDN: cn=consumer,cn=config
184*e670fd5cSchristosolcSizeLimit: unlimited
185*e670fd5cSchristosolcTimeLimit: unlimited
186*e670fd5cSchristosolcDbIndex: default eq
187*e670fd5cSchristosolcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart,reqDN
188*e670fd5cSchristos
189*e670fd5cSchristosdn: olcOverlay=syncprov,olcDatabase={2}${BACKEND},cn=config
190*e670fd5cSchristoschangetype: add
191*e670fd5cSchristosobjectClass: olcOverlayConfig
192*e670fd5cSchristosobjectClass: olcSyncProvConfig
193*e670fd5cSchristosolcOverlay: syncprov
194*e670fd5cSchristosolcSpNoPresent: TRUE
195*e670fd5cSchristosolcSpReloadHint: TRUE
196*e670fd5cSchristosEOF
197*e670fd5cSchristos
198*e670fd5cSchristosRC=$?
199*e670fd5cSchristosif test $RC != 0 ; then
200*e670fd5cSchristos	echo "ldapadd failed for accesslog databases using $BACKEND ($RC)!"
201*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
202*e670fd5cSchristos	exit $RC
203*e670fd5cSchristosfi
204*e670fd5cSchristos
205*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
206*e670fd5cSchristosdn: olcOverlay=syncprov,olcDatabase={0}config,cn=config
207*e670fd5cSchristoschangetype: add
208*e670fd5cSchristosobjectClass: olcOverlayConfig
209*e670fd5cSchristosobjectClass: olcSyncProvConfig
210*e670fd5cSchristosolcOverlay: syncprov
211*e670fd5cSchristos
212*e670fd5cSchristosdn: olcOverlay=accesslog,olcDatabase={0}config,cn=config
213*e670fd5cSchristoschangetype: add
214*e670fd5cSchristosobjectClass: olcOverlayConfig
215*e670fd5cSchristosobjectClass: olcAccessLogConfig
216*e670fd5cSchristosolcOverlay: accesslog
217*e670fd5cSchristosolcAccessLogDB: cn=accesslog
218*e670fd5cSchristosolcAccessLogOps: writes
219*e670fd5cSchristosolcAccessLogPurge: 07+00:00 01+00:00
220*e670fd5cSchristosolcAccessLogSuccess: TRUE
221*e670fd5cSchristosEOF
222*e670fd5cSchristos
223*e670fd5cSchristosRC=$?
224*e670fd5cSchristosif test $RC != 0 ; then
225*e670fd5cSchristos	echo "ldapmodify failed for syncprov and accesslog overlay config ($RC)!"
226*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
227*e670fd5cSchristos	exit $RC
228*e670fd5cSchristosfi
229*e670fd5cSchristos
230*e670fd5cSchristos# Consumers will not replicate the provider's actual cn=config.
231*e670fd5cSchristos# Instead, they will use an alternate DB so that they may be
232*e670fd5cSchristos# configured differently from the provider. This alternate DB
233*e670fd5cSchristos# will also be a consumer for the real cn=schema,cn=config tree.
234*e670fd5cSchristos# It has multi-provider enabled so that it can be written directly
235*e670fd5cSchristos# while being a consumer of the main schema.
236*e670fd5cSchristosecho "Configuring consumer config DB on provider..."
