1#! /bin/sh
2## This work is part of OpenLDAP Software <http://www.openldap.org/>.
3##
4## Copyright 1998-2021 The OpenLDAP Foundation.
5## All rights reserved.
6##
7## Redistribution and use in source and binary forms, with or without
8## modification, are permitted only as authorized by the OpenLDAP
9## Public License.
10##
11## A copy of this license is available in the file LICENSE in the
12## top-level directory of the distribution or, alternatively, at
13## <http://www.OpenLDAP.org/license.html>.
14
15echo "running defines.sh"
16. $SRCDIR/scripts/defines.sh
17
18if test $DYNLIST = "dynlistno" ; then 
19	echo "dynlist overlay not available, test skipped"
20	exit 0
21fi 
22
23if test $BACKEND = ldif ; then
24	# dynlist+ldif fails because back-ldif lacks bi_op_compare()
25	echo "$BACKEND backend unsuitable for dynlist overlay, test skipped"
26	exit 0
27fi
28
29mkdir -p $TESTDIR $DBDIR1
30
31$SLAPPASSWD -g -n >$CONFIGPWF
32echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf
33
34DBIX=2
35
36echo "Running slapadd to build slapd database..."
37. $CONFFILTER $BACKEND < $DYNLISTCONF > $CONF1
38$SLAPADD -f $CONF1 -l $LDIFORDERED
39RC=$?
40if test $RC != 0 ; then
41	echo "slapadd failed ($RC)!"
42	exit $RC
43fi
44
45
46echo "Starting slapd on TCP/IP port $PORT1..."
47$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 &
48PID=$!
49if test $WAIT != 0 ; then
50    echo PID $PID
51    read foo
52fi
53KILLPIDS="$PID"
54
55sleep 1
56
57echo "Testing slapd searching..."
58for i in 0 1 2 3 4 5; do
59	$LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
60		'(objectclass=*)' > /dev/null 2>&1
61	RC=$?
62	if test $RC = 0 ; then
63		break
64	fi
65	echo "Waiting 5 seconds for slapd to start..."
66	sleep 5
67done
68
69if test $RC != 0 ; then
70	echo "ldapsearch failed ($RC)!"
71	test $KILLSERVERS != no && kill -HUP $KILLPIDS
72	exit $RC
73fi
74
75cat /dev/null > $SEARCHOUT
76
77LISTDN="ou=Dynamic Lists,$BASEDN"
78echo "Adding a dynamic list..."
79$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
80	> $TESTOUT 2>&1 << EOMODS
81dn: $LISTDN
82objectClass: organizationalUnit
83ou: Dynamic Lists
84
85dn: cn=Dynamic List,$LISTDN
86objectClass: groupOfURLs
87cn: Dynamic List
88memberURL: ldap:///ou=People,${BASEDN}?cn,mail?sub?(objectClass=person)
89EOMODS
90
91echo "Testing list search of all attrs..."
92echo "# Testing list search of all attrs..." >> $SEARCHOUT
93$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
94	'(cn=Dynamic List)' '*' \
95	>> $SEARCHOUT 2>&1
96RC=$?
97if test $RC != 0 ; then
98	echo "ldapsearch failed ($RC)!"
99	test $KILLSERVERS != no && kill -HUP $KILLPIDS
100	exit $RC
101fi
102
103echo "Testing list search of a listed attr..."
104echo "# Testing list search of a listed attr..." >> $SEARCHOUT
105$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
106	'(cn=Dynamic List)' mail \
107	>> $SEARCHOUT 2>&1
108RC=$?
109if test $RC != 0 ; then
110	echo "ldapsearch failed ($RC)!"
111	test $KILLSERVERS != no && kill -HUP $KILLPIDS
112	exit $RC
113fi
114
115echo "Testing list search of a non-listed attr..."
116echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT
117$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
118	'(cn=Dynamic List)' objectClass \
119	>> $SEARCHOUT 2>&1
120RC=$?
121if test $RC != 0 ; then
122	echo "ldapsearch failed ($RC)!"
123	test $KILLSERVERS != no && kill -HUP $KILLPIDS
124	exit $RC
125fi
126
127echo "Testing list search with (critical) manageDSAit..."
128echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT
129$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 -MM \
130	'(cn=Dynamic List)' '*' \
131	>> $SEARCHOUT 2>&1
132RC=$?
133if test $RC != 0 ; then
134	echo "ldapsearch failed ($RC)!"
135	test $KILLSERVERS != no && kill -HUP $KILLPIDS
136	exit $RC
137fi
138
139echo "Testing filtered search with all attrs..."
