1#! /bin/sh 2# $OpenLDAP$ 3## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4## 5## Copyright 1998-2021 The OpenLDAP Foundation. 6## All rights reserved. 7## 8## Redistribution and use in source and binary forms, with or without 9## modification, are permitted only as authorized by the OpenLDAP 10## Public License. 11## 12## A copy of this license is available in the file LICENSE in the 13## top-level directory of the distribution or, alternatively, at 14## <http://www.OpenLDAP.org/license.html>. 15 16echo "running defines.sh" 17. $SRCDIR/scripts/defines.sh 18 19if test $BACKSQL = "sqlno" ; then 20 echo "SQL backend not available, test skipped" 21 exit 0 22fi 23 24if test $RDBMS = "rdbmsno" ; then 25 echo "SQL test not requested, test skipped" 26 exit 0 27fi 28 29if test "${RDBMSWRITE}" != "yes"; then 30 echo "write test disabled for ${RDBMS}; set SLAPD_USE_SQLWRITE=yes to enable" 31 exit 0 32fi 33 34mkdir -p $TESTDIR 35 36echo "Starting slapd on TCP/IP port $PORT1..." 37. $CONFFILTER $BACKEND < $SQLCONF > $CONF1 38$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & 39PID=$! 40if test $WAIT != 0 ; then 41 echo PID $PID 42 read foo 43fi 44KILLPIDS="$PID" 45 46echo "Testing SQL backend write operations..." 47for i in 0 1 2 3 4 5; do 48 $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 49 'objectclass=*' > /dev/null 2>&1 50 RC=$? 51 if test $RC = 0 ; then 52 break 53 fi 54 echo "Waiting 5 seconds for slapd to start..." 55 sleep 5 56done 57 58if test $RC != 0 ; then 59 echo "ldapsearch failed ($RC)!" 60 test $KILLSERVERS != no && kill -HUP $KILLPIDS 61 exit $RC 62fi 63 64cat /dev/null > $SEARCHOUT 65 66BASEDN="dc=example,dc=com" 67 68echo "Using ldapsearch to retrieve all the entries..." 69echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT 70$LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \ 71 "objectClass=*" >> $SEARCHOUT 2>&1 72 73RC=$? 74if test $RC != 0 ; then 75 echo "ldapsearch failed ($RC)!" 76 test $KILLSERVERS != no && kill -HUP $KILLPIDS 77 exit $RC 78fi 79 80case ${RDBMS} in 81 # list here the RDBMSes whose mapping allows writes 82pgsql|ibmdb2) 83 MANAGERDN="cn=Manager,${BASEDN}" 84 echo "Testing add..." 85 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 86 -H $URI1 >> $TESTOUT 2>&1 << EOMODS 87version: 1 88 89# Adding an organization... 90dn: o=An Org,${BASEDN} 91changetype: add 92objectClass: organization 93o: An Org 94 95# Adding an organization with an "auxiliary" objectClass.. 96dn: dc=subnet,${BASEDN} 97changetype: add 98objectClass: organization 99objectClass: dcObject 100o: SubNet 101dc: subnet 102 103# Adding another organization with an "auxiliary" objectClass.. 104dn: dc=subnet2,${BASEDN} 105changetype: add 106objectClass: organization 107objectClass: dcObject 108o: SubNet 2 109dc: subnet2 110 111# Adding a person... 112dn: cn=Lev Tolstoij,${BASEDN} 113changetype: add 114objectClass: inetOrgPerson 115cn: Lev Tolstoij 116sn: Tolstoij 117givenName: Lev 118telephoneNumber: +39 02 XXXX YYYY 119telephoneNumber: +39 02 XXXX ZZZZ 120userPassword: tanja 121 122# Adding a person with an "auxiliary" objectClass... 123dn: cn=Some One,${BASEDN} 124changetype: add 125objectClass: inetOrgPerson 126objectClass: simpleSecurityObject 127cn: Some One 128sn: One 129givenName: Some 130telephoneNumber: +1 800 900 1234 131telephoneNumber: +1 800 900 1235 132userPassword: someone 133 134# Adding a person in another subtree... 135dn: cn=SubNet User,dc=subnet,${BASEDN} 136changetype: add 137objectClass: inetOrgPerson 138cn: SubNet User 139sn: User 140givenName: SubNet 141 142# Adding a document... 