1#! /bin/sh 2# $OpenLDAP$ 3## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4## 5## Copyright 2004-2021 The OpenLDAP Foundation. 6## All rights reserved. 7## 8## Redistribution and use in source and binary forms, with or without 9## modification, are permitted only as authorized by the OpenLDAP 10## Public License. 11## 12## A copy of this license is available in the file LICENSE in the 13## top-level directory of the distribution or, alternatively, at 14## <http://www.OpenLDAP.org/license.html>. 15 16echo "running defines.sh" 17. $SRCDIR/scripts/defines.sh 18 19PERSONAL="(objectClass=inetOrgPerson)" 20NOWHERE="/dev/null" 21FAILURE="additional info:" 22 23if test $TRANSLUCENT = translucentno ; then 24 echo "Translucent Proxy overlay not available, test skipped" 25 exit 0 26fi 27 28if test $AC_ldap = ldapno ; then 29 echo "Translucent Proxy overlay requires back-ldap backend, test skipped" 30 exit 0 31fi 32 33# configure backside 34mkdir -p $TESTDIR $DBDIR1 35 36$SLAPPASSWD -g -n >$CONFIGPWF 37echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf 38 39DBIX=2 40 41. $CONFFILTER $BACKEND < $TRANSLUCENTREMOTECONF > $CONF1 42echo "Running slapadd to build remote slapd database..." 43$SLAPADD -f $CONF1 -l $LDIFTRANSLUCENTCONFIG 44RC=$? 45if test $RC != 0 ; then 46 echo "slapadd failed ($RC)!" 47 exit $RC 48fi 49 50echo "Starting remote slapd on TCP/IP port $PORT1..." 51$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & 52PID=$! 53if test $WAIT != 0 ; then 54 echo PID $PID 55 read foo 56fi 57REMOTEPID="$PID" 58KILLPIDS="$PID" 59 60sleep 1 61 62for i in 0 1 2 3 4 5; do 63 $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 64 'objectclass=*' > /dev/null 2>&1 65 RC=$? 66 if test $RC = 0 ; then 67 break 68 fi 69 echo "Waiting 5 seconds for remote slapd to start..." 70 sleep 5 71done 72 73if test $RC != 0 ; then 74 echo "ldapsearch failed ($RC)!" 75 test $KILLSERVERS != no && kill -HUP $KILLPIDS 76 exit $RC 77fi 78 79# configure frontside 80mkdir -p $DBDIR2 81 82. $CONFFILTER $BACKEND < $TRANSLUCENTLOCALCONF > $CONF2 83 84echo "Starting local slapd on TCP/IP port $PORT2..." 85$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & 86PID=$! 87if test $WAIT != 0 ; then 88 echo PID $PID 89 read foo 90fi 91LOCALPID="$PID" 92KILLPIDS="$LOCALPID $REMOTEPID" 93 94sleep 1 95 96for i in 0 1 2 3 4 5; do 97 $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ 98 'objectclass=*' > /dev/null 2>&1 99 RC=$? 100 if test $RC = 0 ; then 101 break 102 fi 103 echo "Waiting 5 seconds for local slapd to start..." 104 sleep 5 105done 106 107if test $RC != 0 ; then 108 echo "ldapsearch failed ($RC)!" 109 test $KILLSERVERS != no && kill -HUP $KILLPIDS 110 exit $RC 111fi 112 113echo "Testing slapd Translucent Proxy operations..." 114 115echo "Testing search: no remote data defined..." 116 117$LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" >$SEARCHOUT 2>&1 118 119RC=$? 120if test $RC != 0 ; then 121 echo "ldapsearch failed ($RC)!" 122 test $KILLSERVERS != no && kill -HUP $KILLPIDS 123 exit $RC 124fi 125 126if test -s $SEARCHOUT; then 127 echo "ldapsearch should have returned no records!" 