140echo "# Testing filtered search with all attrs..." >> $SEARCHOUT
141$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
142	'(mail=jdoe@woof.net)' '*' \
143	>> $SEARCHOUT 2>&1
144RC=$?
145if test $RC != 0 ; then
146	echo "ldapsearch failed ($RC)!"
147	test $KILLSERVERS != no && kill -HUP $KILLPIDS
148	exit $RC
149fi
150
151echo "Testing filtered search of a listed attr..."
152echo "# Testing filtered search of a listed attr..." >> $SEARCHOUT
153$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
154	'(mail=jdoe@woof.net)' mail \
155	>> $SEARCHOUT 2>&1
156RC=$?
157if test $RC != 0 ; then
158	echo "ldapsearch failed ($RC)!"
159	test $KILLSERVERS != no && kill -HUP $KILLPIDS
160	exit $RC
161fi
162
163echo "Testing filtered search of a non-listed attr..."
164echo "# Testing filtered search of a non-listed attr..." >> $SEARCHOUT
165$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
166	'(mail=jdoe@woof.net)' objectClass \
167	>> $SEARCHOUT 2>&1
168RC=$?
169if test $RC != 0 ; then
170	echo "ldapsearch failed ($RC)!"
171	test $KILLSERVERS != no && kill -HUP $KILLPIDS
172	exit $RC
173fi
174
175echo "Testing filtered search of a non-present attr..."
176echo "# Testing filtered search of a non-present attr..." >> $SEARCHOUT
177$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
178	'(mail=nobody@nowhere)' objectClass \
179	>> $SEARCHOUT 2>&1
180RC=$?
181if test $RC != 0 ; then
182	echo "ldapsearch failed ($RC)!"
183	test $KILLSERVERS != no && kill -HUP $KILLPIDS
184	exit $RC
185fi
186
187echo "Testing list compare..."
188echo "# Testing list compare..." >> $SEARCHOUT
189$LDAPCOMPARE -H $URI1 \
190	"cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \
191	>> $SEARCHOUT 2>&1
192RC=$?
193case $RC in
1945)
195	echo "ldapcompare returned FALSE ($RC)!"
196	test $KILLSERVERS != no && kill -HUP $KILLPIDS
197	exit $RC
198	;;
1996)
200	echo "ldapcompare returned TRUE ($RC)"
201	;;
2020)
203	echo "ldapcompare returned success ($RC)!"
204	test $KILLSERVERS != no && kill -HUP $KILLPIDS
205	exit -1
206	;;
207*)
208	echo "ldapcompare failed ($RC)!"
209	test $KILLSERVERS != no && kill -HUP $KILLPIDS
210	exit $RC
211	;;
212esac
213echo "" >> $SEARCHOUT
214
215echo "Testing list compare (should return FALSE)..."
216echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
217$LDAPCOMPARE -H $URI1 \
218	"cn=Dynamic List,$LISTDN" "cn:FALSE" \
219	>> $SEARCHOUT 2>&1
220RC=$?
221case $RC in
2225)
223	echo "ldapcompare returned FALSE ($RC)"
224	;;
2256)
226	echo "ldapcompare returned TRUE ($RC)!"
227	test $KILLSERVERS != no && kill -HUP $KILLPIDS
228	exit $RC
229	;;
2300)
231	echo "ldapcompare returned success ($RC)!"
232	test $KILLSERVERS != no && kill -HUP $KILLPIDS
233	exit -1
234	;;
235*)
236	echo "ldapcompare failed ($RC)!"
237	test $KILLSERVERS != no && kill -HUP $KILLPIDS
238	exit $RC
239	;;
240esac
241echo "" >> $SEARCHOUT
242
243echo "Testing list compare (should return UNDEFINED)..."
244echo "# Testing list compare (should return UNDEFINED)..." >> $SEARCHOUT
245$LDAPCOMPARE -H $URI1 \
246	"cn=Dynamic List,$LISTDN" "dc:UNDEFINED" \
247	>> $SEARCHOUT 2>&1
248RC=$?
249case $RC in
2505)
251	echo "ldapcompare returned FALSE ($RC)!"
252	test $KILLSERVERS != no && kill -HUP $KILLPIDS
253	exit $RC
254	;;
2556)
256	echo "ldapcompare returned TRUE ($RC)!"
257	test $KILLSERVERS != no && kill -HUP $KILLPIDS
258	exit $RC
259	;;
26016|32)
261	echo "ldapcompare returned UNDEFINED ($RC)"
262	;;
2630)
264	echo "ldapcompare returned success ($RC)!"