143dn: documentTitle=War and Peace,${BASEDN} 144changetype: add 145objectClass: document 146description: Historical novel 147documentTitle: War and Peace 148documentAuthor: cn=Lev Tolstoij,dc=example,dc=com 149documentIdentifier: document 3 150EOMODS 151 152 RC=$? 153 if test $RC != 0 ; then 154 echo "ldapmodify failed ($RC)!" 155 test $KILLSERVERS != no && kill -HUP $KILLPIDS 156 exit $RC 157 fi 158 159 echo "Using ldapsearch to retrieve all the entries..." 160 echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT 161 $LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \ 162 "objectClass=*" >> $SEARCHOUT 2>&1 163 164 RC=$? 165 if test $RC != 0 ; then 166 echo "ldapsearch failed ($RC)!" 167 test $KILLSERVERS != no && kill -HUP $KILLPIDS 168 exit $RC 169 fi 170 171 echo "Testing modify..." 172 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 173 -H $URI1 >> $TESTOUT 2>&1 << EOMODS 174version: 1 175 176# Deleting all telephone numbers... 177dn: cn=Some One,${BASEDN} 178changetype: modify 179delete: telephoneNumber 180- 181 182# Adding a telephone number... 183dn: cn=Mitya Kovalev,${BASEDN} 184changetype: modify 185add: telephoneNumber 186telephoneNumber: +1 800 123 4567 187- 188 189# Deleting a specific telephone number and adding a new one... 190dn: cn=Lev Tolstoij,${BASEDN} 191changetype: modify 192delete: telephoneNumber 193telephoneNumber: +39 02 XXXX YYYY 194- 195add: telephoneNumber 196telephoneNumber: +39 333 ZZZ 1234 197- 198 199# Adding an author to a document... 200dn: documentTitle=book1,${BASEDN} 201changetype: modify 202add: documentAuthor 203documentAuthor: cn=Lev Tolstoij,${BASEDN} 204- 205 206# Adding an author to another document... 207dn: documentTitle=book2,${BASEDN} 208changetype: modify 209add: documentAuthor 210documentAuthor: cn=Lev Tolstoij,${BASEDN} 211- 212 213# Adding an "auxiliary" objectClass... 214dn: cn=Mitya Kovalev,${BASEDN} 215changetype: modify 216add: objectClass 217objectClass: simpleSecurityObject 218- 219 220# Deleting an "auxiliary" objectClass... 221dn: cn=Some One,${BASEDN} 222changetype: modify 223delete: objectClass 224objectClass: simpleSecurityObject 225- 226 227# Deleting userPasswords 228dn: cn=Lev Tolstoij,${BASEDN} 229changetype: modify 230delete: userPassword 231- 232EOMODS 233 234 RC=$? 235 if test $RC != 0 ; then 236 echo "ldapmodify failed ($RC)!" 237 test $KILLSERVERS != no && kill -HUP $KILLPIDS 238 exit $RC 239 fi 240 241 echo "Using ldapsearch to retrieve all the entries..." 242 echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT 243 $LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \ 244 "objectClass=*" >> $SEARCHOUT 2>&1 245 246 RC=$? 247 if test $RC != 0 ; then 248 echo "ldapsearch failed ($RC)!" 249 test $KILLSERVERS != no && kill -HUP $KILLPIDS 250 exit $RC 251 fi 252 253 echo "Testing delete..." 254 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 255 -H $URI1 >> $TESTOUT 2>&1 << EOMODS 256version: 1 257 258# Deleting a person... 259dn: cn=Torvlobnor Puzdoy,${BASEDN} 260changetype: delete 261 262# Deleting a document... 263dn: documentTitle=book1,${BASEDN} 264changetype: delete 265 266# Deleting an organization with an "auxiliary" objectClass... 267dn: dc=subnet2,${BASEDN} 268changetype: delete 269EOMODS 270 271 RC=$? 272 if test $RC != 0 ; then 273 echo "ldapmodify failed ($RC)!" 274 test $KILLSERVERS != no && kill -HUP $KILLPIDS 275 exit $RC 276 fi 277 278 echo "Using ldapsearch to retrieve all the entries..." 279 echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT 280 $LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \ 281 "objectClass=*" >> $SEARCHOUT 2>&1 282 283 RC=$? 284 if test $RC != 0 ; then 285 echo "ldapsearch failed ($RC)!" 286 test $KILLSERVERS != no && kill -HUP $KILLPIDS 287 exit $RC 288 fi 289 290 echo "Testing rename..." 