1#! /bin/sh
2# $OpenLDAP$
3## This work is part of OpenLDAP Software <http://www.openldap.org/>.
4##
5## Copyright 1998-2021 The OpenLDAP Foundation.
6## All rights reserved.
7##
8## Redistribution and use in source and binary forms, with or without
9## modification, are permitted only as authorized by the OpenLDAP
10## Public License.
11##
12## A copy of this license is available in the file LICENSE in the
13## top-level directory of the distribution or, alternatively, at
14## <http://www.OpenLDAP.org/license.html>.
15
16echo "running defines.sh"
17. $SRCDIR/scripts/defines.sh
18
19OPATTRS="entryUUID creatorsName createTimestamp modifiersName modifyTimestamp"
20
21if test $SYNCPROV = syncprovno; then
22          echo "Syncrepl provider overlay not available, test skipped"
23          exit 0
24fi
25
26mkdir -p $TESTDIR $DBDIR1 $DBDIR4
27
28#
29# Test replication:
30# - start provider
31# - start consumer
32# - populate over ldap
33# - perform some modifies and deleted
34# - attempt to modify the consumer (referral or chain)
35# - retrieve database over ldap and compare against expected results
36#
37
38echo "Starting provider slapd on TCP/IP port $PORT1..."
39. $CONFFILTER $BACKEND < $SRPROVIDERCONF > $CONF1
40$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 &
41PID=$!
42if test $WAIT != 0 ; then
43    echo PID $PID
44    read foo
45fi
46KILLPIDS="$PID"
47
48sleep 1
49
50echo "Using ldapsearch to check that provider slapd is running..."
51for i in 0 1 2 3 4 5; do
52          $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
53                    'objectclass=*' > /dev/null 2>&1
54          RC=$?
55          if test $RC = 0 ; then
56                    break
57          fi
58          echo "Waiting 5 seconds for slapd to start..."
59          sleep 5
60done
61
62if test $RC != 0 ; then
63          echo "ldapsearch failed ($RC)!"
64          test $KILLSERVERS != no && kill -HUP $KILLPIDS
65          exit $RC
66fi
67
68echo "Using ldapadd to create the context prefix entry in the provider..."
69$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \
70          $LDIFORDEREDCP > /dev/null 2>&1
71RC=$?
72if test $RC != 0 ; then
73          echo "ldapadd failed ($RC)!"
74          test $KILLSERVERS != no && kill -HUP $KILLPIDS
75          exit $RC
76fi
77
78echo "Starting consumer slapd on TCP/IP port $PORT4..."
79. $CONFFILTER $BACKEND < $P1SRCONSUMERCONF > $CONF4
80$SLAPD -f $CONF4 -h $URI4 -d $LVL > $LOG4 2>&1 &
81CONSUMERPID=$!
82if test $WAIT != 0 ; then
83    echo CONSUMERPID $CONSUMERPID
84    read foo
85fi
86KILLPIDS="$KILLPIDS $CONSUMERPID"
87
88sleep 1
89
90echo "Using ldapsearch to check that consumer slapd is running..."
91for i in 0 1 2 3 4 5; do
92          $LDAPSEARCH -s base -b "$MONITOR" -H $URI4 \
93                    'objectclass=*' > /dev/null 2>&1
94          RC=$?
95          if test $RC = 0 ; then
96                    break
97          fi
98          echo "Waiting 5 seconds for slapd to start..."
99          sleep 5
100done
101
102if test $RC != 0 ; then
103          echo "ldapsearch failed ($RC)!"
104          test $KILLSERVERS != no && kill -HUP $KILLPIDS
105          exit $RC
106fi
107
108echo "Using ldapadd to populate the provider directory..."
109$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \
110          $LDIFORDEREDNOCP > /dev/null 2>&1
111RC=$?
112if test $RC != 0 ; then
113          echo "ldapadd failed ($RC)!"
114          test $KILLSERVERS != no && kill -HUP $KILLPIDS
115          exit $RC
116fi
117
118echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
119sleep $SLEEP1
120
121echo "Using ldapsearch to read all the entries from the provider..."
122$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
123          '(objectclass=*)' '*' $OPATTRS > $PROVIDEROUT 2>&1
124RC=$?
125
126if test $RC != 0 ; then
127          echo "ldapsearch failed at provider ($RC)!"
128          test $KILLSERVERS != no && kill -HUP $KILLPIDS
129          exit $RC
130fi
131
132echo "Using ldapsearch to read all the entries from the consumer..."
133$LDAPSEARCH -S "" -b "$BASEDN" -H $URI4 \
134          '(objectclass=*)' '*' $OPATTRS > $CONSUMEROUT 2>&1
135RC=$?
136
137if test $RC != 0 ; then
138          echo "ldapsearch failed at consumer ($RC)!"