265	test $KILLSERVERS != no && kill -HUP $KILLPIDS
266	exit -1
267	;;
268*)
269	echo "ldapcompare failed ($RC)"
270	;;
271esac
272echo "" >> $SEARCHOUT
273
274echo "Testing list compare with manageDSAit..."
275echo "# Testing list compare with manageDSAit..." >> $SEARCHOUT
276$LDAPCOMPARE -H $URI1 -MM \
277	"cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \
278	>> $SEARCHOUT 2>&1
279RC=$?
280case $RC in
2815)
282	echo "ldapcompare returned FALSE ($RC)"
283	;;
2846)
285	echo "ldapcompare returned TRUE ($RC)!"
286	test $KILLSERVERS != no && kill -HUP $KILLPIDS
287	exit $RC
288	;;
2890)
290	echo "ldapcompare returned success ($RC)!"
291	test $KILLSERVERS != no && kill -HUP $KILLPIDS
292	exit -1
293	;;
294*)
295	echo "ldapcompare failed ($RC)!"
296	test $KILLSERVERS != no && kill -HUP $KILLPIDS
297	exit $RC
298	;;
299esac
300echo "" >> $SEARCHOUT
301
302echo "Reconfiguring slapd..."
303$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
304	$TESTOUT 2>&1 << EOMODS
305version: 1
306dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
307changetype: modify
308delete: olcDynListAttrSet
309olcDynListAttrSet: {0}
310-
311add: olcDynListAttrSet
312olcDynListAttrSet: groupOfURLs memberURL sn:cn mail
313-
314EOMODS
315
316RC=$?
317if test $RC != 0 ; then
318	echo "ldapmodify failed ($RC)!"
319	test $KILLSERVERS != no && kill -HUP $KILLPIDS
320	exit $RC
321fi
322
323echo "==========================================================" >> $LOG1
324
325echo "Testing attribute mapping"
326
327echo "Testing list search of all (mapped) attrs..."
328echo "# Testing list search of all (mapped) attrs..." >> $SEARCHOUT
329$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
330	'(cn=Dynamic List)' '*' \
331	>> $SEARCHOUT 2>&1
332RC=$?
333if test $RC != 0 ; then
334	echo "ldapsearch failed ($RC)!"
335	test $KILLSERVERS != no && kill -HUP $KILLPIDS
336	exit $RC
337fi
338
339echo "Testing list search of a (mapped) listed attr..."
340echo "# Testing list search of a (mapped) listed attr..." >> $SEARCHOUT
341$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
342	'(cn=Dynamic List)' sn \
343	>> $SEARCHOUT 2>&1
344RC=$?
345if test $RC != 0 ; then
346	echo "ldapsearch failed ($RC)!"
347	test $KILLSERVERS != no && kill -HUP $KILLPIDS
348	exit $RC
349fi
350
351echo "Testing list search of a (n unmapped) listed attr..."
352echo "# Testing list search of a (n unmapped) listed attr..." >> $SEARCHOUT
353$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
354	'(cn=Dynamic List)' mail \
355	>> $SEARCHOUT 2>&1
356RC=$?
357if test $RC != 0 ; then
358	echo "ldapsearch failed ($RC)!"
359	test $KILLSERVERS != no && kill -HUP $KILLPIDS
360	exit $RC
361fi
362
363echo "Testing list compare (mapped attrs) ..."
364echo "# Testing list compare (mapped attrs) ..." >> $SEARCHOUT
365$LDAPCOMPARE -H $URI1 \
366	"cn=Dynamic List,$LISTDN" "sn:Bjorn Jensen" \
367	>> $SEARCHOUT 2>&1
368RC=$?
369case $RC in
3705)
371	echo "ldapcompare returned FALSE ($RC)!"
372	test $KILLSERVERS != no && kill -HUP $KILLPIDS
373	exit $RC
374	;;
3756)
376	echo "ldapcompare returned TRUE ($RC)"
377	;;
3780)
379	echo "ldapcompare returned success ($RC)!"
380	test $KILLSERVERS != no && kill -HUP $KILLPIDS
381	exit -1
382	;;
383*)
384	echo "ldapcompare failed ($RC)!"
385	test $KILLSERVERS != no && kill -HUP $KILLPIDS
386	exit $RC
387	;;
388esac
389echo "" >> $SEARCHOUT
390
391echo "Testing list compare (mapped attrs; should return FALSE)..."