237*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
238*e670fd5cSchristosdn: cn=config
239*e670fd5cSchristoschangetype: modify
240*e670fd5cSchristosadd: olcServerID
241*e670fd5cSchristosolcServerID: 1
242*e670fd5cSchristos
243*e670fd5cSchristosdn: olcDatabase={1}ldif,cn=config
244*e670fd5cSchristoschangetype: add
245*e670fd5cSchristosobjectClass: olcDatabaseConfig
246*e670fd5cSchristosobjectClass: olcLdifConfig
247*e670fd5cSchristosolcDatabase: {1}ldif
248*e670fd5cSchristosolcDbDirectory: $DBDIR1A
249*e670fd5cSchristosolcSuffix: cn=config,cn=consumer
250*e670fd5cSchristosolcRootDN: cn=config,cn=consumer
251*e670fd5cSchristosolcRootPW: repsecret
252*e670fd5cSchristosolcAccess: to * by dn.base="cn=config" write
253*e670fd5cSchristos
254*e670fd5cSchristosdn: olcOverlay=syncprov,olcDatabase={1}ldif,cn=config
255*e670fd5cSchristoschangetype: add
256*e670fd5cSchristosobjectClass: olcOverlayConfig
257*e670fd5cSchristosobjectClass: olcSyncProvConfig
258*e670fd5cSchristosolcOverlay: syncprov
259*e670fd5cSchristos
260*e670fd5cSchristosdn: olcOverlay=accesslog,olcDatabase={1}ldif,cn=config
261*e670fd5cSchristoschangetype: add
262*e670fd5cSchristosobjectClass: olcOverlayConfig
263*e670fd5cSchristosobjectClass: olcAccessLogConfig
264*e670fd5cSchristosolcOverlay: accesslog
265*e670fd5cSchristosolcAccessLogDB: cn=consumer-accesslog
266*e670fd5cSchristosolcAccessLogOps: writes
267*e670fd5cSchristosolcAccessLogPurge: 07+00:00 01+00:00
268*e670fd5cSchristosolcAccessLogSuccess: TRUE
269*e670fd5cSchristos
270*e670fd5cSchristosdn: cn=config,cn=consumer
271*e670fd5cSchristoschangetype: add
272*e670fd5cSchristosobjectClass: olcGlobal
273*e670fd5cSchristoscn: consumerconfig
274*e670fd5cSchristos
275*e670fd5cSchristosdn: olcDatabase={0}config,cn=config,cn=consumer
276*e670fd5cSchristoschangetype: add
277*e670fd5cSchristosobjectClass: olcDatabaseConfig
278*e670fd5cSchristosolcDatabase: {0}config
279*e670fd5cSchristosolcRootPW: topsecret
280*e670fd5cSchristosolcSyncrepl: {0}rid=001 provider=$URI1 binddn="cn=config,cn=consumer"
281*e670fd5cSchristos  bindmethod=simple credentials=repsecret searchbase="cn=config,cn=consumer"
282*e670fd5cSchristos  $SYNCTYPE retry="3 5 300 5" timeout=3 suffixmassage="cn=config"
283*e670fd5cSchristosolcUpdateRef: $URI1
284*e670fd5cSchristos
285*e670fd5cSchristosdn: olcDatabase={1}ldif,cn=config
286*e670fd5cSchristoschangetype: modify
287*e670fd5cSchristosadd: olcSyncrepl
288*e670fd5cSchristosolcSyncrepl: {0}rid=001 provider=$URI1 binddn="cn=config"
289*e670fd5cSchristos  bindmethod=simple credentials=$CONFIGPW searchbase="cn=schema,cn=config"
290*e670fd5cSchristos  $SYNCTYPE retry="3 5 300 5" timeout=3
291*e670fd5cSchristos  suffixmassage="cn=schema,cn=config,cn=consumer"
292*e670fd5cSchristos-
293*e670fd5cSchristosadd: olcMultiProvider
294*e670fd5cSchristosolcMultiProvider: TRUE
295*e670fd5cSchristos
296*e670fd5cSchristosEOF
297*e670fd5cSchristosRC=$?
298*e670fd5cSchristosif test $RC != 0 ; then
299*e670fd5cSchristos	echo "ldapmodify failed for consumer DB config ($RC)!"
300*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
301*e670fd5cSchristos	exit $RC
302*e670fd5cSchristosfi
303*e670fd5cSchristos
304*e670fd5cSchristosecho "Starting consumer slapd on TCP/IP port $PORT2..."
305*e670fd5cSchristos$SLAPADD -F $CFCON -n 0 -l $CONFLDIF
306*e670fd5cSchristos$SLAPD -F $CFCON -h $URI2 -d $LVL > $LOG2 2>&1 &
307*e670fd5cSchristosCONSUMERPID=$!
