1#! /bin/sh
2# $OpenLDAP$
3## This work is part of OpenLDAP Software <http://www.openldap.org/>.
4##
5## Copyright 1998-2011 The OpenLDAP Foundation.
6## All rights reserved.
7##
8## Redistribution and use in source and binary forms, with or without
9## modification, are permitted only as authorized by the OpenLDAP
10## Public License.
11##
12## A copy of this license is available in the file LICENSE in the
13## top-level directory of the distribution or, alternatively, at
14## <http://www.OpenLDAP.org/license.html>.
15
16echo "running defines.sh"
17. $SRCDIR/scripts/defines.sh
18
19if test $MEMBEROF = memberofno; then 
20	echo "Memberof overlay not available, test skipped"
21	exit 0
22fi 
23
24mkdir -p $TESTDIR $DBDIR1 $TESTDIR/confdir
25
26$SLAPPASSWD -g -n >$CONFIGPWF
27echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf
28
29echo "Starting slapd on TCP/IP port $PORT1..."
30. $CONFFILTER $BACKEND $MONITORDB < $NAKEDCONF > $CONF1
31$SLAPD -f $CONF1 -F $TESTDIR/confdir -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
32PID=$!
33if test $WAIT != 0 ; then
34    echo PID $PID
35    read foo
36fi
37KILLPIDS="$PID"
38
39sleep 1
40for i in 0 1 2 3 4 5; do
41	$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
42		'objectclass=*' > /dev/null 2>&1
43	RC=$?
44	if test $RC = 0 ; then
45		break
46	fi
47	echo "Waiting 5 seconds for slapd to start..."
48	sleep 5
49done
50if test $RC != 0 ; then
51	echo "ldapsearch failed ($RC)!"
52	test $KILLSERVERS != no && kill -HUP $KILLPIDS
53	exit $RC
54fi
55
56cat /dev/null > $TESTOUT
57
58if [ "$MEMBEROF" = memberofmod ]; then
59	echo "Inserting memberof overlay on provider..."
60	$LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1
61dn: cn=module,cn=config
62objectClass: olcModuleList
63cn: module
64olcModulePath: ../servers/slapd/overlays
65olcModuleLoad: memberof.la
66EOF
67	RC=$?
68	if test $RC != 0 ; then
69		echo "ldapadd failed for moduleLoad ($RC)!"
70		test $KILLSERVERS != no && kill -HUP $KILLPIDS
71		exit $RC
72	fi
73fi
74
75indexInclude="" mainInclude="" bdbInclude="# " nullExclude=""
76test $INDEXDB = indexdb	|| indexInclude="# "
77test $MAINDB  = maindb	|| mainInclude="# "
78case $BACKEND in
79bdb | hdb) bdbInclude="" ;;
80null) nullExclude="# " ;;
81esac
82
83echo "Running ldapadd to build slapd config database..."
84$LDAPADD -h $LOCALHOST -p $PORT1 -D 'cn=config' -w `cat $CONFIGPWF` \
85	>> $TESTOUT 2>&1 <<EOF
86dn: cn=symas group example,cn=schema,cn=config
87objectClass: olcSchemaConfig
88cn: symas group example
89olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.1 
90 NAME 'memberA' SUP distinguishedName )
91olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.2
92 NAME 'memberOfA' SUP distinguishedName )
93olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.3 
94 NAME 'memberB' SUP distinguishedName )
95olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.4 
96 NAME 'memberOfB' SUP distinguishedName )
97olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.1 
98 NAME 'groupA' SUP top STRUCTURAL MUST cn MAY memberA )
99olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.2 
100 NAME 'groupMemberA' SUP top AUXILIARY MAY memberOfA )
101olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.3 
102 NAME 'groupB' SUP top STRUCTURAL MUST cn MAY memberB )
103olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.4 
104 NAME 'groupMemberB' SUP top AUXILIARY MAY memberOfB )
105
106dn: olcDatabase={1}$BACKEND,cn=config
107objectClass: olcDatabaseConfig
108${nullExclude}objectClass: olc${BACKEND}Config
109olcDatabase: {1}$BACKEND
110olcSuffix: $BASEDN
111olcRootDN: cn=Manager,$BASEDN
112olcRootPW:: c2VjcmV0
113olcMonitoring: TRUE
114${nullExclude}olcDbDirectory: $TESTDIR/db.1.a/
115${bdbInclude}olcDbCacheSize: 1000
116${indexInclude}olcDbIndex: objectClass eq
117${indexInclude}olcDbIndex: cn pres,eq,sub
118${indexInclude}olcDbIndex: uid pres,eq,sub
119${indexInclude}olcDbIndex: sn pres,eq,sub
120${mainInclude}olcDbMode: 384"
121
122dn: olcOverlay={0}memberof,olcDatabase={1}$BACKEND,cn=config
123objectClass: olcOverlayConfig
124objectClass: olcMemberOf
125olcOverlay: {0}memberof
126olcMemberOfRefInt: TRUE
127olcMemberOfGroupOC: groupOfNames
128olcMemberOfMemberAD: member
129olcMemberOfMemberOfAD: memberOf
130
131dn: olcOverlay={1}memberof,olcDatabase={1}$BACKEND,cn=config
132objectClass: olcOverlayConfig
133objectClass: olcMemberOf
134olcOverlay: {1}memberof
135olcMemberOfRefInt: TRUE
136olcMemberOfGroupOC: groupA
137olcMemberOfMemberAD: memberA
138olcMemberOfMemberOfAD: memberOfA
139
140dn: olcOverlay={2}memberof,olcDatabase={1}$BACKEND,cn=config
141objectClass: olcOverlayConfig
142objectClass: olcMemberOf
143olcOverlay: {2}memberof
144olcMemberOfRefInt: TRUE
145olcMemberOfGroupOC: groupB
146olcMemberOfMemberAD: memberB
147olcMemberOfMemberOfAD: memberOfB
148
149EOF
150RC=$?