139          test $KILLSERVERS != no && kill -HUP $KILLPIDS
140          exit $RC
141fi
142
143echo "Filtering provider results..."
144$LDIFFILTER < $PROVIDEROUT > $PROVIDERFLT
145echo "Filtering consumer results..."
146$LDIFFILTER < $CONSUMEROUT > $CONSUMERFLT
147
148echo "Comparing retrieved entries from provider and consumer..."
149$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
150
151if test $? != 0 ; then
152          echo "test failed - provider and consumer databases differ"
153          test $KILLSERVERS != no && kill -HUP $KILLPIDS
154          exit 1
155fi
156
157echo "Stopping the provider, sleeping 10 seconds and restarting it..."
158kill -HUP "$PID"
159wait $PID
160sleep 10
161echo "RESTART" >> $LOG1
162$SLAPD -f $CONF1 -h $URI1 -d $LVL >> $LOG1 2>&1 &
163PID=$!
164if test $WAIT != 0 ; then
165    echo PID $PID
166    read foo
167fi
168KILLPIDS="$PID $CONSUMERPID"
169
170sleep 1
171
172echo "Using ldapsearch to check that provider slapd is running..."
173for i in 0 1 2 3 4 5; do
174          $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
175                    'objectclass=*' > /dev/null 2>&1
176          RC=$?
177          if test $RC = 0 ; then
178                    break
179          fi
180          echo "Waiting 5 seconds for slapd to start..."
181          sleep 5
182done
183
184echo "Waiting $SLEEP1 seconds for consumer to reconnect..."
185sleep $SLEEP1
186
187if test $RC != 0 ; then
188          echo "ldapsearch failed ($RC)!"
189          test $KILLSERVERS != no && kill -HUP $KILLPIDS
190          exit $RC
191fi
192
193echo "Using ldapmodify to modify provider directory..."
194
195#
196# Do some modifications
197#
198
199$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD > \
200          $TESTOUT 2>&1 << EOMODS
201dn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com
202changetype: modify
203add: drink
204drink: Orange Juice
205-
206delete: sn
207sn: Jones
208-
209add: sn
210sn: Jones
211
212dn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
213changetype: modify
214replace: drink
215drink: Iced Tea
216
217dn: cn=ITD Staff,ou=Groups,dc=example,dc=com
218changetype: modify
219delete: uniquemember
220uniquemember: cn=James A Jones 2, ou=Information Technology Division, ou=People, dc=example,dc=com
221uniquemember: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
222-
223add: uniquemember
224uniquemember: cn=Dorothy Stevens, ou=Alumni Association, ou=People, dc=example,dc=com
225uniquemember: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example,dc=com
226
227dn: cn=All Staff,ou=Groups,dc=example,dc=com
228changetype: modify
229delete: description
230
231dn: cn=Gern Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
232changetype: add
233objectclass: OpenLDAPperson
234cn: Gern Jensen
235sn: Jensen
236uid: gjensen
237title: Chief Investigator, ITD
238postaladdress: ITD $ 535 W. William St $ Ann Arbor, MI 48103
239seealso: cn=All Staff, ou=Groups, dc=example,dc=com
240drink: Coffee
241homepostaladdress: 844 Brown St. Apt. 4 $ Ann Arbor, MI 48104
242description: Very odd
243facsimiletelephonenumber: +1 313 555 7557
244facsimiletelephonenumber: +1 313 555 9998
245facsimiletelephonenumber: +1 313 555 9999
246telephonenumber: +1 313 555 8343
247mail: gjensen@mailgw.example.com
248homephone: +1 313 555 8844
249
250# modify attribute with no matching rule (ITS#6458)
251dn: cn=Gern Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
252changetype: modify
253replace: facsimiletelephonenumber
254facsimiletelephonenumber: +1 313 555 9998
255facsimiletelephonenumber: +1 313 555 9999
256
257dn: cn=Gern Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
258changetype: modify
259replace: facsimiletelephonenumber
260facsimiletelephonenumber: +1 313 555 9998
261facsimiletelephonenumber: +1 313 555 9999
262facsimiletelephonenumber: +1 313 555 7557
263
264dn: cn=Gern Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
265changetype: modify
266replace: facsimiletelephonenumber
267facsimiletelephonenumber: +1 313 555 9998
268facsimiletelephonenumber: +1 313 555 9999
269
270dn: ou=Retired, ou=People, dc=example,dc=com
271changetype: add
272objectclass: organizationalUnit
273ou: Retired
274
275dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, dc=example,dc=com
276changetype: add
277objectclass: OpenLDAPperson
278cn: Rosco P. Coltrane
279sn: Coltrane
280uid: rosco
281description: Fat tycoon
282
283dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, dc=example,dc=com
284changetype: modrdn
285newrdn: cn=Rosco P. Coltrane
286deleteoldrdn: 1
287newsuperior: ou=Retired, ou=People, dc=example,dc=com
288
289dn: cn=James A Jones 2, ou=Information Technology Division, ou=People, dc=example,dc=com
290changetype: delete
291
292dn: dc=testdomain1,dc=example,dc=com
293changetype: modrdn
294newrdn: dc=itsdomain1
295deleteoldrdn: 1
296
297dn: dc=itsdomain1,dc=example,dc=com
298changetype: modify
299replace: description
300description: Example, Inc. ITS test domain
301
302dn: dc=testdomain2,dc=example,dc=com
303changetype: modrdn
304newrdn: dc=itsdomain2
305deleteoldrdn: 1
306
307EOMODS
308
309RC=$?