308*e670fd5cSchristosif test $WAIT != 0 ; then
309*e670fd5cSchristos    echo CONSUMERPID $CONSUMERPID
310*e670fd5cSchristos    read foo
311*e670fd5cSchristosfi
312*e670fd5cSchristosKILLPIDS="$KILLPIDS $CONSUMERPID"
313*e670fd5cSchristos
314*e670fd5cSchristossleep 1
315*e670fd5cSchristos
316*e670fd5cSchristosecho "Using ldapsearch to check that consumer slapd is running..."
317*e670fd5cSchristosfor i in 0 1 2 3 4 5; do
318*e670fd5cSchristos	$LDAPSEARCH -s base -b "" -H $URI2 \
319*e670fd5cSchristos		'objectclass=*' > /dev/null 2>&1
320*e670fd5cSchristos	RC=$?
321*e670fd5cSchristos	if test $RC = 0 ; then
322*e670fd5cSchristos		break
323*e670fd5cSchristos	fi
324*e670fd5cSchristos	echo "Waiting 5 seconds for slapd to start..."
325*e670fd5cSchristos	sleep 5
326*e670fd5cSchristosdone
327*e670fd5cSchristos
328*e670fd5cSchristosif test $RC != 0 ; then
329*e670fd5cSchristos	echo "ldapsearch failed ($RC)!"
330*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
331*e670fd5cSchristos	exit $RC
332*e670fd5cSchristosfi
333*e670fd5cSchristos
334*e670fd5cSchristosecho "Configuring syncrepl on consumer..."
335*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
336*e670fd5cSchristosdn: olcDatabase={0}config,cn=config
337*e670fd5cSchristoschangetype: modify
338*e670fd5cSchristosadd: olcSyncRepl
339*e670fd5cSchristosolcSyncRepl: rid=001 provider=$URI1 binddn="cn=config,cn=consumer"
340*e670fd5cSchristos  bindmethod=simple credentials=repsecret searchbase="cn=config,cn=consumer"
341*e670fd5cSchristos  $SYNCTYPE retry="3 5 300 5" timeout=3 logbase="cn=consumer-accesslog"
342*e670fd5cSchristos  logfilter="(&(objectclass=auditWriteObject)(reqresult=0))"
343*e670fd5cSchristos  syncdata=accesslog suffixmassage="cn=config"
344*e670fd5cSchristos-
345*e670fd5cSchristosadd: olcUpdateRef
346*e670fd5cSchristosolcUpdateRef: $URI1
347*e670fd5cSchristosEOF
348*e670fd5cSchristos
349*e670fd5cSchristossleep 1
350*e670fd5cSchristos
351*e670fd5cSchristosecho "Using ldapsearch to check that syncrepl received config changes..."
352*e670fd5cSchristosRC=32
353*e670fd5cSchristosfor i in 0 1 2 3 4 5; do
354*e670fd5cSchristos	RESULT=`$LDAPSEARCH -H $URI2 -D cn=config -y $CONFIGPWF \
355*e670fd5cSchristos		-s base -b "olcDatabase={0}config,cn=config" \
356*e670fd5cSchristos		'(olcUpdateRef=*)' 2>&1 | awk '/^dn:/ {print "OK"}'`
357*e670fd5cSchristos	if test "x$RESULT" = "xOK" ; then
358*e670fd5cSchristos		RC=0
359*e670fd5cSchristos		break
360*e670fd5cSchristos	fi
361*e670fd5cSchristos	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
362*e670fd5cSchristos	sleep $SLEEP1
363*e670fd5cSchristosdone
364*e670fd5cSchristos
365*e670fd5cSchristosif test $RC != 0 ; then
366*e670fd5cSchristos	echo "ldapsearch failed ($RC)!"
367*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
368*e670fd5cSchristos	exit $RC
369*e670fd5cSchristosfi
370*e670fd5cSchristos
371*e670fd5cSchristosecho "Adding schema and databases on provider..."