392echo "# Testing list compare (mapped attrs; should return FALSE)..." >> $SEARCHOUT
393$LDAPCOMPARE -H $URI1 \
394	"cn=Dynamic List,$LISTDN" "sn:FALSE" \
395	>> $SEARCHOUT 2>&1
396RC=$?
397case $RC in
3985)
399	echo "ldapcompare returned FALSE ($RC)"
400	;;
4016)
402	echo "ldapcompare returned TRUE ($RC)!"
403	test $KILLSERVERS != no && kill -HUP $KILLPIDS
404	exit $RC
405	;;
4060)
407	echo "ldapcompare returned success ($RC)!"
408	test $KILLSERVERS != no && kill -HUP $KILLPIDS
409	exit -1
410	;;
411*)
412	echo "ldapcompare failed ($RC)!"
413	test $KILLSERVERS != no && kill -HUP $KILLPIDS
414	exit $RC
415	;;
416esac
417echo "" >> $SEARCHOUT
418
419echo "Reconfiguring slapd..."
420$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
421	$TESTOUT 2>&1 << EOMODS
422version: 1
423dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
424changetype: modify
425delete: olcDynListAttrSet
426olcDynListAttrSet: {0}
427-
428add: olcDynListAttrSet
429olcDynListAttrSet: groupOfURLs memberURL member
430-
431EOMODS
432
433RC=$?
434if test $RC != 0 ; then
435	echo "ldapmodify failed ($RC)!"
436	test $KILLSERVERS != no && kill -HUP $KILLPIDS
437	exit $RC
438fi
439
440echo "==========================================================" >> $LOG1
441
442echo "Adding a dynamic list..."
443$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
444	> $TESTOUT 2>&1 << EOMODS
445dn: cn=Dynamic List of Members,$LISTDN
446objectClass: groupOfURLs
447cn: Dynamic List of Members
448memberURL: ldap:///ou=People,${BASEDN}??sub?(objectClass=person)
449EOMODS
450
451echo "Testing list search of all attrs..."
452echo "# Testing list search of all attrs..." >> $SEARCHOUT
453$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
454	'(cn=Dynamic List of Members)' '*' \
455	>> $SEARCHOUT 2>&1
456RC=$?
457if test $RC != 0 ; then
458	echo "ldapsearch failed ($RC)!"
459	test $KILLSERVERS != no && kill -HUP $KILLPIDS
460	exit $RC
461fi
462
463echo "Testing list search of a listed attr..."
464echo "# Testing list search of a listed attr..." >> $SEARCHOUT
465$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
466	'(cn=Dynamic List of Members)' member \
467	>> $SEARCHOUT 2>&1
468RC=$?
469if test $RC != 0 ; then
470	echo "ldapsearch failed ($RC)!"
471	test $KILLSERVERS != no && kill -HUP $KILLPIDS
472	exit $RC
473fi
474
475echo "Testing list search of a non-listed attr..."
476echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT
477$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
478	'(cn=Dynamic List of Members)' objectClass \
479	>> $SEARCHOUT 2>&1
480RC=$?
481if test $RC != 0 ; then
482	echo "ldapsearch failed ($RC)!"
483	test $KILLSERVERS != no && kill -HUP $KILLPIDS
484	exit $RC
485fi
486
487echo "Testing list search with (critical) manageDSAit..."
488echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT
489$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 -MM \
490	'(&(cn=Dynamic List of Members)(objectClass=groupOfURLs))' '*' \
491	>> $SEARCHOUT 2>&1
492RC=$?
493if test $RC != 0 ; then
494	echo "ldapsearch failed ($RC)!"
495	test $KILLSERVERS != no && kill -HUP $KILLPIDS
496	exit $RC
497fi
498
499CMPDN="$BJORNSDN"
500echo "Testing list compare..."
501echo "# Testing list compare..." >> $SEARCHOUT
502$LDAPCOMPARE -H $URI1 \
503	"cn=Dynamic List of Members,$LISTDN" "member:$CMPDN" \
504	>> $SEARCHOUT 2>&1
505RC=$?
506case $RC in
5075)
508	echo "ldapcompare returned FALSE ($RC)!"
509	test $KILLSERVERS != no && kill -HUP $KILLPIDS
510	exit $RC
511	;;
5126)
513	echo "ldapcompare returned TRUE ($RC)"
514	;;
5150)
516	echo "ldapcompare returned success ($RC)!"
517	test $KILLSERVERS != no && kill -HUP $KILLPIDS
518	exit -1
519	;;
520*)
521	echo "ldapcompare failed ($RC)!"
