1#! /bin/sh
2## This work is part of OpenLDAP Software <http://www.openldap.org/>.
3##
4## Copyright 1998-2021 The OpenLDAP Foundation.
5## All rights reserved.
6##
7## Redistribution and use in source and binary forms, with or without
8## modification, are permitted only as authorized by the OpenLDAP
9## Public License.
10##
11## A copy of this license is available in the file LICENSE in the
12## top-level directory of the distribution or, alternatively, at
13## <http://www.OpenLDAP.org/license.html>.
14
15echo "running defines.sh"
16. $SRCDIR/scripts/defines.sh
17
18if test $DYNLIST = "dynlistno" ; then
19          echo "dynlist overlay not available, test skipped"
20          exit 0
21fi
22
23if test $BACKEND = ldif ; then
24          # dynlist+ldif fails because back-ldif lacks bi_op_compare()
25          echo "$BACKEND backend unsuitable for dynlist overlay, test skipped"
26          exit 0
27fi
28
29mkdir -p $TESTDIR $DBDIR1
30
31$SLAPPASSWD -g -n >$CONFIGPWF
32echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf
33
34DBIX=2
35
36echo "Running slapadd to build slapd database..."
37. $CONFFILTER $BACKEND < $DYNLISTCONF > $CONF1
38$SLAPADD -f $CONF1 -l $LDIFORDERED
39RC=$?
40if test $RC != 0 ; then
41          echo "slapadd failed ($RC)!"
42          exit $RC
43fi
44
45
46echo "Starting slapd on TCP/IP port $PORT1..."
47$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 &
48PID=$!
49if test $WAIT != 0 ; then
50    echo PID $PID
51    read foo
52fi
53KILLPIDS="$PID"
54
55sleep 1
56
57echo "Testing slapd searching..."
58for i in 0 1 2 3 4 5; do
59          $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
60                    '(objectclass=*)' > /dev/null 2>&1
61          RC=$?
62          if test $RC = 0 ; then
63                    break
64          fi
65          echo "Waiting 5 seconds for slapd to start..."
66          sleep 5
67done
68
69if test $RC != 0 ; then
70          echo "ldapsearch failed ($RC)!"
71          test $KILLSERVERS != no && kill -HUP $KILLPIDS
72          exit $RC
73fi
74
75cat /dev/null > $SEARCHOUT
76
77LISTDN="ou=Dynamic Lists,$BASEDN"
78echo "Adding a dynamic list..."
79$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
80          > $TESTOUT 2>&1 << EOMODS
81dn: $LISTDN
82objectClass: organizationalUnit
83ou: Dynamic Lists
84
85dn: cn=Dynamic List,$LISTDN
86objectClass: groupOfURLs
87cn: Dynamic List
88memberURL: ldap:///ou=People,${BASEDN}?cn,mail?sub?(objectClass=person)
89EOMODS
90
91echo "Testing list search of all attrs..."
92echo "# Testing list search of all attrs..." >> $SEARCHOUT
93$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
94          '(cn=Dynamic List)' '*' \
95          >> $SEARCHOUT 2>&1
96RC=$?
97if test $RC != 0 ; then
98          echo "ldapsearch failed ($RC)!"
99          test $KILLSERVERS != no && kill -HUP $KILLPIDS
100          exit $RC
101fi
102
103echo "Testing list search of a listed attr..."
104echo "# Testing list search of a listed attr..." >> $SEARCHOUT
105$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
106          '(cn=Dynamic List)' mail \
107          >> $SEARCHOUT 2>&1
108RC=$?
109if test $RC != 0 ; then
110          echo "ldapsearch failed ($RC)!"
111          test $KILLSERVERS != no && kill -HUP $KILLPIDS
112          exit $RC
113fi
114
115echo "Testing list search of a non-listed attr..."
116echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT
117$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
118          '(cn=Dynamic List)' objectClass \
119          >> $SEARCHOUT 2>&1
120RC=$?
121if test $RC != 0 ; then
122          echo "ldapsearch failed ($RC)!"
123          test $KILLSERVERS != no && kill -HUP $KILLPIDS
124          exit $RC
125fi
126
127echo "Testing list search with (critical) manageDSAit..."
128echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT
129$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 -MM \
130          '(cn=Dynamic List)' '*' \
131          >> $SEARCHOUT 2>&1
132RC=$?
133if test $RC != 0 ; then
134          echo "ldapsearch failed ($RC)!"