151if test $RC != 0 ; then
152	echo "ldapadd failed ($RC)!"
153	test $KILLSERVERS != no && kill -HUP $KILLPIDS
154	exit $RC
155fi
156
157echo "Running ldapadd to build slapd database..."
158$LDAPADD -h $LOCALHOST -p $PORT1 \
159	-D "cn=Manager,$BASEDN" -w secret \
160	>> $TESTOUT 2>&1 << EOF
161dn: $BASEDN
162objectClass: organization
163objectClass: dcObject
164o: Example, Inc.
165dc: example
166
167dn: ou=People,$BASEDN
168objectClass: organizationalUnit
169ou: People
170
171dn: ou=Groups,$BASEDN
172objectClass: organizationalUnit
173ou: Groups
174
175dn: cn=Roger Rabbit,ou=People,$BASEDN
176objectClass: inetOrgPerson
177cn: Roger Rabbit
178sn: Rabbit
179
180dn: cn=Baby Herman,ou=People,$BASEDN
181objectClass: inetOrgPerson
182cn: Baby Herman
183sn: Herman
184
185dn: cn=Cartoonia,ou=Groups,$BASEDN
186objectClass: groupOfNames
187cn: Cartoonia
188member: cn=Roger Rabbit,ou=People,$BASEDN
189member: cn=Baby Herman,ou=People,$BASEDN
190EOF
191RC=$?
192if test $RC != 0 ; then
193	echo "ldapadd failed ($RC)!"
194	test $KILLSERVERS != no && kill -HUP $KILLPIDS
195	exit $RC
196fi
197
198echo "Search the entire database..."
199echo "# Search the entire database..." >> $SEARCHOUT
200$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
201	'(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
202RC=$?
203if test $RC != 0 ; then
204	echo "ldapsearch failed ($RC)!"
205	test $KILLSERVERS != no && kill -HUP $KILLPIDS
206	exit $RC
207fi
208
209echo "Running ldapmodify to add a member..."
210$LDAPMODIFY -h $LOCALHOST -p $PORT1 \
211	-D "cn=Manager,$BASEDN" -w secret \
212	>> $TESTOUT 2>&1 << EOF
213dn: cn=Jessica Rabbit,ou=People,$BASEDN
214changetype: add
215objectClass: inetOrgPerson
216cn: Jessica Rabbit
217sn: Rabbit
218
219dn: cn=Cartoonia,ou=Groups,$BASEDN
220changetype: modify
221add: member
222member: cn=Jessica Rabbit,ou=People,$BASEDN
223EOF
224
225echo "Re-search the entire database..."
226echo "# Re-search the entire database after adding Jessica Rabbit and Cartoonia..." >> $SEARCHOUT
227$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
228	'(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
229RC=$?
230if test $RC != 0 ; then
231	echo "ldapsearch failed ($RC)!"
232	test $KILLSERVERS != no && kill -HUP $KILLPIDS
233	exit $RC
234fi
235
236echo "Running ldapmodify to rename a member..."
237$LDAPMODIFY -h $LOCALHOST -p $PORT1 \
238	-D "cn=Manager,$BASEDN" -w secret \
239	>> $TESTOUT 2>&1 << EOF
240dn: cn=Baby Herman,ou=People,$BASEDN
241changetype: modrdn
242newrdn: cn=Baby Herman Jr
243deleteoldrdn: 1
244EOF
245
246echo "Re-search the entire database..."
247echo "# Re-search the entire database after renaming Baby Herman..." >> $SEARCHOUT
248$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
249	'(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
250RC=$?
251if test $RC != 0 ; then
252	echo "ldapsearch failed ($RC)!"
253	test $KILLSERVERS != no && kill -HUP $KILLPIDS
254	exit $RC
255fi
256
257echo "Running ldapmodify to rename a group..."
258$LDAPMODIFY -h $LOCALHOST -p $PORT1 \
259	-D "cn=Manager,$BASEDN" -w secret \
260	>> $TESTOUT 2>&1 << EOF
261dn: cn=Cartoonia,ou=Groups,$BASEDN
262changetype: modrdn
263newrdn: cn=Toon Town
264deleteoldrdn: 1
265EOF
266
267echo "Re-search the entire database..."