522	test $KILLSERVERS != no && kill -HUP $KILLPIDS
523	exit $RC
524	;;
525esac
526echo "" >> $SEARCHOUT
527
528CMPDN="$BADBJORNSDN"
529echo "Testing list compare (should return FALSE)..."
530echo "# Testing list compare... (should return FALSE)" >> $SEARCHOUT
531$LDAPCOMPARE -H $URI1 \
532	"cn=Dynamic List of Members,$LISTDN" "member:$CMPDN" \
533	>> $SEARCHOUT 2>&1
534RC=$?
535case $RC in
5365)
537	echo "ldapcompare returned FALSE ($RC)"
538	;;
5396)
540	echo "ldapcompare returned TRUE ($RC)!"
541	test $KILLSERVERS != no && kill -HUP $KILLPIDS
542	exit $RC
543	;;
5440)
545	echo "ldapcompare returned success ($RC)!"
546	test $KILLSERVERS != no && kill -HUP $KILLPIDS
547	exit -1
548	;;
549*)
550	echo "ldapcompare failed ($RC)!"
551	test $KILLSERVERS != no && kill -HUP $KILLPIDS
552	exit $RC
553	;;
554esac
555echo "" >> $SEARCHOUT
556
557CMPDN="$BJORNSDN"
558echo "Testing list compare (should return FALSE)..."
559echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
560$LDAPCOMPARE -H $URI1 \
561	"cn=Dynamic List of Members,$LISTDN" "member:cn=Foo Bar" \
562	>> $SEARCHOUT 2>&1
563RC=$?
564case $RC in
5655)
566	echo "ldapcompare returned FALSE ($RC)"
567	;;
5686)
569	echo "ldapcompare returned TRUE ($RC)!"
570	test $KILLSERVERS != no && kill -HUP $KILLPIDS
571	exit $RC
572	;;
5730)
574	echo "ldapcompare returned success ($RC)!"
575	test $KILLSERVERS != no && kill -HUP $KILLPIDS
576	exit -1
577	;;
578*)
579	echo "ldapcompare failed ($RC)!"
580	test $KILLSERVERS != no && kill -HUP $KILLPIDS
581	exit $RC
582	;;
583esac
584echo "" >> $SEARCHOUT
585
586echo "Testing list compare with manageDSAit (should return UNDEFINED)..."
587echo "# Testing list compare with manageDSAit (should return UNDEFINED)..." >> $SEARCHOUT
588$LDAPCOMPARE -H $URI1 -MM \
589	"cn=Dynamic List,$LISTDN" "member:$CMPDN" \
590	>> $SEARCHOUT 2>&1
591RC=$?
592case $RC in
5935)
594	echo "ldapcompare returned FALSE ($RC)"
595	test $KILLSERVERS != no && kill -HUP $KILLPIDS
596	exit $RC
597	;;
5986)
599	echo "ldapcompare returned TRUE ($RC)!"
600	test $KILLSERVERS != no && kill -HUP $KILLPIDS
601	exit $RC
602	;;
60316|32)
604	echo "ldapcompare returned UNDEFINED ($RC)"
605	;;
6060)
607	echo "ldapcompare returned success ($RC)!"
608	test $KILLSERVERS != no && kill -HUP $KILLPIDS
609	exit -1
610	;;
611*)
612	echo "ldapcompare failed ($RC)!"
613	test $KILLSERVERS != no && kill -HUP $KILLPIDS
614	exit $RC
615	;;
616esac
617echo "" >> $SEARCHOUT
618
619echo "==========================================================" >> $LOG1
620
621echo "Testing dgIdentity..."
622
623# Set ACL, require authentication to get list contents
624$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
625	$TESTOUT 2>&1 << EOMODS
626version: 1
627dn: olcDatabase={$DBIX}$BACKEND,cn=config
628changetype: modify
629add: olcAccess
630olcAccess: to dn.base="cn=Dynamic List of Members,$LISTDN" by * read
631olcAccess: to * by users read by * search
632EOMODS
633
634RC=$?
635if test $RC != 0 ; then
636	echo "ldapmodify failed ($RC)!"
637	test $KILLSERVERS != no && kill -HUP $KILLPIDS
638	exit $RC
639fi
640
641echo "Testing list search without dgIdentity..."
642echo "# Testing list search without dgIdentity..." >> $SEARCHOUT
643$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
644	'(cn=Dynamic List of Members)' '*' \
645	>> $SEARCHOUT 2>&1
646RC=$?
647if test $RC != 0 ; then
648	echo "ldapsearch failed ($RC)!"