135          test $KILLSERVERS != no && kill -HUP $KILLPIDS
136          exit $RC
137fi
138
139echo "Testing filtered search with all attrs..."
140echo "# Testing filtered search with all attrs..." >> $SEARCHOUT
141$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
142          '(mail=jdoe@woof.net)' '*' \
143          >> $SEARCHOUT 2>&1
144RC=$?
145if test $RC != 0 ; then
146          echo "ldapsearch failed ($RC)!"
147          test $KILLSERVERS != no && kill -HUP $KILLPIDS
148          exit $RC
149fi
150
151echo "Testing filtered search of a listed attr..."
152echo "# Testing filtered search of a listed attr..." >> $SEARCHOUT
153$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
154          '(mail=jdoe@woof.net)' mail \
155          >> $SEARCHOUT 2>&1
156RC=$?
157if test $RC != 0 ; then
158          echo "ldapsearch failed ($RC)!"
159          test $KILLSERVERS != no && kill -HUP $KILLPIDS
160          exit $RC
161fi
162
163echo "Testing filtered search of a non-listed attr..."
164echo "# Testing filtered search of a non-listed attr..." >> $SEARCHOUT
165$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
166          '(mail=jdoe@woof.net)' objectClass \
167          >> $SEARCHOUT 2>&1
168RC=$?
169if test $RC != 0 ; then
170          echo "ldapsearch failed ($RC)!"
171          test $KILLSERVERS != no && kill -HUP $KILLPIDS
172          exit $RC
173fi
174
175echo "Testing filtered search of a non-present attr..."
176echo "# Testing filtered search of a non-present attr..." >> $SEARCHOUT
177$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
178          '(mail=nobody@nowhere)' objectClass \
179          >> $SEARCHOUT 2>&1
180RC=$?
181if test $RC != 0 ; then
182          echo "ldapsearch failed ($RC)!"
183          test $KILLSERVERS != no && kill -HUP $KILLPIDS
184          exit $RC
185fi
186
187echo "Testing list compare..."
188echo "# Testing list compare..." >> $SEARCHOUT
189$LDAPCOMPARE -H $URI1 \
190          "cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \
191          >> $SEARCHOUT 2>&1
192RC=$?
193case $RC in
1945)
195          echo "ldapcompare returned FALSE ($RC)!"
196          test $KILLSERVERS != no && kill -HUP $KILLPIDS
197          exit $RC
198          ;;
1996)
200          echo "ldapcompare returned TRUE ($RC)"
201          ;;
2020)
203          echo "ldapcompare returned success ($RC)!"
204          test $KILLSERVERS != no && kill -HUP $KILLPIDS
205          exit -1
206          ;;
207*)
208          echo "ldapcompare failed ($RC)!"
209          test $KILLSERVERS != no && kill -HUP $KILLPIDS
210          exit $RC
211          ;;
212esac
213echo "" >> $SEARCHOUT
214
215echo "Testing list compare (should return FALSE)..."
216echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
217$LDAPCOMPARE -H $URI1 \
218          "cn=Dynamic List,$LISTDN" "cn:FALSE" \
219          >> $SEARCHOUT 2>&1
220RC=$?
221case $RC in
2225)
223          echo "ldapcompare returned FALSE ($RC)"
224          ;;
2256)
226          echo "ldapcompare returned TRUE ($RC)!"
227          test $KILLSERVERS != no && kill -HUP $KILLPIDS
228          exit $RC
229          ;;
2300)
231          echo "ldapcompare returned success ($RC)!"
232          test $KILLSERVERS != no && kill -HUP $KILLPIDS
233          exit -1
234          ;;
235*)
236          echo "ldapcompare failed ($RC)!"
237          test $KILLSERVERS != no && kill -HUP $KILLPIDS
238          exit $RC
239          ;;
240esac
241echo "" >> $SEARCHOUT
242
243echo "Testing list compare (should return UNDEFINED)..."
244echo "# Testing list compare (should return UNDEFINED)..." >> $SEARCHOUT
245$LDAPCOMPARE -H $URI1 \
246          "cn=Dynamic List,$LISTDN" "dc:UNDEFINED" \
247          >> $SEARCHOUT 2>&1
248RC=$?
249case $RC in
2505)
251          echo "ldapcompare returned FALSE ($RC)!"
252          test $KILLSERVERS != no && kill -HUP $KILLPIDS
253          exit $RC
254          ;;
2556)
256          echo "ldapcompare returned TRUE ($RC)!"