310if test $RC != 0 ; then
311          echo "ldapmodify failed ($RC)!"
312          test $KILLSERVERS != no && kill -HUP $KILLPIDS
313          exit $RC
314fi
315
316echo "Using ldappasswd to change some passwords..."
317$LDAPPASSWD -D "$MANAGERDN" -H $URI1 -w $PASSWD \
318          'cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com' \
319          > $TESTOUT 2>&1
320RC=$?
321if test $RC != 0 ; then
322          echo "ldapmodify failed ($RC)!"
323          test $KILLSERVERS != no && kill -HUP $KILLPIDS
324          exit $RC
325fi
326
327echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
328sleep $SLEEP1
329
330echo "Using ldapsearch to read all the entries from the provider..."
331$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
332          '(objectclass=*)' '*' $OPATTRS > $PROVIDEROUT 2>&1
333RC=$?
334
335if test $RC != 0 ; then
336          echo "ldapsearch failed at provider ($RC)!"
337          test $KILLSERVERS != no && kill -HUP $KILLPIDS
338          exit $RC
339fi
340
341echo "Using ldapsearch to read all the entries from the consumer..."
342$LDAPSEARCH -S "" -b "$BASEDN" -H $URI4 \
343          '(objectclass=*)' '*' $OPATTRS > $CONSUMEROUT 2>&1
344RC=$?
345
346if test $RC != 0 ; then
347          echo "ldapsearch failed at consumer ($RC)!"
348          test $KILLSERVERS != no && kill -HUP $KILLPIDS
349          exit $RC
350fi
351
352echo "Filtering provider results..."
353$LDIFFILTER < $PROVIDEROUT > $PROVIDERFLT
354echo "Filtering consumer results..."
355$LDIFFILTER < $CONSUMEROUT > $CONSUMERFLT
356
357echo "Comparing retrieved entries from provider and consumer..."
358$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
359
360if test $? != 0 ; then
361          echo "test failed - provider and consumer databases differ"
362          test $KILLSERVERS != no && kill -HUP $KILLPIDS
363          exit 1
364fi
365
366echo "Stopping consumer to test recovery..."
367kill -HUP $CONSUMERPID
368wait $CONSUMERPID
369
370echo "Modifying more entries on the provider..."
371$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD >> \
372          $TESTOUT 2>&1 << EOMODS
373dn: cn=Rosco P. Coltrane, ou=Retired, ou=People, dc=example,dc=com
374changetype: delete
375
376dn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, dc=example,dc=com
377changetype: modify
378add: drink
379drink: Mad Dog 20/20
380
381dn: cn=Rosco P. Coltrane, ou=Retired, ou=People, dc=example,dc=com
382changetype: add
383objectclass: OpenLDAPperson
384sn: Coltrane
385uid: rosco
386cn: Rosco P. Coltrane
387
388dn: dc=itsdomain2,dc=example,dc=com
389changetype: modify
390replace: description
391description: Example, Inc. itsdomain2 test domain
392
393# rename with a newly added newSuperior while the consumer is down (ITS#6472)
394dn: ou=New Branch,dc=example,dc=com
395changetype: add
396objectClass: organizationalUnit
397ou: New Branch
398
399dn: cn=Dorothy Stevens, ou=Alumni Association, ou=People, dc=example,dc=com
400changetype: modrdn
401newrdn: cn=Dorothy Stevens
402deleteoldrdn: 0
403newsuperior: ou=New Branch,dc=example,dc=com
404
405EOMODS
406
407RC=$?
408if test $RC != 0 ; then
409          echo "ldapmodify failed ($RC)!"
410          test $KILLSERVERS != no && kill -HUP $KILLPIDS
411          exit $RC
412fi
413
414echo "Restarting consumer..."
415echo "RESTART" >> $LOG4
416$SLAPD -f $CONF4 -h $URI4 -d $LVL >> $LOG4 2>&1 &
417CONSUMERPID=$!