128 test $KILLSERVERS != no && kill -HUP $KILLPIDS 129 exit 1 130fi 131 132echo "Populating remote database..." 133 134$LDAPADD -D "$TRANSLUCENTROOT" -H $URI1 \ 135 -w $PASSWD < $LDIFTRANSLUCENTDATA > $NOWHERE 2>&1 136 137RC=$? 138if test $RC != 0 ; then 139 echo "ldapadd failed ($RC)!" 140 test $KILLSERVERS != no && kill -HUP $KILLPIDS 141 exit $RC 142fi 143 144echo "Testing search: remote database via local slapd..." 145 146$LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" > $SEARCHOUT 2>&1 147 148RC=$? 149if test $RC != 0 ; then 150 echo "ldapsearch failed ($RC)!" 151 test $KILLSERVERS != no && kill -HUP $KILLPIDS 152 exit $RC 153fi 154 155$LDIFFILTER < $SEARCHOUT > $SEARCHFLT 156$LDIFFILTER < $LDIFTRANSLUCENTDATA > $LDIFFLT 157$CMP $SEARCHFLT $LDIFFLT > $CMPOUT 158 159if test $? != 0 ; then 160 echo "Comparison failed -- corruption from remote to local!" 161 test $KILLSERVERS != no && kill -HUP $KILLPIDS 162 exit 1 163fi 164 165echo "Testing add: prohibited local record..." 166 167$LDAPADD -D "$TRANSLUCENTDN" -H $URI2 \ 168 -w $TRANSLUCENTPASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1 169 170RC=$? 171if test $RC != 50 ; then 172 echo "ldapadd failed ($RC), expected INSUFFICIENT ACCESS!" 173 grep "$FAILURE" $TESTOUT 174 test $KILLSERVERS != no && kill -HUP $KILLPIDS 175 exit 1 176fi 177 178echo "Testing add: valid local record, no_glue..." 179 180$LDAPADD -v -v -v -D "$TRANSLUCENTROOT" -H $URI2 \ 181 -w $PASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1 182 183RC=$? 184if test $RC != 32 && test $RC,$BACKEND != 0,null ; then 185 echo "ldapadd failed ($RC), expected NO SUCH OBJECT!" 186 grep "$FAILURE" $TESTOUT 187 test $KILLSERVERS != no && kill -HUP $KILLPIDS 188 exit 1 189fi 190 191echo "Testing modrdn: valid local record, no_glue..." 192 193$LDAPMODRDN -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 194 $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy' 195 196RC=$? 197if test $RC != 32 && test $RC,$BACKEND != 0,null ; then 198 echo "ldapmodrdn failed ($RC), expected NO SUCH OBJECT!" 199 grep "$FAILURE" $TESTOUT 200 test $KILLSERVERS != no && kill -HUP $KILLPIDS 201 exit 1 202fi 203 204echo "Dynamically configuring local slapd without translucent_no_glue..." 205 206$LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF 207dn: olcOverlay={0}translucent,olcDatabase={$DBIX}$BACKEND,cn=config 208changetype: modify 209replace: olcTranslucentNoGlue 210olcTranslucentNoGlue: FALSE 211EOF 212RC=$? 213if test $RC != 0 ; then 214 echo "ldapmodify of dynamic config failed ($RC)" 215 test $KILLSERVERS != no && kill -HUP $KILLPIDS 216 exit 1 217fi 218 219echo "Testing add: valid local record..." 220 221$LDAPADD -D "$TRANSLUCENTROOT" -H $URI2 \ 222 -w $PASSWD < $LDIFTRANSLUCENTADD > $TESTOUT 2>&1 223 224RC=$? 225if test $RC != 0 ; then 226 echo "ldapadd failed ($RC)!" 227 grep "$FAILURE" $TESTOUT 228 test $KILLSERVERS != no && kill -HUP $KILLPIDS 229 exit $RC 230fi 231 232echo "Testing search: data merging..." 233 234$LDAPSEARCH -H $URI2 -b "$TRANSLUCENTUSER" "$PERSONAL" > $SEARCHOUT 2>&1 235 236RC=$? 