257          test $KILLSERVERS != no && kill -HUP $KILLPIDS
258          exit $RC
259          ;;
26016|32)
261          echo "ldapcompare returned UNDEFINED ($RC)"
262          ;;
2630)
264          echo "ldapcompare returned success ($RC)!"
265          test $KILLSERVERS != no && kill -HUP $KILLPIDS
266          exit -1
267          ;;
268*)
269          echo "ldapcompare failed ($RC)"
270          ;;
271esac
272echo "" >> $SEARCHOUT
273
274echo "Testing list compare with manageDSAit..."
275echo "# Testing list compare with manageDSAit..." >> $SEARCHOUT
276$LDAPCOMPARE -H $URI1 -MM \
277          "cn=Dynamic List,$LISTDN" "cn:Bjorn Jensen" \
278          >> $SEARCHOUT 2>&1
279RC=$?
280case $RC in
2815)
282          echo "ldapcompare returned FALSE ($RC)"
283          ;;
2846)
285          echo "ldapcompare returned TRUE ($RC)!"
286          test $KILLSERVERS != no && kill -HUP $KILLPIDS
287          exit $RC
288          ;;
2890)
290          echo "ldapcompare returned success ($RC)!"
291          test $KILLSERVERS != no && kill -HUP $KILLPIDS
292          exit -1
293          ;;
294*)
295          echo "ldapcompare failed ($RC)!"
296          test $KILLSERVERS != no && kill -HUP $KILLPIDS
297          exit $RC
298          ;;
299esac
300echo "" >> $SEARCHOUT
301
302echo "Reconfiguring slapd..."
303$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
304          $TESTOUT 2>&1 << EOMODS
305version: 1
306dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
307changetype: modify
308delete: olcDynListAttrSet
309olcDynListAttrSet: {0}
310-
311add: olcDynListAttrSet
312olcDynListAttrSet: groupOfURLs memberURL sn:cn mail
313-
314EOMODS
315
316RC=$?
317if test $RC != 0 ; then
318          echo "ldapmodify failed ($RC)!"
319          test $KILLSERVERS != no && kill -HUP $KILLPIDS
320          exit $RC
321fi
322
323echo "==========================================================" >> $LOG1
324
325echo "Testing attribute mapping"
326
327echo "Testing list search of all (mapped) attrs..."
328echo "# Testing list search of all (mapped) attrs..." >> $SEARCHOUT
329$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
330          '(cn=Dynamic List)' '*' \
331          >> $SEARCHOUT 2>&1
332RC=$?
333if test $RC != 0 ; then
334          echo "ldapsearch failed ($RC)!"
335          test $KILLSERVERS != no && kill -HUP $KILLPIDS
336          exit $RC
337fi
338
339echo "Testing list search of a (mapped) listed attr..."
340echo "# Testing list search of a (mapped) listed attr..." >> $SEARCHOUT
341$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
342          '(cn=Dynamic List)' sn \
343          >> $SEARCHOUT 2>&1
344RC=$?
345if test $RC != 0 ; then
346          echo "ldapsearch failed ($RC)!"
347          test $KILLSERVERS != no && kill -HUP $KILLPIDS
348          exit $RC
349fi
350
351echo "Testing list search of a (n unmapped) listed attr..."
352echo "# Testing list search of a (n unmapped) listed attr..." >> $SEARCHOUT
353$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
354          '(cn=Dynamic List)' mail \
355          >> $SEARCHOUT 2>&1
356RC=$?
357if test $RC != 0 ; then
358          echo "ldapsearch failed ($RC)!"
359          test $KILLSERVERS != no && kill -HUP $KILLPIDS
360          exit $RC
361fi
362
363echo "Testing list compare (mapped attrs) ..."
364echo "# Testing list compare (mapped attrs) ..." >> $SEARCHOUT
365$LDAPCOMPARE -H $URI1 \
366          "cn=Dynamic List,$LISTDN" "sn:Bjorn Jensen" \
367          >> $SEARCHOUT 2>&1
368RC=$?
369case $RC in
3705)
371          echo "ldapcompare returned FALSE ($RC)!"
372          test $KILLSERVERS != no && kill -HUP $KILLPIDS
373          exit $RC
374          ;;
3756)
376          echo "ldapcompare returned TRUE ($RC)"
377          ;;
3780)
379          echo "ldapcompare returned success ($RC)!"
380          test $KILLSERVERS != no && kill -HUP $KILLPIDS
381          exit -1
382          ;;
383*)
384          echo "ldapcompare failed ($RC)!"