649	test $KILLSERVERS != no && kill -HUP $KILLPIDS
650	exit $RC
651fi
652
653$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
654	> $TESTOUT 2>&1 << EOMODS
655dn: cn=Dynamic List of Members,$LISTDN
656changetype: modify
657add: objectClass
658objectClass: dgIdentityAux
659-
660add: dgIdentity
661dgIdentity: $CMPDN
662EOMODS
663
664RC=$?
665if test $RC != 0 ; then
666	echo "ldapmodify failed ($RC)!"
667	test $KILLSERVERS != no && kill -HUP $KILLPIDS
668	exit $RC
669fi
670
671echo "Testing list search with dgIdentity..."
672echo "# Testing list search with dgIdentity..." >> $SEARCHOUT
673$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
674	'(cn=Dynamic List of Members)' '*' \
675	>> $SEARCHOUT 2>&1
676RC=$?
677if test $RC != 0 ; then
678	echo "ldapsearch failed ($RC)!"
679	test $KILLSERVERS != no && kill -HUP $KILLPIDS
680	exit $RC
681fi
682
683echo "Testing dgAuthz..."
684
685CMPDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN"
686$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
687	> $TESTOUT 2>&1 << EOMODS
688dn: cn=Dynamic List of Members,$LISTDN
689changetype: modify
690add: dgAuthz
691dgAuthz: dn:$BABSDN
692EOMODS
693
694RC=$?
695if test $RC != 0 ; then
696	echo "ldapmodify failed ($RC)!"
697	test $KILLSERVERS != no && kill -HUP $KILLPIDS
698	exit $RC
699fi
700
701echo "Testing list search with dgIdentity and dgAuthz anonymously..."
702echo "# Testing list search with dgIdentity and dgAuthz anonymously..." >> $SEARCHOUT
703$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
704	'(cn=Dynamic List of Members)' '*' \
705	>> $SEARCHOUT 2>&1
706RC=$?
707if test $RC != 0 ; then
708	echo "ldapsearch failed ($RC)!"
709	test $KILLSERVERS != no && kill -HUP $KILLPIDS
710	exit $RC
711fi
712
713echo "Testing list search with dgIdentity and dgAuthz as the authorized identity..."
714echo "# Testing list search with dgIdentity and dgAuthz as the authorized identity..." >> $SEARCHOUT
715$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
716	-D "$BABSDN" -w bjensen \
717	'(cn=Dynamic List of Members)' '*' \
718	>> $SEARCHOUT 2>&1
719RC=$?
720if test $RC != 0 ; then
721	echo "ldapsearch failed ($RC)!"
722	test $KILLSERVERS != no && kill -HUP $KILLPIDS
723	exit $RC
724fi
725
726echo "Reconfiguring slapd..."
727$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
728	$TESTOUT 2>&1 << EOMODS
729version: 1
730dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
731changetype: modify
732delete: olcDynListAttrSet
733olcDynListAttrSet: {0}
734-
735add: olcDynListAttrSet
736olcDynListAttrSet: groupOfURLs memberURL member+memberOf
737-
738EOMODS
739
740RC=$?
741if test $RC != 0 ; then
742	echo "ldapmodify failed ($RC)!"
743	test $KILLSERVERS != no && kill -HUP $KILLPIDS
744	exit $RC
745fi
746
747echo "==========================================================" >> $LOG1
748
749echo "Testing memberOf functionality..."
750echo "# Testing memberOf functionality..." >> $SEARCHOUT
751$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
752	-D "$BABSDN" -w bjensen \
753	'(cn=Mark Elliot)' '*' 'memberOf' \
754	>> $SEARCHOUT 2>&1
755RC=$?
756if test $RC != 0 ; then
757	echo "ldapsearch failed ($RC)!"
758	test $KILLSERVERS != no && kill -HUP $KILLPIDS
759	exit $RC
760fi
761
762echo "Testing filtered memberOf functionality..."
763echo "# Testing filtered memberOf functionality..." >> $SEARCHOUT
764$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
765	-D "$BABSDN" -w bjensen \
766	'(&(memberOf=cn=Dynamic List of Members,ou=Dynamic Lists,dc=example,dc=com)(cn=Mark Elliot))' '*' 'memberOf' \
767	>> $SEARCHOUT 2>&1
768RC=$?
769if test $RC != 0 ; then
770	echo "ldapsearch failed ($RC)!"
771	test $KILLSERVERS != no && kill -HUP $KILLPIDS
772	exit $RC
773fi
774
775echo "Reconfiguring slapd..."