418if test $WAIT != 0 ; then
419    echo CONSUMERPID $CONSUMERPID
420    read foo
421fi
422KILLPIDS="$PID $CONSUMERPID"
423
424echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
425sleep $SLEEP1
426
427echo "Using ldapsearch to read all the entries from the provider..."
428$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
429          '(objectclass=*)' '*' $OPATTRS > $PROVIDEROUT 2>&1
430RC=$?
431
432if test $RC != 0 ; then
433          echo "ldapsearch failed at provider ($RC)!"
434          test $KILLSERVERS != no && kill -HUP $KILLPIDS
435          exit $RC
436fi
437
438echo "Using ldapsearch to read all the entries from the consumer..."
439$LDAPSEARCH -S "" -b "$BASEDN" -H $URI4 \
440          '(objectclass=*)' '*' $OPATTRS > $CONSUMEROUT 2>&1
441RC=$?
442
443if test $RC != 0 ; then
444          echo "ldapsearch failed at consumer ($RC)!"
445          test $KILLSERVERS != no && kill -HUP $KILLPIDS
446          exit $RC
447fi
448
449echo "Filtering provider results..."
450$LDIFFILTER < $PROVIDEROUT > $PROVIDERFLT
451echo "Filtering consumer results..."
452$LDIFFILTER < $CONSUMEROUT > $CONSUMERFLT
453
454echo "Comparing retrieved entries from provider and consumer..."
455$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
456
457if test $? != 0 ; then
458          echo "test failed - provider and consumer databases differ"
459          test $KILLSERVERS != no && kill -HUP $KILLPIDS
460          exit 1
461fi
462
463if test ! $BACKLDAP = "ldapno" ; then
464          echo "Try updating the consumer slapd..."
465          $LDAPMODIFY -v -D "$MANAGERDN" -H $URI4 -w $PASSWD > \
466                    $TESTOUT 2>&1 << EOMODS
467dn: cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example, dc=com
468changetype: modify
469add: description
470description: This write must fail because directed to a shadow context,
471description: unless the chain overlay is configured appropriately ;)
472
473EOMODS
474
475          RC=$?
476          if test $RC != 0 ; then
477                    echo "ldapmodify failed ($RC)!"
478                    test $KILLSERVERS != no && kill -HUP $KILLPIDS
479                    exit $RC
480          fi
481
482          # ITS#4964
483          echo "Trying to change some passwords on the consumer..."
484          $LDAPPASSWD -D "$MANAGERDN" -H $URI4 -w $PASSWD \
485                    'cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com' \
486                    > $TESTOUT 2>&1
487          RC=$?
488          if test $RC != 0 ; then
489                    echo "ldapmodify failed ($RC)!"
490                    test $KILLSERVERS != no && kill -HUP $KILLPIDS
491                    exit $RC
492          fi
493
494          echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
495          sleep $SLEEP1
496fi
497
498# Testing a cancel exop (should go in its own testcase)
499$LDAPSEARCH -D "$MANAGERDN" -H $URI1 -w $PASSWD \
500          -e '!cancel' \
501          '(objectclass=*)' '*' $OPATTRS > $TESTOUT 2>&1
502RC=$?
503# cancelled operation returns -1, so no point of checking return code, either
504# it's cancelled or we get stuck forever
505
506echo "Using ldapsearch to read all the entries from the provider..."
507$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
508          '(objectclass=*)' '*' $OPATTRS > $PROVIDEROUT 2>&1
509RC=$?
510
511if test $RC != 0 ; then
512          echo "ldapsearch failed at provider ($RC)!"
513          test $KILLSERVERS != no && kill -HUP $KILLPIDS
514          exit $RC
515fi
516
517echo "Using ldapsearch to read all the entries from the consumer..."
518$LDAPSEARCH -S "" -b "$BASEDN" -H $URI4 \
519          '(objectclass=*)' '*' $OPATTRS > $CONSUMEROUT 2>&1
520RC=$?
521
522if test $RC != 0 ; then
523          echo "ldapsearch failed at consumer ($RC)!"
524          test $KILLSERVERS != no && kill -HUP $KILLPIDS
525          exit $RC
526fi
527
528echo "Filtering provider results..."
529$LDIFFILTER < $PROVIDEROUT > $PROVIDERFLT
530echo "Filtering consumer results..."
531$LDIFFILTER < $CONSUMEROUT > $CONSUMERFLT
532
533echo "Comparing retrieved entries from provider and consumer..."
534$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
535
536if test $? != 0 ; then
537          echo "test failed - provider and consumer databases differ"
538          test $KILLSERVERS != no && kill -HUP $KILLPIDS
539          exit 1
540fi
541
542test $KILLSERVERS != no && kill -HUP $KILLPIDS
543
544echo ">>>>> Test succeeded"
545
546test $KILLSERVERS != no && wait
547
548exit 0
549