385          test $KILLSERVERS != no && kill -HUP $KILLPIDS
386          exit $RC
387          ;;
388esac
389echo "" >> $SEARCHOUT
390
391echo "Testing list compare (mapped attrs; should return FALSE)..."
392echo "# Testing list compare (mapped attrs; should return FALSE)..." >> $SEARCHOUT
393$LDAPCOMPARE -H $URI1 \
394          "cn=Dynamic List,$LISTDN" "sn:FALSE" \
395          >> $SEARCHOUT 2>&1
396RC=$?
397case $RC in
3985)
399          echo "ldapcompare returned FALSE ($RC)"
400          ;;
4016)
402          echo "ldapcompare returned TRUE ($RC)!"
403          test $KILLSERVERS != no && kill -HUP $KILLPIDS
404          exit $RC
405          ;;
4060)
407          echo "ldapcompare returned success ($RC)!"
408          test $KILLSERVERS != no && kill -HUP $KILLPIDS
409          exit -1
410          ;;
411*)
412          echo "ldapcompare failed ($RC)!"
413          test $KILLSERVERS != no && kill -HUP $KILLPIDS
414          exit $RC
415          ;;
416esac
417echo "" >> $SEARCHOUT
418
419echo "Reconfiguring slapd..."
420$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
421          $TESTOUT 2>&1 << EOMODS
422version: 1
423dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
424changetype: modify
425delete: olcDynListAttrSet
426olcDynListAttrSet: {0}
427-
428add: olcDynListAttrSet
429olcDynListAttrSet: groupOfURLs memberURL member
430-
431EOMODS
432
433RC=$?
434if test $RC != 0 ; then
435          echo "ldapmodify failed ($RC)!"
436          test $KILLSERVERS != no && kill -HUP $KILLPIDS
437          exit $RC
438fi
439
440echo "==========================================================" >> $LOG1
441
442echo "Adding a dynamic list..."
443$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
444          > $TESTOUT 2>&1 << EOMODS
445dn: cn=Dynamic List of Members,$LISTDN
446objectClass: groupOfURLs
447cn: Dynamic List of Members
448memberURL: ldap:///ou=People,${BASEDN}??sub?(objectClass=person)
449EOMODS
450
451echo "Testing list search of all attrs..."
452echo "# Testing list search of all attrs..." >> $SEARCHOUT
453$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
454          '(cn=Dynamic List of Members)' '*' \
455          >> $SEARCHOUT 2>&1
456RC=$?
457if test $RC != 0 ; then
458          echo "ldapsearch failed ($RC)!"
459          test $KILLSERVERS != no && kill -HUP $KILLPIDS
460          exit $RC
461fi
462
463echo "Testing list search of a listed attr..."
464echo "# Testing list search of a listed attr..." >> $SEARCHOUT
465$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
466          '(cn=Dynamic List of Members)' member \
467          >> $SEARCHOUT 2>&1
468RC=$?
469if test $RC != 0 ; then
470          echo "ldapsearch failed ($RC)!"
471          test $KILLSERVERS != no && kill -HUP $KILLPIDS
472          exit $RC
473fi
474
475echo "Testing list search of a non-listed attr..."
476echo "# Testing list search of a non-listed attr..." >> $SEARCHOUT
477$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
478          '(cn=Dynamic List of Members)' objectClass \
479          >> $SEARCHOUT 2>&1
480RC=$?
481if test $RC != 0 ; then
482          echo "ldapsearch failed ($RC)!"
483          test $KILLSERVERS != no && kill -HUP $KILLPIDS
484          exit $RC
485fi
486
487echo "Testing list search with (critical) manageDSAit..."
488echo "# Testing list search with (critical) manageDSAit..." >> $SEARCHOUT
489$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 -MM \
490          '(&(cn=Dynamic List of Members)(objectClass=groupOfURLs))' '*' \
491          >> $SEARCHOUT 2>&1
492RC=$?
493if test $RC != 0 ; then
494          echo "ldapsearch failed ($RC)!"
495          test $KILLSERVERS != no && kill -HUP $KILLPIDS
496          exit $RC
497fi
498
499CMPDN="$BJORNSDN"
500echo "Testing list compare..."
501echo "# Testing list compare..." >> $SEARCHOUT
502$LDAPCOMPARE -H $URI1 \
503          "cn=Dynamic List of Members,$LISTDN" "member:$CMPDN" \
504          >> $SEARCHOUT 2>&1
505RC=$?