372*e670fd5cSchristos$LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
373*e670fd5cSchristosinclude: file://$ABS_SCHEMADIR/core.ldif
374*e670fd5cSchristos
375*e670fd5cSchristosinclude: file://$ABS_SCHEMADIR/cosine.ldif
376*e670fd5cSchristos
377*e670fd5cSchristosinclude: file://$ABS_SCHEMADIR/inetorgperson.ldif
378*e670fd5cSchristos
379*e670fd5cSchristosinclude: file://$ABS_SCHEMADIR/openldap.ldif
380*e670fd5cSchristos
381*e670fd5cSchristosinclude: file://$ABS_SCHEMADIR/nis.ldif
382*e670fd5cSchristosEOF
383*e670fd5cSchristosRC=$?
384*e670fd5cSchristosif test $RC != 0 ; then
385*e670fd5cSchristos	echo "ldapadd failed for schema config ($RC)!"
386*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
387*e670fd5cSchristos	exit $RC
388*e670fd5cSchristosfi
389*e670fd5cSchristos
390*e670fd5cSchristosecho "Using ldapsearch to check that syncrepl received the schema changes..."
391*e670fd5cSchristosRC=32
392*e670fd5cSchristosfor i in 0 1 2 3 4 5; do
393*e670fd5cSchristos	RESULT=`$LDAPSEARCH -H $URI2 -D cn=config -y $CONFIGPWF \
394*e670fd5cSchristos		-s sub -b "cn=schema,cn=config" \
395*e670fd5cSchristos		'(cn=*openldap)' 2>&1 | awk '/^dn:/ {print "OK"}'`
396*e670fd5cSchristos	if test "x$RESULT" = "xOK" ; then
397*e670fd5cSchristos		RC=0
398*e670fd5cSchristos		break
399*e670fd5cSchristos	fi
400*e670fd5cSchristos	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
401*e670fd5cSchristos	sleep $SLEEP1
402*e670fd5cSchristosdone
403*e670fd5cSchristos
404*e670fd5cSchristosif test "x$RESULT" != "xOK" ; then
405*e670fd5cSchristos	echo "consumer never received complete schema!"
406*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
407*e670fd5cSchristos	exit 1
408*e670fd5cSchristosfi
409*e670fd5cSchristos
410*e670fd5cSchristosnullExclude="" nullOK=""
411*e670fd5cSchristostest $BACKEND = null && nullExclude="# " nullOK="OK"
412*e670fd5cSchristos
413*e670fd5cSchristosif [ "$BACKENDTYPE" = mod ]; then
414*e670fd5cSchristos	$LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
415*e670fd5cSchristosdn: cn=module,cn=config,cn=consumer
416*e670fd5cSchristosobjectClass: olcModuleList
417*e670fd5cSchristoscn: module
418*e670fd5cSchristosolcModulePath: ../servers/slapd/back-$BACKEND
419*e670fd5cSchristosolcModuleLoad: back_$BACKEND.la
420*e670fd5cSchristosEOF
421*e670fd5cSchristos	RC=$?
422*e670fd5cSchristos	if test $RC != 0 ; then
423*e670fd5cSchristos		echo "ldapadd failed for backend config ($RC)!"