237if test $RC != 0 ; then 238 echo "ldapsearch failed ($RC)!" 239 test $KILLSERVERS != no && kill -HUP $KILLPIDS 240 exit $RC 241fi 242 243$LDIFFILTER < $SEARCHOUT > $SEARCHFLT 244$LDIFFILTER < $LDIFTRANSLUCENTMERGED > $LDIFFLT 245$CMP $SEARCHFLT $LDIFFLT > $CMPOUT 246 247if test $? != 0 ; then 248 echo "Comparison failed -- local data failed to merge with remote!" 249 test $KILLSERVERS != no && kill -HUP $KILLPIDS 250 exit 1 251fi 252 253echo "Testing compare: valid local..." 254 255$LDAPCOMPARE -z -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \ 256 "uid=danger,ou=users,o=translucent" "carLicense:LIVID" 257 258RC=$? 259if test $RC != 6 ; then 260 echo "ldapcompare failed ($RC), expected TRUE!" 261 test $KILLSERVERS != no && kill -HUP $KILLPIDS 262 exit 1 263fi 264 265echo "Testing compare: valid remote..." 266 267$LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \ 268 "uid=binder,o=translucent" "businessCategory:binder-test-user" 269 270RC=$? 271if test $RC != 6 ; then 272 echo "ldapcompare failed ($RC), expected TRUE!" 273 test $KILLSERVERS != no && kill -HUP $KILLPIDS 274 exit 1 275fi 276 277echo "Testing compare: bogus local..." 278 279$LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \ 280 "uid=danger,ou=users,o=translucent" "businessCategory:invalid-test-value" 281 282RC=$? 283if test $RC != 5 ; then 284 echo "ldapcompare failed ($RC), expected FALSE!" 285 test $KILLSERVERS != no && kill -HUP $KILLPIDS 286 exit 1 287fi 288 289echo "Testing compare: bogus remote..." 290 291$LDAPCOMPARE -z -x -H $URI2 -w $TRANSLUCENTPASSWD -D $TRANSLUCENTDN \ 292 "uid=binder,o=translucent" "businessCategory:invalid-test-value" 293 294RC=$? 295if test $RC != 5 ; then 296 echo "ldapcompare failed ($RC), expected FALSE!" 297 test $KILLSERVERS != no && kill -HUP $KILLPIDS 298 exit 1 299fi 300 301echo "Testing modify: nonexistent record..." 302 303$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 304 $TESTOUT 2>&1 << EOF_MOD 305version: 1 306dn: uid=bogus,ou=users,o=translucent 307changetype: modify 308replace: roomNumber 309roomNumber: 31J-2112 310EOF_MOD 311 312RC=$? 313if test $RC != 32 ; then 314 echo "ldapmodify failed ($RC), expected NO SUCH OBJECT!" 315 grep "$FAILURE" $TESTOUT 316 test $KILLSERVERS != no && kill -HUP $KILLPIDS 317 exit 1 318fi 319 320echo "Testing modify: valid local record, nonexistent attribute..." 321 322$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 323 $TESTOUT 2>&1 << EOF_MOD1 324version: 1 325dn: uid=danger,ou=users,o=translucent 326changetype: modify 327replace: roomNumber 328roomNumber: 9N-21 329EOF_MOD1 330 331RC=$? 332if test $RC != 0 ; then 333 echo "ldapmodify failed ($RC)!" 334 grep "$FAILURE" $TESTOUT 335 test $KILLSERVERS != no && kill -HUP $KILLPIDS 336 exit $RC 337fi 338 339$LDAPSEARCH -H $URI2 -b "uid=danger,ou=users,o=translucent" > $SEARCHOUT 2>&1 340 341RC=$? 342if test $RC != 0 ; then 343 echo "ldapsearch failed ($RC)!" 344 test $KILLSERVERS != no && kill -HUP $KILLPIDS 345 exit $RC 346fi 347 348ATTR=`grep roomNumber $SEARCHOUT` > $NOWHERE 2>&1 349if test "$ATTR" != "roomNumber: 9N-21" ; then 350 echo "modification failed!" 