506case $RC in
5075)
508          echo "ldapcompare returned FALSE ($RC)!"
509          test $KILLSERVERS != no && kill -HUP $KILLPIDS
510          exit $RC
511          ;;
5126)
513          echo "ldapcompare returned TRUE ($RC)"
514          ;;
5150)
516          echo "ldapcompare returned success ($RC)!"
517          test $KILLSERVERS != no && kill -HUP $KILLPIDS
518          exit -1
519          ;;
520*)
521          echo "ldapcompare failed ($RC)!"
522          test $KILLSERVERS != no && kill -HUP $KILLPIDS
523          exit $RC
524          ;;
525esac
526echo "" >> $SEARCHOUT
527
528CMPDN="$BADBJORNSDN"
529echo "Testing list compare (should return FALSE)..."
530echo "# Testing list compare... (should return FALSE)" >> $SEARCHOUT
531$LDAPCOMPARE -H $URI1 \
532          "cn=Dynamic List of Members,$LISTDN" "member:$CMPDN" \
533          >> $SEARCHOUT 2>&1
534RC=$?
535case $RC in
5365)
537          echo "ldapcompare returned FALSE ($RC)"
538          ;;
5396)
540          echo "ldapcompare returned TRUE ($RC)!"
541          test $KILLSERVERS != no && kill -HUP $KILLPIDS
542          exit $RC
543          ;;
5440)
545          echo "ldapcompare returned success ($RC)!"
546          test $KILLSERVERS != no && kill -HUP $KILLPIDS
547          exit -1
548          ;;
549*)
550          echo "ldapcompare failed ($RC)!"
551          test $KILLSERVERS != no && kill -HUP $KILLPIDS
552          exit $RC
553          ;;
554esac
555echo "" >> $SEARCHOUT
556
557CMPDN="$BJORNSDN"
558echo "Testing list compare (should return FALSE)..."
559echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
560$LDAPCOMPARE -H $URI1 \
561          "cn=Dynamic List of Members,$LISTDN" "member:cn=Foo Bar" \
562          >> $SEARCHOUT 2>&1
563RC=$?
564case $RC in
5655)
566          echo "ldapcompare returned FALSE ($RC)"
567          ;;
5686)
569          echo "ldapcompare returned TRUE ($RC)!"
570          test $KILLSERVERS != no && kill -HUP $KILLPIDS
571          exit $RC
572          ;;
5730)
574          echo "ldapcompare returned success ($RC)!"
575          test $KILLSERVERS != no && kill -HUP $KILLPIDS
576          exit -1
577          ;;
578*)
579          echo "ldapcompare failed ($RC)!"
580          test $KILLSERVERS != no && kill -HUP $KILLPIDS
581          exit $RC
582          ;;
583esac
584echo "" >> $SEARCHOUT
585
586echo "Testing list compare with manageDSAit (should return UNDEFINED)..."
587echo "# Testing list compare with manageDSAit (should return UNDEFINED)..." >> $SEARCHOUT
588$LDAPCOMPARE -H $URI1 -MM \
589          "cn=Dynamic List,$LISTDN" "member:$CMPDN" \
590          >> $SEARCHOUT 2>&1
591RC=$?
592case $RC in
5935)
594          echo "ldapcompare returned FALSE ($RC)"
595          test $KILLSERVERS != no && kill -HUP $KILLPIDS
596          exit $RC
597          ;;
5986)
599          echo "ldapcompare returned TRUE ($RC)!"
600          test $KILLSERVERS != no && kill -HUP $KILLPIDS
601          exit $RC
602          ;;
60316|32)
604          echo "ldapcompare returned UNDEFINED ($RC)"
605          ;;
6060)
607          echo "ldapcompare returned success ($RC)!"
608          test $KILLSERVERS != no && kill -HUP $KILLPIDS
609          exit -1
610          ;;
611*)
612          echo "ldapcompare failed ($RC)!"
613          test $KILLSERVERS != no && kill -HUP $KILLPIDS
614          exit $RC
615          ;;
616esac
617echo "" >> $SEARCHOUT
618
619echo "==========================================================" >> $LOG1
620
621echo "Testing dgIdentity..."
622
623# Set ACL, require authentication to get list contents
624$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
625          $TESTOUT 2>&1 << EOMODS
626version: 1
627dn: olcDatabase={$DBIX}$BACKEND,cn=config
628changetype: modify
629add: olcAccess
630olcAccess: to dn.base="cn=Dynamic List of Members,$LISTDN" by * read
631olcAccess: to * by users read by * search
632EOMODS
633
634RC=$?