291 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 292 -H $URI1 >> $TESTOUT 2>&1 << EOMODS 293version: 1 294 295# Renaming an organization... 296dn: o=An Org,${BASEDN} 297changetype: modrdn 298newrdn: o=Renamed Org 299deleteoldrdn: 1 300 301# Moving a person to another subtree... 302dn: cn=Lev Tolstoij,${BASEDN} 303changetype: modrdn 304newrdn: cn=Lev Tolstoij 305deleteoldrdn: 0 306newsuperior: dc=subnet,${BASEDN} 307 308# Renaming a book... 309dn: documentTitle=book2,${BASEDN} 310changetype: modrdn 311newrdn: documentTitle=Renamed Book 312deleteoldrdn: 1 313EOMODS 314 315 RC=$? 316 if test $RC != 0 ; then 317 echo "ldapmodify failed ($RC)!" 318 test $KILLSERVERS != no && kill -HUP $KILLPIDS 319 exit $RC 320 fi 321 322 echo "Using ldapsearch to retrieve all the entries..." 323 echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT 324 $LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \ 325 "objectClass=*" >> $SEARCHOUT 2>&1 326 327 RC=$? 328 if test $RC != 0 ; then 329 echo "ldapsearch failed ($RC)!" 330 test $KILLSERVERS != no && kill -HUP $KILLPIDS 331 exit $RC 332 fi 333 334 echo "Adding a child to a referral (should fail)..." 335 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 336 -H $URI1 >> $TESTOUT 2>&1 << EOMODS 337version: 1 338 339dn: cn=Should Fail,ou=Referral,${BASEDN} 340changetype: add 341objectClass: inetOrgPerson 342cn: Should Fail 343sn: Fail 344telephoneNumber: +39 02 23456789 345EOMODS 346 347 RC=$? 348 if test $RC = 0 ; then 349 echo "ldapmodify should have failed ($RC)!" 350 test $KILLSERVERS != no && kill -HUP $KILLPIDS 351 exit 1 352 fi 353 354 echo "Modifying a referral (should fail)..." 355 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 356 -H $URI1 >> $TESTOUT 2>&1 << EOMODS 357version: 1 358 359dn: ou=Referral,${BASEDN} 360changetype: modify 361replace: ref 362ref: ldap://localhost:9009/ 363- 364EOMODS 365 366 RC=$? 367 if test $RC = 0 ; then 368 echo "ldapmodify should have failed ($RC)!" 369 test $KILLSERVERS != no && kill -HUP $KILLPIDS 370 exit 1 371 fi 372 373 echo "Renaming a referral (should fail)..." 374 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 375 -H $URI1 >> $TESTOUT 2>&1 << EOMODS 376version: 1 377 378dn: ou=Referral,${BASEDN} 379changetype: modrdn 380newrdn: ou=Renamed Referral 381deleteoldrdn: 1 382EOMODS 383 384 RC=$? 385 if test $RC = 0 ; then 386 echo "ldapmodify should have failed ($RC)!" 387 test $KILLSERVERS != no && kill -HUP $KILLPIDS 388 exit 1 389 fi 390 391 echo "Deleting a referral (should fail)..." 392 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 393 -H $URI1 >> $TESTOUT 2>&1 << EOMODS 394version: 1 395 396dn: ou=Referral,${BASEDN} 397changetype: delete 398EOMODS 399 400 RC=$? 401 if test $RC = 0 ; then 402 echo "ldapmodify should have failed ($RC)!" 403 test $KILLSERVERS != no && kill -HUP $KILLPIDS 404 exit 1 405 fi 406 407 echo "Adding a referral..." 408 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 409 -H $URI1 -M >> $TESTOUT 2>&1 << EOMODS 410version: 1 411 412dn: ou=Another Referral,${BASEDN} 413changetype: add 414objectClass: referral 415objectClass: extensibleObject 416ou: Another Referral 417ref: ldap://localhost:9009/ 418EOMODS 419 420 RC=$? 421 if test $RC != 0 ; then 422 echo "ldapmodify failed ($RC)!" 423 test $KILLSERVERS != no && kill -HUP $KILLPIDS 424 exit $RC 425 fi 426 427 echo "Modifying a referral with manageDSAit..." 428 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 429 -H $URI1 -M >> $TESTOUT 2>&1 << EOMODS 430version: 1 431 432dn: ou=Referral,${BASEDN} 433changetype: modify 434replace: ref 435ref: ldap://localhost:9009/ 436- 437EOMODS 438 439 RC=$? 