351 test $KILLSERVERS != no && kill -HUP $KILLPIDS 352 exit 1 353fi 354 355echo "Testing search: specific nonexistent remote attribute..." 356 357$LDAPSEARCH -H $URI2 -b "uid=danger,ou=users,o=translucent" roomNumber > $SEARCHOUT 2>&1 358 359RC=$? 360if test $RC != 0 ; then 361 echo "ldapsearch failed ($RC)!" 362 test $KILLSERVERS != no && kill -HUP $KILLPIDS 363 exit $RC 364fi 365 366echo "Testing modify: nonexistent local record, nonexistent attribute..." 367 368$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 369 $TESTOUT 2>&1 << EOF_MOD2 370version: 1 371dn: uid=fred,ou=users,o=translucent 372changetype: modify 373replace: roomNumber 374roomNumber: 31J-2112 375EOF_MOD2 376 377RC=$? 378if test $RC != 0 ; then 379 echo "ldapmodify failed ($RC)!" 380 grep "$FAILURE" $TESTOUT 381 test $KILLSERVERS != no && kill -HUP $KILLPIDS 382 exit $RC 383fi 384 385$LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1 386 387RC=$? 388if test $RC != 0 ; then 389 echo "ldapsearch failed ($RC)!" 390 test $KILLSERVERS != no && kill -HUP $KILLPIDS 391 exit $RC 392fi 393 394ATTR=`grep roomNumber $SEARCHOUT` > $NOWHERE 2>&1 395if test "$ATTR" != "roomNumber: 31J-2112" ; then 396 echo "modification failed!" 397 test $KILLSERVERS != no && kill -HUP $KILLPIDS 398 exit 1 399fi 400 401echo "Testing modify: valid remote record, nonexistent attribute..." 402 403$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 404 $TESTOUT 2>&1 << EOF_MOD9 405version: 1 406dn: uid=fred,ou=users,o=translucent 407changetype: modify 408delete: preferredLanguage 409EOF_MOD9 410 411RC=$? 412if test $RC != 16 ; then 413 echo "ldapmodify failed ($RC), expected NO SUCH ATTRIBUTE!" 414 grep "$FAILURE" $TESTOUT 415 test $KILLSERVERS != no && kill -HUP $KILLPIDS 416 exit 1 417fi 418 419echo "Testing delete: valid local record, nonexistent attribute..." 420 421$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 422 $TESTOUT 2>&1 << EOF_MOD4 423version: 1 424dn: uid=fred,ou=users,o=translucent 425changetype: modify 426delete: roomNumber 427EOF_MOD4 428 429RC=$? 430if test $RC != 0 ; then 431 echo "ldapmodify failed ($RC)!" 432 grep "$FAILURE" $TESTOUT 433 test $KILLSERVERS != no && kill -HUP $KILLPIDS 434 exit $RC 435fi 436 437echo "Testing modrdn: prohibited local record..." 438 439$LDAPMODRDN -D "$TRANSLUCENTDN" -H $URI2 -w $TRANSLUCENTPASSWD > \ 440 $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy' 441 442RC=$? 443if test $RC != 50 ; then 444 echo "ldapmodrdn failed ($RC), expected INSUFFICIENT ACCESS!" 445 grep "$FAILURE" $TESTOUT 446 test $KILLSERVERS != no && kill -HUP $KILLPIDS 447 exit 1 448fi 449 450echo "Testing modrdn: valid local record..." 451 452$LDAPMODRDN -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 453 $TESTOUT 2>&1 'uid=fred,ou=users,o=translucent' 'uid=someguy' 454 455RC=$? 456if test $RC != 0 ; then 457 echo "ldapmodrdn failed ($RC)!" 458 grep "$FAILURE" $TESTOUT 459 test $KILLSERVERS != no && kill -HUP $KILLPIDS 460 exit $RC 461fi 462 463echo "Testing delete: prohibited local record..." 