776$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
777	$TESTOUT 2>&1 << EOMODS
778version: 1
779dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
780changetype: modify
781delete: olcDynListAttrSet
782olcDynListAttrSet: {0}
783-
784add: olcDynListAttrSet
785olcDynListAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames
786-
787EOMODS
788
789RC=$?
790if test $RC != 0 ; then
791	echo "ldapmodify failed ($RC)!"
792	test $KILLSERVERS != no && kill -HUP $KILLPIDS
793	exit $RC
794fi
795
796echo "==========================================================" >> $LOG1
797
798echo "Testing static group memberOf functionality..."
799echo "# Testing static group memberOf functionality..." >> $SEARCHOUT
800$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
801	-D "$BABSDN" -w bjensen \
802	'(cn=Mark Elliot)' '*' 'memberOf' \
803	>> $SEARCHOUT 2>&1
804RC=$?
805if test $RC != 0 ; then
806	echo "ldapsearch failed ($RC)!"
807	test $KILLSERVERS != no && kill -HUP $KILLPIDS
808	exit $RC
809fi
810
811echo "Reconfiguring slapd..."
812$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
813	$TESTOUT 2>&1 << EOMODS
814version: 1
815dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
816changetype: modify
817delete: olcDynListAttrSet
818olcDynListAttrSet: {0}
819-
820add: olcDynListAttrSet
821olcDynListAttrSet: groupOfURLs memberURL member+memberOf*
822-
823EOMODS
824
825RC=$?
826if test $RC != 0 ; then
827	echo "ldapmodify failed ($RC)!"
828	test $KILLSERVERS != no && kill -HUP $KILLPIDS
829	exit $RC
830fi
831
832echo "==========================================================" >> $LOG1
833
834echo "Adding a couple dynamic groups..."
835$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
836	> $TESTOUT 2>&1 << EOMODS
837dn: cn=The Smiths,$LISTDN
838objectClass: groupOfURLs
839cn: The Smiths
840memberURL: ldap:///ou=People,${BASEDN}??sub?(sn=Smith)
841description: Smith family
842
843dn: cn=Meta Group,$LISTDN
844objectClass: groupOfURLs
845cn: Meta Group
846memberURL: ldap:///${LISTDN}??sub?(description=Smith%20family)
847EOMODS
848
849RC=$?
850if test $RC != 0 ; then
851	echo "ldapadd failed ($RC)!"
852	test $KILLSERVERS != no && kill -HUP $KILLPIDS
853	exit $RC
854fi
855
856echo "Testing nested dynamic group functionality..."
857echo "# Testing nested dynamic group functionality..." >> $SEARCHOUT
858$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
859	-D "$BABSDN" -w bjensen \
860	'(objectclass=*)' '*' 'memberOf' \
861	>> $SEARCHOUT 2>&1
862RC=$?
863if test $RC != 0 ; then
864	echo "ldapsearch failed ($RC)!"
865	test $KILLSERVERS != no && kill -HUP $KILLPIDS
866	exit $RC
867fi
868
869$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
870	-D "$BABSDN" -w bjensen \
871	'(cn=Mark Elliot)' '*' 'memberOf' \
872	>> $SEARCHOUT 2>&1
873RC=$?
874if test $RC != 0 ; then
875	echo "ldapsearch failed ($RC)!"
876	test $KILLSERVERS != no && kill -HUP $KILLPIDS
877	exit $RC
878fi
879
880echo "Reconfiguring slapd..."
881$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
882	$TESTOUT 2>&1 << EOMODS
883version: 1
884dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
885changetype: modify
886delete: olcDynListAttrSet
887olcDynListAttrSet: {0}
888-
889add: olcDynListAttrSet
890olcDynListAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames*
891olcDynListAttrSet: labeledURIObject labeledURI uniqueMember+seeAlso@groupOfUniqueNames
892-
893EOMODS
894
895RC=$?
896if test $RC != 0 ; then
897	echo "ldapmodify failed ($RC)!"
898	test $KILLSERVERS != no && kill -HUP $KILLPIDS
899	exit $RC
900fi
901
902echo "==========================================================" >> $LOG1
903
904echo "Adding a couple static groups..."