424*e670fd5cSchristos		test $KILLSERVERS != no && kill -HUP $KILLPIDS
425*e670fd5cSchristos		exit $RC
426*e670fd5cSchristos	fi
427*e670fd5cSchristosfi
428*e670fd5cSchristos
429*e670fd5cSchristos$LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
430*e670fd5cSchristosdn: olcDatabase={2}$BACKEND,cn=config
431*e670fd5cSchristosobjectClass: olcDatabaseConfig
432*e670fd5cSchristos${nullExclude}objectClass: olc${BACKEND}Config
433*e670fd5cSchristosolcDatabase: {2}$BACKEND
434*e670fd5cSchristosolcSuffix: $BASEDN
435*e670fd5cSchristos${nullExclude}olcDbDirectory: $DBDIR1B
436*e670fd5cSchristosolcRootDN: $MANAGERDN
437*e670fd5cSchristosolcRootPW: $PASSWD
438*e670fd5cSchristosolcSyncRepl: rid=002 provider=$URI1 binddn="$MANAGERDN" bindmethod=simple
439*e670fd5cSchristos  credentials=$PASSWD searchbase="$BASEDN" $SYNCTYPE
440*e670fd5cSchristos  retry="3 5 300 5" timeout=3
441*e670fd5cSchristosolcUpdateRef: $URI1
442*e670fd5cSchristos
443*e670fd5cSchristosdn: olcOverlay=syncprov,olcDatabase={2}${BACKEND},cn=config
444*e670fd5cSchristoschangetype: add
445*e670fd5cSchristosobjectClass: olcOverlayConfig
446*e670fd5cSchristosobjectClass: olcSyncProvConfig
447*e670fd5cSchristosolcOverlay: syncprov
448*e670fd5cSchristos
449*e670fd5cSchristosdn: olcDatabase={1}$BACKEND,cn=config,cn=consumer
450*e670fd5cSchristosobjectClass: olcDatabaseConfig
451*e670fd5cSchristos${nullExclude}objectClass: olc${BACKEND}Config
452*e670fd5cSchristosolcDatabase: {1}$BACKEND
453*e670fd5cSchristosolcSuffix: $BASEDN
454*e670fd5cSchristos${nullExclude}olcDbDirectory: $DBDIR2A
455*e670fd5cSchristosolcRootDN: $MANAGERDN
456*e670fd5cSchristosolcRootPW: $PASSWD
457*e670fd5cSchristosolcSyncRepl: rid=002 provider=$URI1 binddn="$MANAGERDN" bindmethod=simple
458*e670fd5cSchristos  credentials=$PASSWD searchbase="$BASEDN" $SYNCTYPE
459*e670fd5cSchristos  retry="3 5 300 5" timeout=3
460*e670fd5cSchristosolcUpdateRef: $URI1
461*e670fd5cSchristos
462*e670fd5cSchristosEOF
463*e670fd5cSchristosRC=$?
464*e670fd5cSchristosif test $RC != 0 ; then
465*e670fd5cSchristos	echo "ldapadd failed for database config ($RC)!"
466*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
467*e670fd5cSchristos	exit $RC
468*e670fd5cSchristosfi
469*e670fd5cSchristos
470*e670fd5cSchristosif test $INDEXDB = indexdb ; then
471*e670fd5cSchristos	$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
472*e670fd5cSchristosdn: olcDatabase={2}$BACKEND,cn=config
473*e670fd5cSchristoschangetype: modify
474*e670fd5cSchristosadd: olcDbIndex
475*e670fd5cSchristosolcDbIndex: objectClass,entryUUID,entryCSN eq
476*e670fd5cSchristosolcDbIndex: cn,uid pres,eq,sub
477*e670fd5cSchristosEOF
478*e670fd5cSchristos	RC=$?
479*e670fd5cSchristos	if test $RC != 0 ; then
480*e670fd5cSchristos		echo "ldapadd modify for database config ($RC)!"
481*e670fd5cSchristos		test $KILLSERVERS != no && kill -HUP $KILLPIDS
482*e670fd5cSchristos		exit $RC
483*e670fd5cSchristos	fi
484*e670fd5cSchristosfi
485*e670fd5cSchristos
486*e670fd5cSchristosecho "Using ldapadd to populate provider..."
487*e670fd5cSchristos$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD -f $LDIFORDERED \
488*e670fd5cSchristos	>> $TESTOUT 2>&1
489*e670fd5cSchristosRC=$?
490*e670fd5cSchristosif test $RC != 0 ; then
491*e670fd5cSchristos	echo "ldapadd failed for database config ($RC)!"
492*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
493*e670fd5cSchristos	exit $RC
494*e670fd5cSchristosfi
495*e670fd5cSchristos
496*e670fd5cSchristosecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
497*e670fd5cSchristossleep $SLEEP1
498*e670fd5cSchristos
499*e670fd5cSchristosecho "Using ldapsearch to check that syncrepl received database changes..."