464 465$LDAPMODIFY -v -D "$TRANSLUCENTDN" -H $URI2 -w $TRANSLUCENTPASSWD > \ 466 $TESTOUT 2>&1 << EOF_DEL2 467version: 1 468dn: uid=someguy,ou=users,o=translucent 469changetype: delete 470EOF_DEL2 471 472RC=$? 473if test $RC != 50 ; then 474 echo "ldapadd failed ($RC), expected INSUFFICIENT ACCESS!" 475 grep "$FAILURE" $TESTOUT 476 test $KILLSERVERS != no && kill -HUP $KILLPIDS 477 exit 1 478fi 479 480echo "Testing delete: valid local record..." 481 482$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 483 $TESTOUT 2>&1 << EOF_DEL3 484version: 1 485dn: uid=someguy,ou=users,o=translucent 486changetype: delete 487EOF_DEL3 488 489RC=$? 490if test $RC != 0 ; then 491 echo "ldapmodify failed ($RC)!" 492 grep "$FAILURE" $TESTOUT 493 test $KILLSERVERS != no && kill -HUP $KILLPIDS 494 exit $RC 495fi 496 497echo "Testing delete: valid remote record..." 498 499$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 500 $TESTOUT 2>&1 << EOF_DEL8 501version: 1 502dn: uid=fred,ou=users,o=translucent 503changetype: delete 504EOF_DEL8 505 506RC=$? 507if test $RC != 32 ; then 508 echo "ldapmodify failed ($RC), expected NO SUCH OBJECT!" 509 grep "$FAILURE" $TESTOUT 510 test $KILLSERVERS != no && kill -HUP $KILLPIDS 511 exit 1 512fi 513 514echo "Testing delete: nonexistent local record, nonexistent attribute..." 515 516$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 517 $TESTOUT 2>&1 << EOF_DEL1 518version: 1 519dn: uid=fred,ou=users,o=translucent 520changetype: modify 521delete: roomNumber 522EOF_DEL1 523 524RC=$? 525if test $RC != 0 ; then 526 echo "ldapmodify failed ($RC)!" 527 grep "$FAILURE" $TESTOUT 528 test $KILLSERVERS != no && kill -HUP $KILLPIDS 529 exit $RC 530fi 531 532$LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1 533 534RC=$? 535if test $RC != 0 ; then 536 echo "ldapsearch failed ($RC)!" 537 test $KILLSERVERS != no && kill -HUP $KILLPIDS 538 exit $RC 539fi 540 541echo "Testing delete: valid local record, nonexistent attribute..." 542 543$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 544 $TESTOUT 2>&1 << EOF_MOD8 545version: 1 546dn: uid=danger,ou=users,o=translucent 547changetype: modify 548delete: preferredLanguage 549EOF_MOD8 550 551RC=$? 552if test $RC != 16 ; then 553 echo "ldapmodify failed ($RC), expected NO SUCH ATTRIBUTE!" 554 grep "$FAILURE" $TESTOUT 555 test $KILLSERVERS != no && kill -HUP $KILLPIDS 556 exit 1 557fi 558 559echo "Testing delete: valid local record, remote attribute..." 560 561$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 562 $TESTOUT 2>&1 << EOF_MOD8 563version: 1 564dn: uid=danger,ou=users,o=translucent 565changetype: modify 566delete: initials 567EOF_MOD8 568 569RC=$? 570if test $RC != 0 ; then 571 echo "ldapmodify failed ($RC)" 572 grep "$FAILURE" $TESTOUT 573 test $KILLSERVERS != no && kill -HUP $KILLPIDS 574 exit 1 575fi 576 577echo "Testing modify: valid remote record, combination add-modify-delete..." 578 579$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 580 $TESTOUT 2>&1 << EOF_MOD6 581version: 1 582dn: uid=fred,ou=users,o=translucent 583changetype: modify 584delete: carLicense 585- 586add: preferredLanguage 587preferredLanguage: ISO8859-1 588- 589replace: employeeType 590employeeType: consultant 591EOF_MOD6 592 593RC=$? 