440 if test $RC != 0 ; then 441 echo "ldapmodify failed ($RC)!" 442 test $KILLSERVERS != no && kill -HUP $KILLPIDS 443 exit $RC 444 fi 445 446 echo "Using ldapsearch to retrieve the modified entry..." 447 echo "# Using ldapsearch to retrieve the modified entry..." >> $SEARCHOUT 448 $LDAPSEARCH -S "" -H $URI1 -b "ou=Referral,$BASEDN" -M \ 449 "objectClass=*" '*' ref >> $SEARCHOUT 2>&1 450 451 RC=$? 452 if test $RC != 0 ; then 453 echo "ldapsearch failed ($RC)!" 454 test $KILLSERVERS != no && kill -HUP $KILLPIDS 455 exit $RC 456 fi 457 458 echo "Renaming a referral with manageDSAit..." 459 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 460 -H $URI1 -M >> $TESTOUT 2>&1 << EOMODS 461version: 1 462 463dn: ou=Referral,${BASEDN} 464changetype: modrdn 465newrdn: ou=Renamed Referral 466deleteoldrdn: 1 467EOMODS 468 469 RC=$? 470 if test $RC != 0 ; then 471 echo "ldapmodify failed ($RC)!" 472 test $KILLSERVERS != no && kill -HUP $KILLPIDS 473 exit $RC 474 fi 475 476 echo "Using ldapsearch to retrieve the renamed entry..." 477 echo "# Using ldapsearch to retrieve the renamed entry..." >> $SEARCHOUT 478 $LDAPSEARCH -S "" -H $URI1 -b "ou=Renamed Referral,$BASEDN" -M \ 479 "objectClass=*" '*' ref >> $SEARCHOUT 2>&1 480 481 RC=$? 482 if test $RC != 0 ; then 483 echo "ldapsearch failed ($RC)!" 484 test $KILLSERVERS != no && kill -HUP $KILLPIDS 485 exit $RC 486 fi 487 488 echo "Deleting a referral with manageDSAit..." 489 $LDAPMODIFY -v -c -D "$MANAGERDN" -w $PASSWD \ 490 -H $URI1 -M >> $TESTOUT 2>&1 << EOMODS 491version: 1 492 493dn: ou=Renamed Referral,${BASEDN} 494changetype: delete 495EOMODS 496 497 RC=$? 498 if test $RC != 0 ; then 499 echo "ldapmodify failed ($RC)!" 500 test $KILLSERVERS != no && kill -HUP $KILLPIDS 501 exit $RC 502 fi 503 504 BINDDN="cn=Mitya Kovalev,${BASEDN}" 505 BINDPW="mit" 506 NEWPW="newsecret" 507 echo "Testing passwd change..." 508 $LDAPPASSWD -H $URI1 \ 509 -D "${BINDDN}" -w ${BINDPW} -s ${NEWPW} \ 510 "$BINDDN" >> $TESTOUT 2>&1 511 512 RC=$? 513 if test $RC != 0 ; then 514 echo "ldappasswd failed ($RC)!" 515 test $KILLSERVERS != no && kill -HUP $KILLPIDS 516 exit $RC 517 fi 518 519 echo -n "Testing bind with new secret... " 520 $LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $NEWPW 521 RC=$? 522 if test $RC != 0 ; then 523 echo "ldapwhoami failed ($RC)!" 524 test $KILLSERVERS != no && kill -HUP $KILLPIDS 525 exit $RC 526 fi 527 528 BINDDN="cn=Some One,${BASEDN}" 529 BINDPW="someone" 530 echo -n "Testing bind with newly added user... " 531 $LDAPWHOAMI -H $URI1 -D "$BINDDN" -w $BINDPW 532 RC=$? 533 if test $RC != 0 ; then 534 echo "ldapwhoami failed ($RC)!" 535 test $KILLSERVERS != no && kill -HUP $KILLPIDS 536 exit $RC 537 fi 538 539 echo "Using ldapsearch to retrieve all the entries..." 540 echo "# Using ldapsearch to retrieve all the entries..." >> $SEARCHOUT 541 $LDAPSEARCH -S "" -H $URI1 -b "$BASEDN" \ 542 "objectClass=*" >> $SEARCHOUT 2>&1 543 544 RC=$? 545 if test $RC != 0 ; then 546 echo "ldapsearch failed ($RC)!" 547 test $KILLSERVERS != no && kill -HUP $KILLPIDS 548 exit $RC 549 fi 550 551 echo "Filtering ldapsearch results..." 552 $LDIFFILTER < $SEARCHOUT > $SEARCHFLT 553 echo "Filtering modified ldif..." 554 $LDIFFILTER < $SQLWRITE > $LDIFFLT 555 echo "Comparing filter output..." 556 $CMP $SEARCHFLT $LDIFFLT > $CMPOUT 557 558 if test $? != 0 ; then 559 echo "comparison failed - SQL mods search didn't succeed" 560 test $KILLSERVERS != no && kill -HUP $KILLPIDS 561 exit 1 562 fi 563 ;; 564 565*) 566 echo "apparently ${RDBMS} does not support writes; skipping..." 567 ;; 568esac 569 570test $KILLSERVERS != no && kill -HUP $KILLPIDS 571 572echo ">>>>> Test succeeded" 573exit 0 574