268echo "# Re-search the entire database after renaming Cartoonia..." >> $SEARCHOUT
269$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
270	'(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
271RC=$?
272if test $RC != 0 ; then
273	echo "ldapsearch failed ($RC)!"
274	test $KILLSERVERS != no && kill -HUP $KILLPIDS
275	exit $RC
276fi
277
278echo "Running ldapmodify to add self..."
279$LDAPMODIFY -h $LOCALHOST -p $PORT1 \
280	-D "cn=Manager,$BASEDN" -w secret \
281	>> $TESTOUT 2>&1 << EOF
282dn: cn=Toon Town,ou=Groups,$BASEDN
283changetype: modify
284add: member
285member: cn=Toon Town,ou=Groups,$BASEDN
286EOF
287
288echo "Re-search the entire database..."
289echo "# Re-search the entire database after adding Toon Town to self..." >> $SEARCHOUT
290$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
291	'(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
292RC=$?
293if test $RC != 0 ; then
294	echo "ldapsearch failed ($RC)!"
295	test $KILLSERVERS != no && kill -HUP $KILLPIDS
296	exit $RC
297fi
298
299echo "Running ldapdelete to remove a member..."
300$LDAPMODIFY -h $LOCALHOST -p $PORT1 \
301	-D "cn=Manager,$BASEDN" -w secret \
302	>> $TESTOUT 2>&1 << EOF
303dn: cn=Baby Herman Jr,ou=People,$BASEDN
304changetype: delete
305EOF
306
307echo "Re-search the entire database..."
308echo "# Re-search the entire database after deleting Baby Herman..." >> $SEARCHOUT
309$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
310	'(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
311RC=$?
312if test $RC != 0 ; then
313	echo "ldapsearch failed ($RC)!"
314	test $KILLSERVERS != no && kill -HUP $KILLPIDS
315	exit $RC
316fi
317
318echo "Running ldapdelete to remove a group..."
319$LDAPMODIFY -h $LOCALHOST -p $PORT1 \
320	-D "cn=Manager,$BASEDN" -w secret \
321	>> $TESTOUT 2>&1 << EOF
322dn: cn=Toon Town,ou=Groups,$BASEDN
323changetype: delete
324EOF
325
326echo "Re-search the entire database..."
327echo "# Re-search the entire database after deleting Toon Town..." >> $SEARCHOUT
328$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
329	'(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
330RC=$?
331if test $RC != 0 ; then
332	echo "ldapsearch failed ($RC)!"
333	test $KILLSERVERS != no && kill -HUP $KILLPIDS
334	exit $RC
335fi
336
337echo "Adding groups with MAY member type schemas..."
338$LDAPMODIFY -h $LOCALHOST -p $PORT1 \
339	-D "cn=Manager,$BASEDN" -w secret \
340	>> $TESTOUT 2>&1 <<EOF
341dn: cn=Roger Rabbit,ou=People,$BASEDN
342changetype: delete
343
344dn: cn=Jessica Rabbit,ou=People,$BASEDN
345changetype: delete
346
347dn: cn=person1,ou=People,$BASEDN
348changetype: add
349objectClass: person
350objectClass: groupMemberA
351objectClass: groupMemberB
352cn: person1
353sn: person1
354
355dn: cn=person2,ou=People,$BASEDN
356changetype: add
357objectClass: person
358objectClass: groupMemberA
359objectClass: groupMemberB
360cn: person2
361sn: person2
362
363dn: cn=group1,ou=Groups,$BASEDN
364changetype: add
365objectclass: groupA
366cn: group1
367memberA: cn=person1,ou=People,$BASEDN
368memberA: cn=person2,ou=People,$BASEDN
369
370dn: cn=group2,ou=Groups,$BASEDN
371changetype: add
372objectclass: groupB
373cn: group2
374memberB: cn=person1,ou=People,$BASEDN
375memberB: cn=person2,ou=People,$BASEDN
376
377dn: cn=group1,ou=Groups,$BASEDN
378changetype: modify
379delete: memberA
380
381EOF
382
383echo "Re-search the entire database..."
384echo "# Re-search the entire database after adding groups with MAY member type schemas..." >> $SEARCHOUT
385$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
386	'(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
387RC=$?
388if test $RC != 0 ; then
389	echo "ldapsearch failed ($RC)!"
390	test $KILLSERVERS != no && kill -HUP $KILLPIDS
391	exit $RC
392fi
393
394test $KILLSERVERS != no && kill -HUP $KILLPIDS
395
396LDIF=$MEMBEROFOUT
397
398echo "Filtering ldapsearch results..."
399$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
400echo "Filtering original ldif used to create database..."
401$LDIFFILTER < $LDIF > $LDIFFLT
402echo "Comparing filter output..."
403$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
404
405if test $? != 0 ; then
406	echo "Comparison failed"
407	exit 1
408fi
409
410echo ">>>>> Test succeeded"
411
412test $KILLSERVERS != no && wait
413
414exit 0
415