905$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
906	> $TESTOUT 2>&1 << EOMODS
907dn: cn=The Jensens,ou=Groups,$BASEDN
908objectClass: groupOfnames
909cn: The Jensens
910member: cn=Bjorn Jensen,ou=Information Technology DivisioN,ou=People,$BASEDN
911member: cn=Barbara Jensen,ou=Information Technology DivisioN,ou=People,$BASEDN
912
913dn: cn=JJs,ou=Groups,$BASEDN
914objectClass: groupOfnames
915cn: JJs
916member: cn=James A Jones 1,ou=Alumni Association,ou=People,$BASEDN
917member: cn=James A Jones 2,ou=Information Technology Division,ou=People,$BASEDN
918member: cn=The Jensens,ou=Groups,$BASEDN
919EOMODS
920
921RC=$?
922if test $RC != 0 ; then
923	echo "ldapadd failed ($RC)!"
924	test $KILLSERVERS != no && kill -HUP $KILLPIDS
925	exit $RC
926fi
927
928echo "Testing nested static group functionality..."
929echo "# Testing nested static group functionality..." >> $SEARCHOUT
930$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
931	-D "$BABSDN" -w bjensen \
932	'(sn=Jensen)' '*' 'memberOf' \
933	>> $SEARCHOUT 2>&1
934RC=$?
935if test $RC != 0 ; then
936	echo "ldapsearch failed ($RC)!"
937	test $KILLSERVERS != no && kill -HUP $KILLPIDS
938	exit $RC
939fi
940
941echo "Adding another nested group..."
942$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
943	> $TESTOUT 2>&1 << EOMODS
944dn: cn=Bonus Group,ou=Groups,$BASEDN
945objectClass: groupOfnames
946cn: Bonus Group
947member: cn=Ursula Hampster,ou=Alumni Association,ou=People,$BASEDN
948member: cn=Meta Group,$LISTDN
949EOMODS
950
951$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
952	-D "$BABSDN" -w bjensen \
953	'(sn=Hampster)' '*' 'memberOf' \
954	>> $SEARCHOUT 2>&1
955RC=$?
956if test $RC != 0 ; then
957	echo "ldapsearch failed ($RC)!"
958	test $KILLSERVERS != no && kill -HUP $KILLPIDS
959	exit $RC
960fi
961
962$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
963	-D "$BABSDN" -w bjensen \
964	'(sn=Doe)' '*' 'memberOf' \
965	>> $SEARCHOUT 2>&1
966RC=$?
967if test $RC != 0 ; then
968	echo "ldapsearch failed ($RC)!"
969	test $KILLSERVERS != no && kill -HUP $KILLPIDS
970	exit $RC
971fi
972
973$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
974	-D "$BABSDN" -w bjensen \
975	'(sn=Smith)' '*' 'memberOf' \
976	>> $SEARCHOUT 2>&1
977RC=$?
978if test $RC != 0 ; then
979	echo "ldapsearch failed ($RC)!"
980	test $KILLSERVERS != no && kill -HUP $KILLPIDS
981	exit $RC
982fi
983
984echo "Testing filtered nested memberOf functionality..."
985echo "# Testing filtered nested memberOf functionality..." >> $SEARCHOUT
986
987$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
988	-D "$BABSDN" -w bjensen \
989	"(memberOf=cn=bonus group,ou=groups,$BASEDN)" '*' 'memberOf' \
990	>> $SEARCHOUT 2>&1
991RC=$?
992if test $RC != 0 ; then
993	echo "ldapsearch failed ($RC)!"
994	test $KILLSERVERS != no && kill -HUP $KILLPIDS
995	exit $RC
996fi
997
998echo "Testing filtered nested member functionality..."
999echo "# Testing filtered nested member functionality..." >> $SEARCHOUT
1000
1001$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
1002	-D "$BABSDN" -w bjensen \
1003	"(member=cn=Jennifer Smith,ou=Alumni Association,ou=People,$BASEDN)" '*' 'memberOf' \
1004	>> $SEARCHOUT 2>&1
1005RC=$?
1006if test $RC != 0 ; then
1007	echo "ldapsearch failed ($RC)!"
1008	test $KILLSERVERS != no && kill -HUP $KILLPIDS
1009	exit $RC
1010fi
1011
1012test $KILLSERVERS != no && kill -HUP $KILLPIDS
1013
1014LDIF=$DYNLISTOUT
1015
1016echo "Filtering ldapsearch results..."
1017$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
1018echo "Filtering original ldif used to create database..."
1019$LDIFFILTER < $LDIF > $LDIFFLT
1020echo "Comparing filter output..."
1021$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
1022
1023if test $? != 0 ; then
1024	echo "Comparison failed"
1025	exit 1
1026fi
1027
1028echo ">>>>> Test succeeded"
1029
1030test $KILLSERVERS != no && wait
1031
1032exit 0
1033