Cross Reference: /netbsd-current/external/bsd/openldap/dist/tests/scripts/test044-dynlist

#! /bin/sh
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2008 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.

echo "running defines.sh"
. $SRCDIR/scripts/defines.sh

if test $DYNLIST = "dynlistno" ; then
	echo "dynlist overlay not available, test skipped"
	exit 0
fi

mkdir -p $TESTDIR $DBDIR1

$SLAPPASSWD -g -n >$CONFIGPWF
echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf

echo "Running slapadd to build slapd database..."
. $CONFFILTER $BACKEND $MONITORDB < $MCONF > $ADDCONF
$SLAPADD -f $ADDCONF -l $LDIFORDERED
RC=$?
if test $RC != 0 ; then
	echo "slapadd failed ($RC)!"
	exit $RC
fi

. $CONFFILTER $BACKEND $MONITORDB < $DYNLISTCONF > $CONF1

echo "Starting slapd on TCP/IP port $PORT1..."
$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
    echo PID $PID
    read foo
fi
KILLPIDS="$PID"

sleep 1

echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
	$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
		'(objectclass=*)' > /dev/null 2>&1
	RC=$?
	if test $RC = 0 ; then
		break
	fi
	echo "Waiting 5 seconds for slapd to start..."
	sleep 5
done

if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

cat /dev/null > $SEARCHOUT

LISTDN="ou=Dynamic Lists,$BASEDN"
echo "Adding a dynamic list..."
$LDAPADD -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \
	> $TESTOUT 2>&1 << EOMODS
dn: $LISTDN
objectClass: organizationalUnit
ou: Dynamic Lists

dn: cn=Dynamic List,$LISTDN
objectClass: groupOfURLs
cn: Dynamic List
memberURL: ldap:///ou=People,${BASEDN}?cn,mail?sub?(objectClass=person)
EOMODS

echo "Testing list search of all attrs..."
echo "# Testing list search of all attrs..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \
	'(cn=Dynamic List)' '*' \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Testing list search of a listed attr..."
echo "# Testing list search of a listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \
	'(cn=Dynamic List)' mail \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Testing list search of a non-listed attr..."
echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \
	'(cn=Dynamic List)' objectClass \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Testing list search with (critical) manageDSAit..."
echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 -MM \
	'(cn=Dynamic List)' '*' \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Testing list compare..."
echo "# Testing list compare..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
	"cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \
	>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
	echo "ldapcompare returned FALSE ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
6)
	echo "ldapcompare returned TRUE ($RC)"
	;;
0)
	echo "ldapcompare returned success ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit -1
	;;
*)
	echo "ldapcompare failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
esac
echo "" >> $SEARCHOUT

echo "Testing list compare (should return FALSE)..."
echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
	"cn=Dynamic List,$LISTDN" "cn:FALSE" \
	>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
	echo "ldapcompare returned FALSE ($RC)"
	;;
6)
	echo "ldapcompare returned TRUE ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
0)
	echo "ldapcompare returned success ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit -1
	;;
*)
	echo "ldapcompare failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
esac
echo "" >> $SEARCHOUT

echo "Testing list compare (should return UNDEFINED)..."
echo "# Testing list compare (should return UNDEFINED)..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
	"cn=Dynamic List,$LISTDN" "dc:UNDEFINED" \
	>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
	echo "ldapcompare returned FALSE ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
6)
	echo "ldapcompare returned TRUE ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
16|32)
	echo "ldapcompare returned UNDEFINED ($RC)"
	;;
0)
	echo "ldapcompare returned success ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit -1
	;;
*)
	echo "ldapcompare failed ($RC)"
	;;
esac
echo "" >> $SEARCHOUT

echo "Testing list compare with manageDSAit..."
echo "# Testing list compare with manageDSAit..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 -MM \
	"cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \
	>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
	echo "ldapcompare returned FALSE ($RC)"
	;;
6)
	echo "ldapcompare returned TRUE ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
0)
	echo "ldapcompare returned success ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit -1
	;;
*)
	echo "ldapcompare failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
esac
echo "" >> $SEARCHOUT

echo "Reconfiguring slapd..."
$LDAPMODIFY -x -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF > \
	$TESTOUT 2>&1 << EOMODS
version: 1
dn: olcOverlay={0}dynlist,olcDatabase={2}$BACKEND,cn=config
changetype: modify
delete: olcDLattrSet
olcDLattrSet: {0}
-
add: olcDLattrSet
olcDLattrSet: groupOfURLs memberURL member
EOMODS