635if test $RC != 0 ; then
636          echo "ldapmodify failed ($RC)!"
637          test $KILLSERVERS != no && kill -HUP $KILLPIDS
638          exit $RC
639fi
640
641echo "Testing list search without dgIdentity..."
642echo "# Testing list search without dgIdentity..." >> $SEARCHOUT
643$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
644          '(cn=Dynamic List of Members)' '*' \
645          >> $SEARCHOUT 2>&1
646RC=$?
647if test $RC != 0 ; then
648          echo "ldapsearch failed ($RC)!"
649          test $KILLSERVERS != no && kill -HUP $KILLPIDS
650          exit $RC
651fi
652
653$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
654          > $TESTOUT 2>&1 << EOMODS
655dn: cn=Dynamic List of Members,$LISTDN
656changetype: modify
657add: objectClass
658objectClass: dgIdentityAux
659-
660add: dgIdentity
661dgIdentity: $CMPDN
662EOMODS
663
664RC=$?
665if test $RC != 0 ; then
666          echo "ldapmodify failed ($RC)!"
667          test $KILLSERVERS != no && kill -HUP $KILLPIDS
668          exit $RC
669fi
670
671echo "Testing list search with dgIdentity..."
672echo "# Testing list search with dgIdentity..." >> $SEARCHOUT
673$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
674          '(cn=Dynamic List of Members)' '*' \
675          >> $SEARCHOUT 2>&1
676RC=$?
677if test $RC != 0 ; then
678          echo "ldapsearch failed ($RC)!"
679          test $KILLSERVERS != no && kill -HUP $KILLPIDS
680          exit $RC
681fi
682
683echo "Testing dgAuthz..."
684
685CMPDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN"
686$LDAPMODIFY -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
687          > $TESTOUT 2>&1 << EOMODS
688dn: cn=Dynamic List of Members,$LISTDN
689changetype: modify
690add: dgAuthz
691dgAuthz: dn:$BABSDN
692EOMODS
693
694RC=$?
695if test $RC != 0 ; then
696          echo "ldapmodify failed ($RC)!"
697          test $KILLSERVERS != no && kill -HUP $KILLPIDS
698          exit $RC
699fi
700
701echo "Testing list search with dgIdentity and dgAuthz anonymously..."
702echo "# Testing list search with dgIdentity and dgAuthz anonymously..." >> $SEARCHOUT
703$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
704          '(cn=Dynamic List of Members)' '*' \
705          >> $SEARCHOUT 2>&1
706RC=$?
707if test $RC != 0 ; then
708          echo "ldapsearch failed ($RC)!"
709          test $KILLSERVERS != no && kill -HUP $KILLPIDS
710          exit $RC
711fi
712
713echo "Testing list search with dgIdentity and dgAuthz as the authorized identity..."
714echo "# Testing list search with dgIdentity and dgAuthz as the authorized identity..." >> $SEARCHOUT
715$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
716          -D "$BABSDN" -w bjensen \
717          '(cn=Dynamic List of Members)' '*' \
718          >> $SEARCHOUT 2>&1
719RC=$?
720if test $RC != 0 ; then
721          echo "ldapsearch failed ($RC)!"
722          test $KILLSERVERS != no && kill -HUP $KILLPIDS
723          exit $RC
724fi
725
726echo "Reconfiguring slapd..."
727$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
728          $TESTOUT 2>&1 << EOMODS
729version: 1
730dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
731changetype: modify
732delete: olcDynListAttrSet
733olcDynListAttrSet: {0}
734-
735add: olcDynListAttrSet
736olcDynListAttrSet: groupOfURLs memberURL member+memberOf
737-
738EOMODS
739
740RC=$?
741if test $RC != 0 ; then
742          echo "ldapmodify failed ($RC)!"
743          test $KILLSERVERS != no && kill -HUP $KILLPIDS
744          exit $RC
745fi
746
747echo "==========================================================" >> $LOG1
748
749echo "Testing memberOf functionality..."
750echo "# Testing memberOf functionality..." >> $SEARCHOUT
751$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
752          -D "$BABSDN" -w bjensen \
753          '(cn=Mark Elliot)' '*' 'memberOf' \
754          >> $SEARCHOUT 2>&1
755RC=$?