594if test $RC != 0 ; then 595 echo "ldapmodify failed ($RC)!" 596 grep "$FAILURE" $TESTOUT 597 test $KILLSERVERS != no && kill -HUP $KILLPIDS 598 exit $RC 599fi 600 601$LDAPSEARCH -H $URI2 -b "uid=fred,ou=users,o=translucent" > $SEARCHOUT 2>&1 602 603RC=$? 604if test $RC != 0 ; then 605 echo "ldapsearch failed ($RC)!" 606 test $KILLSERVERS != no && kill -HUP $KILLPIDS 607 exit $RC 608fi 609 610ATTR=`grep employeeType $SEARCHOUT` > $NOWHERE 2>&1 611if test "$ATTR" != "employeeType: consultant" ; then 612 echo "modification failed!" 613 test $KILLSERVERS != no && kill -HUP $KILLPIDS 614 exit 1 615fi 616 617ATTR=`grep preferredLanguage $SEARCHOUT` > $NOWHERE 2>&1 618if test "$ATTR" != "preferredLanguage: ISO8859-1" ; then 619 echo "modification failed!" 620 test $KILLSERVERS != no && kill -HUP $KILLPIDS 621 exit 1 622fi 623 624echo "Dynamically configuring local slapd with translucent_no_glue and translucent_strict..." 625 626$LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF 627dn: olcOverlay={0}translucent,olcDatabase={$DBIX}$BACKEND,cn=config 628changetype: modify 629replace: olcTranslucentNoGlue 630olcTranslucentNoGlue: TRUE 631- 632replace: olcTranslucentStrict 633olcTranslucentStrict: TRUE 634EOF 635RC=$? 636if test $RC != 0 ; then 637 echo "ldapmodify of dynamic config failed ($RC)" 638 test $KILLSERVERS != no && kill -HUP $KILLPIDS 639 exit 1 640fi 641 642echo "Testing strict mode delete: nonexistent local attribute..." 643 644$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 645 $TESTOUT 2>&1 << EOF_MOD5 646version: 1 647dn: uid=example,ou=users,o=translucent 648changetype: modify 649delete: preferredLanguage 650EOF_MOD5 651 652RC=$? 653if test $RC != 19 ; then 654 echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!" 655 grep "$FAILURE" $TESTOUT 656 test $KILLSERVERS != no && kill -HUP $KILLPIDS 657 exit 1 658fi 659 660echo "Testing strict mode delete: nonexistent remote attribute..." 661 662$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 663 $TESTOUT 2>&1 << EOF_MOD3 664version: 1 665dn: uid=danger,ou=users,o=translucent 666changetype: modify 667delete: displayName 668EOF_MOD3 669 670RC=$? 671if test $RC != 19 ; then 672 echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!" 673 grep "$FAILURE" $TESTOUT 674 test $KILLSERVERS != no && kill -HUP $KILLPIDS 675 exit 1 676fi 677 678echo "Testing strict mode modify: combination add-modify-delete..." 679 680$LDAPMODIFY -v -D "$TRANSLUCENTROOT" -H $URI2 -w $PASSWD > \ 681 $TESTOUT 2>&1 << EOF_MOD6 682version: 1 683dn: uid=example,ou=users,o=translucent 684changetype: modify 685delete: carLicense 686- 687add: preferredLanguage 688preferredLanguage: ISO8859-1 689- 690replace: employeeType 691employeeType: consultant 692EOF_MOD6 693 694RC=$? 695if test $RC != 19 ; then 696 echo "ldapmodify failed ($RC), expected CONSTRAINT VIOLATION!" 697 grep "$FAILURE" $TESTOUT 698 test $KILLSERVERS != no && kill -HUP $KILLPIDS 699 exit 1 700fi 701 702echo "Testing invalid Bind request..." 