echo "==========================================================" >> $LOG1

echo "Adding a dynamic list..."
$LDAPADD -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \
	> $TESTOUT 2>&1 << EOMODS
dn: cn=Dynamic List of Members,$LISTDN
objectClass: groupOfURLs
cn: Dynamic List of Members
memberURL: ldap:///ou=People,${BASEDN}??sub?(objectClass=person)
EOMODS

echo "Testing list search of all attrs..."
echo "# Testing list search of all attrs..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \
	'(cn=Dynamic List of Members)' '*' \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Testing list search of a listed attr..."
echo "# Testing list search of a listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \
	'(cn=Dynamic List of Members)' member \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Testing list search of a non-listed attr..."
echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \
	'(cn=Dynamic List of Members)' objectClass \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Testing list search with (critical) manageDSAit..."
echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 -MM \
	'(&(cn=Dynamic List of Members)(objectClass=groupOfURLs))' '*' \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

CMPDN="$BJORNSDN"
echo "Testing list compare..."
echo "# Testing list compare..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
	"cn=Dynamic List of Members,$LISTDN" "member:$CMPDN" \
	>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
	echo "ldapcompare returned FALSE ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
6)
	echo "ldapcompare returned TRUE ($RC)"
	;;
0)
	echo "ldapcompare returned success ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit -1
	;;
*)
	echo "ldapcompare failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
esac
echo "" >> $SEARCHOUT

echo "Testing list compare (should return FALSE)..."
echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
	"cn=Dynamic List of Members,$LISTDN" "member:cn=Foo Bar" \
	>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
	echo "ldapcompare returned FALSE ($RC)"
	;;
6)
	echo "ldapcompare returned TRUE ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
0)
	echo "ldapcompare returned success ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit -1
	;;
*)
	echo "ldapcompare failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
esac
echo "" >> $SEARCHOUT

echo "Testing list compare with manageDSAit..."
echo "# Testing list compare with manageDSAit..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 -MM \
	"cn=Dynamic List,$LISTDN" "member:$CMPDN" \
	>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
	echo "ldapcompare returned FALSE ($RC)"
	;;
6)
	echo "ldapcompare returned TRUE ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
0)
	echo "ldapcompare returned success ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit -1
	;;
*)
	echo "ldapcompare failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
	;;
esac
echo "" >> $SEARCHOUT

echo "==========================================================" >> $LOG1

echo "Testing dgIdentity..."

# Set ACL, require authentication to get list contents
$LDAPMODIFY -x -D cn=config -h $LOCALHOST -p $PORT1 -y $CONFIGPWF > \
	$TESTOUT 2>&1 << EOMODS
version: 1
dn: olcDatabase={2}$BACKEND,cn=config
changetype: modify
add: olcAccess
olcAccess: to dn.base="cn=Dynamic List of Members,$LISTDN" by * read
olcAccess: to * by users read by * search
EOMODS

echo "Testing list search without dgIdentity..."
echo "# Testing list search without dgIdentity..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \
	'(cn=Dynamic List of Members)' '*' \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \
	> $TESTOUT 2>&1 << EOMODS
dn: cn=Dynamic List of Members,$LISTDN
changetype: modify
add: objectClass
objectClass: dgIdentityAux
-
add: dgIdentity
dgIdentity: $CMPDN
EOMODS

echo "Testing list search with dgIdentity..."
echo "# Testing list search with dgIdentity..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \
	'(cn=Dynamic List of Members)' '*' \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Testing dgAuthz..."

CMPDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN"
$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD \
	> $TESTOUT 2>&1 << EOMODS
dn: cn=Dynamic List of Members,$LISTDN
changetype: modify
add: dgAuthz
dgAuthz: dn:$BABSDN
EOMODS

echo "Testing list search with dgIdentity and dgAuthz anonymously..."
echo "# Testing list search with dgIdentity and dgAuthz anonymously..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \
	'(cn=Dynamic List of Members)' '*' \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

echo "Testing list search with dgIdentity and dgAuthz as the authorized identity..."
echo "# Testing list search with dgIdentity and dgAuthz as the authorized identity..." >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$LISTDN" -h $LOCALHOST -p $PORT1 \
	-D "$BABSDN" -w bjensen \
	'(cn=Dynamic List of Members)' '*' \
	>> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
	echo "ldapsearch failed ($RC)!"
	test $KILLSERVERS != no && kill -HUP $KILLPIDS
	exit $RC
fi

test $KILLSERVERS != no && kill -HUP $KILLPIDS

LDIF=$DYNLISTOUT

echo "Filtering ldapsearch results..."
. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
. $LDIFFILTER < $LDIF > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT

if test $? != 0 ; then
	echo "Comparison failed"
	exit 1
fi

echo ">>>>> Test succeeded"

test $KILLSERVERS != no && wait

exit 0