756if test $RC != 0 ; then
757          echo "ldapsearch failed ($RC)!"
758          test $KILLSERVERS != no && kill -HUP $KILLPIDS
759          exit $RC
760fi
761
762echo "Testing filtered memberOf functionality..."
763echo "# Testing filtered memberOf functionality..." >> $SEARCHOUT
764$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
765          -D "$BABSDN" -w bjensen \
766          '(&(memberOf=cn=Dynamic List of Members,ou=Dynamic Lists,dc=example,dc=com)(cn=Mark Elliot))' '*' 'memberOf' \
767          >> $SEARCHOUT 2>&1
768RC=$?
769if test $RC != 0 ; then
770          echo "ldapsearch failed ($RC)!"
771          test $KILLSERVERS != no && kill -HUP $KILLPIDS
772          exit $RC
773fi
774
775echo "Reconfiguring slapd..."
776$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
777          $TESTOUT 2>&1 << EOMODS
778version: 1
779dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
780changetype: modify
781delete: olcDynListAttrSet
782olcDynListAttrSet: {0}
783-
784add: olcDynListAttrSet
785olcDynListAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames
786-
787EOMODS
788
789RC=$?
790if test $RC != 0 ; then
791          echo "ldapmodify failed ($RC)!"
792          test $KILLSERVERS != no && kill -HUP $KILLPIDS
793          exit $RC
794fi
795
796echo "==========================================================" >> $LOG1
797
798echo "Testing static group memberOf functionality..."
799echo "# Testing static group memberOf functionality..." >> $SEARCHOUT
800$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
801          -D "$BABSDN" -w bjensen \
802          '(cn=Mark Elliot)' '*' 'memberOf' \
803          >> $SEARCHOUT 2>&1
804RC=$?
805if test $RC != 0 ; then
806          echo "ldapsearch failed ($RC)!"
807          test $KILLSERVERS != no && kill -HUP $KILLPIDS
808          exit $RC
809fi
810
811echo "Reconfiguring slapd..."
812$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
813          $TESTOUT 2>&1 << EOMODS
814version: 1
815dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
816changetype: modify
817delete: olcDynListAttrSet
818olcDynListAttrSet: {0}
819-
820add: olcDynListAttrSet
821olcDynListAttrSet: groupOfURLs memberURL member+memberOf*
822-
823EOMODS
824
825RC=$?
826if test $RC != 0 ; then
827          echo "ldapmodify failed ($RC)!"
828          test $KILLSERVERS != no && kill -HUP $KILLPIDS
829          exit $RC
830fi
831
832echo "==========================================================" >> $LOG1
833
834echo "Adding a couple dynamic groups..."
835$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
836          > $TESTOUT 2>&1 << EOMODS
837dn: cn=The Smiths,$LISTDN
838objectClass: groupOfURLs
839cn: The Smiths
840memberURL: ldap:///ou=People,${BASEDN}??sub?(sn=Smith)
841description: Smith family
842
843dn: cn=Meta Group,$LISTDN
844objectClass: groupOfURLs
845cn: Meta Group
846memberURL: ldap:///${LISTDN}??sub?(description=Smith%20family)
847EOMODS
848
849RC=$?
850if test $RC != 0 ; then
851          echo "ldapadd failed ($RC)!"
852          test $KILLSERVERS != no && kill -HUP $KILLPIDS
853          exit $RC
854fi
855
856echo "Testing nested dynamic group functionality..."
857echo "# Testing nested dynamic group functionality..." >> $SEARCHOUT
858$LDAPSEARCH -S "" -b "$LISTDN" -H $URI1 \
859          -D "$BABSDN" -w bjensen \
860          '(objectclass=*)' '*' 'memberOf' \
861          >> $SEARCHOUT 2>&1
862RC=$?
863if test $RC != 0 ; then
864          echo "ldapsearch failed ($RC)!"
865          test $KILLSERVERS != no && kill -HUP $KILLPIDS
866          exit $RC
867fi
868
869$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
870          -D "$BABSDN" -w bjensen \
871          '(cn=Mark Elliot)' '*' 'memberOf' \
872          >> $SEARCHOUT 2>&1
873RC=$?
874if test $RC != 0 ; then
875          echo "ldapsearch failed ($RC)!"
876          test $KILLSERVERS != no && kill -HUP $KILLPIDS
877          exit $RC
878fi
879
880echo "Reconfiguring slapd..."