500*e670fd5cSchristosRC=32
501*e670fd5cSchristosfor i in 0 1 2 3 4 5; do
502*e670fd5cSchristos	RESULT=`$LDAPSEARCH -H $URI2 \
503*e670fd5cSchristos		-s base -b "cn=Ursula Hampster,ou=Alumni Association,ou=People,dc=example,dc=com" \
504*e670fd5cSchristos		'(objectClass=*)' 2>&1 | awk '/^dn:/ {print "OK"}'`
505*e670fd5cSchristos	if test "x$RESULT$nullOK" = "xOK" ; then
506*e670fd5cSchristos		RC=0
507*e670fd5cSchristos		break
508*e670fd5cSchristos	fi
509*e670fd5cSchristos	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
510*e670fd5cSchristos	sleep $SLEEP1
511*e670fd5cSchristosdone
512*e670fd5cSchristos
513*e670fd5cSchristosif test $RC != 0 ; then
514*e670fd5cSchristos	echo "ldapsearch failed ($RC)!"
515*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
516*e670fd5cSchristos	exit $RC
517*e670fd5cSchristosfi
518*e670fd5cSchristos
519*e670fd5cSchristosecho "Using ldapsearch to read all the entries from the provider..."
520*e670fd5cSchristos$LDAPSEARCH -S "" -b "$BASEDN" -D "$MANAGERDN" -H $URI1 -w $PASSWD  \
521*e670fd5cSchristos	'objectclass=*' > $PROVIDEROUT 2>&1
522*e670fd5cSchristosRC=$?
523*e670fd5cSchristos
524*e670fd5cSchristosif test $RC != 0 ; then
525*e670fd5cSchristos	echo "ldapsearch failed at provider ($RC)!"
526*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
527*e670fd5cSchristos	exit $RC
528*e670fd5cSchristosfi
529*e670fd5cSchristos
530*e670fd5cSchristosecho "Using ldapsearch to read all the entries from the consumer..."
531*e670fd5cSchristos$LDAPSEARCH -S "" -b "$BASEDN" -D "$MANAGERDN" -H $URI2 -w $PASSWD  \
532*e670fd5cSchristos	'objectclass=*' > $CONSUMEROUT 2>&1
533*e670fd5cSchristosRC=$?
534*e670fd5cSchristos
535*e670fd5cSchristosif test $RC != 0 ; then
536*e670fd5cSchristos	echo "ldapsearch failed at consumer ($RC)!"
537*e670fd5cSchristos	test $KILLSERVERS != no && kill -HUP $KILLPIDS
538*e670fd5cSchristos	exit $RC
539*e670fd5cSchristosfi
540*e670fd5cSchristos
541*e670fd5cSchristostest $KILLSERVERS != no && kill -HUP $KILLPIDS
542*e670fd5cSchristos
543*e670fd5cSchristosecho "Filtering provider results..."
544*e670fd5cSchristos$LDIFFILTER < $PROVIDEROUT > $PROVIDERFLT
545*e670fd5cSchristosecho "Filtering consumer results..."
546*e670fd5cSchristos$LDIFFILTER < $CONSUMEROUT > $CONSUMERFLT
547*e670fd5cSchristos
548*e670fd5cSchristosecho "Comparing retrieved entries from provider and consumer..."
549*e670fd5cSchristos$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
550*e670fd5cSchristos
551*e670fd5cSchristosif test $? != 0 ; then
552*e670fd5cSchristos	echo "test failed - provider and consumer databases differ"
553*e670fd5cSchristos	exit 1
554*e670fd5cSchristosfi
555*e670fd5cSchristos
556*e670fd5cSchristosecho ">>>>> Test succeeded"
557*e670fd5cSchristos
558*e670fd5cSchristostest $KILLSERVERS != no && wait
559*e670fd5cSchristos
560*e670fd5cSchristosexit 0
561