703$LDAPWHOAMI -D "$TRANSLUCENTDN" -H $URI2 -w Wrong"$TRANSLUCENTPASSWD" > \ 704 $TESTOUT 2>&1 705RC=$? 706if test $RC != 49 ; then 707 echo "ldapwhoami failed ($RC), expected INVALID CREDENTIALS!" 708 grep "$FAILURE" $TESTOUT 709 test $KILLSERVERS != no && kill -HUP $KILLPIDS 710 exit 1 711fi 712 713$LDAPWHOAMI -D "$TRANSLUCENTDN" -H $URI2 -w "$TRANSLUCENTPASSWD" > \ 714 $TESTOUT 2>&1 715RC=$? 716if test $RC != 0 ; then 717 echo "ldapwhoami failed ($RC), expected SUCCESS!" 718 grep "$FAILURE" $TESTOUT 719 test $KILLSERVERS != no && kill -HUP $KILLPIDS 720 exit 1 721fi 722 723echo "Testing search: unconfigured local filter..." 724$LDAPSEARCH -H $URI2 -b "o=translucent" "(employeeType=consultant)" > $SEARCHOUT 2>&1 725 726ATTR=`grep dn: $SEARCHOUT` > $NOWHERE 2>&1 727if test -n "$ATTR" ; then 728 echo "got result $ATTR, should have been no result" 729 test $KILLSERVERS != no && kill -HUP $KILLPIDS 730 exit 1 731fi 732 733echo "Dynamically configuring local slapd with translucent_local..." 734 735$LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF 736dn: olcOverlay={0}translucent,olcDatabase={$DBIX}$BACKEND,cn=config 737changetype: modify 738add: olcTranslucentLocal 739olcTranslucentLocal: employeeType 740EOF 741RC=$? 742if test $RC != 0 ; then 743 echo "ldapmodify of dynamic config failed ($RC)" 744 test $KILLSERVERS != no && kill -HUP $KILLPIDS 745 exit 1 746fi 747 748echo "Testing search: configured local filter..." 749$LDAPSEARCH -H $URI2 -b "o=translucent" "(employeeType=consultant)" > $SEARCHOUT 2>&1 750 751ATTR=`grep dn: $SEARCHOUT` > $NOWHERE 2>&1 752if test -z "$ATTR" ; then 753 echo "got no result, should have found entry" 754 test $KILLSERVERS != no && kill -HUP $KILLPIDS 755 exit 1 756fi 757 758echo "Testing search: unconfigured remote filter..." 759$LDAPSEARCH -H $URI2 -b "o=translucent" "(|(employeeType=foo)(carlicense=right))" > $SEARCHOUT 2>&1 760 761ATTR=`grep dn: $SEARCHOUT` > $NOWHERE 2>&1 762if test -n "$ATTR" ; then 763 echo "got result $ATTR, should have been no result" 764 test $KILLSERVERS != no && kill -HUP $KILLPIDS 765 exit 1 766fi 767 768echo "Dynamically configuring local slapd with translucent_remote..." 769 770$LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF 771dn: olcOverlay={0}translucent,olcDatabase={$DBIX}$BACKEND,cn=config 772changetype: modify 773add: olcTranslucentRemote 774olcTranslucentRemote: carLicense 775EOF 776RC=$? 777if test $RC != 0 ; then 778 echo "ldapmodify of dynamic config failed ($RC)" 779 test $KILLSERVERS != no && kill -HUP $KILLPIDS 780 exit 1 781fi 782 783echo "Testing search: configured remote filter..." 784$LDAPSEARCH -H $URI2 -b "o=translucent" "(|(employeeType=foo)(carlicense=right))" > $SEARCHOUT 2>&1 785 786ATTR=`grep dn: $SEARCHOUT` > $NOWHERE 2>&1 787if test -z "$ATTR" ; then 788 echo "got no result, should have found entry" 789 test $KILLSERVERS != no && kill -HUP $KILLPIDS 790 exit 1 791fi 792 793test $KILLSERVERS != no && kill -HUP $KILLPIDS 794 795echo ">>>>> Test succeeded" 796 797test $KILLSERVERS != no && wait 798 799exit 0 800