881$LDAPMODIFY -x -D cn=config -H $URI1 -y $CONFIGPWF > \
882          $TESTOUT 2>&1 << EOMODS
883version: 1
884dn: olcOverlay={0}dynlist,olcDatabase={$DBIX}$BACKEND,cn=config
885changetype: modify
886delete: olcDynListAttrSet
887olcDynListAttrSet: {0}
888-
889add: olcDynListAttrSet
890olcDynListAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames*
891olcDynListAttrSet: labeledURIObject labeledURI uniqueMember+seeAlso@groupOfUniqueNames
892-
893EOMODS
894
895RC=$?
896if test $RC != 0 ; then
897          echo "ldapmodify failed ($RC)!"
898          test $KILLSERVERS != no && kill -HUP $KILLPIDS
899          exit $RC
900fi
901
902echo "==========================================================" >> $LOG1
903
904echo "Adding a couple static groups..."
905$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
906          > $TESTOUT 2>&1 << EOMODS
907dn: cn=The Jensens,ou=Groups,$BASEDN
908objectClass: groupOfnames
909cn: The Jensens
910member: cn=Bjorn Jensen,ou=Information Technology DivisioN,ou=People,$BASEDN
911member: cn=Barbara Jensen,ou=Information Technology DivisioN,ou=People,$BASEDN
912
913dn: cn=JJs,ou=Groups,$BASEDN
914objectClass: groupOfnames
915cn: JJs
916member: cn=James A Jones 1,ou=Alumni Association,ou=People,$BASEDN
917member: cn=James A Jones 2,ou=Information Technology Division,ou=People,$BASEDN
918member: cn=The Jensens,ou=Groups,$BASEDN
919EOMODS
920
921RC=$?
922if test $RC != 0 ; then
923          echo "ldapadd failed ($RC)!"
924          test $KILLSERVERS != no && kill -HUP $KILLPIDS
925          exit $RC
926fi
927
928echo "Testing nested static group functionality..."
929echo "# Testing nested static group functionality..." >> $SEARCHOUT
930$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
931          -D "$BABSDN" -w bjensen \
932          '(sn=Jensen)' '*' 'memberOf' \
933          >> $SEARCHOUT 2>&1
934RC=$?
935if test $RC != 0 ; then
936          echo "ldapsearch failed ($RC)!"
937          test $KILLSERVERS != no && kill -HUP $KILLPIDS
938          exit $RC
939fi
940
941echo "Adding another nested group..."
942$LDAPADD -v -D "$MANAGERDN" -H $URI1 -w $PASSWD \
943          > $TESTOUT 2>&1 << EOMODS
944dn: cn=Bonus Group,ou=Groups,$BASEDN
945objectClass: groupOfnames
946cn: Bonus Group
947member: cn=Ursula Hampster,ou=Alumni Association,ou=People,$BASEDN
948member: cn=Meta Group,$LISTDN
949EOMODS
950
951$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
952          -D "$BABSDN" -w bjensen \
953          '(sn=Hampster)' '*' 'memberOf' \
954          >> $SEARCHOUT 2>&1
955RC=$?
956if test $RC != 0 ; then
957          echo "ldapsearch failed ($RC)!"
958          test $KILLSERVERS != no && kill -HUP $KILLPIDS
959          exit $RC
960fi
961
962$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
963          -D "$BABSDN" -w bjensen \
964          '(sn=Doe)' '*' 'memberOf' \
965          >> $SEARCHOUT 2>&1
966RC=$?
967if test $RC != 0 ; then
968          echo "ldapsearch failed ($RC)!"
969          test $KILLSERVERS != no && kill -HUP $KILLPIDS
970          exit $RC
971fi
972
973$LDAPSEARCH -S "" -b "ou=People,$BASEDN" -H $URI1 \
974          -D "$BABSDN" -w bjensen \
975          '(sn=Smith)' '*' 'memberOf' \
976          >> $SEARCHOUT 2>&1
977RC=$?
978if test $RC != 0 ; then
979          echo "ldapsearch failed ($RC)!"
980          test $KILLSERVERS != no && kill -HUP $KILLPIDS
981          exit $RC
982fi
983
984echo "Testing filtered nested memberOf functionality..."
985echo "# Testing filtered nested memberOf functionality..." >> $SEARCHOUT
986
987$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
988          -D "$BABSDN" -w bjensen \
989          "(memberOf=cn=bonus group,ou=groups,$BASEDN)" '*' 'memberOf' \
990          >> $SEARCHOUT 2>&1
991RC=$?
992if test $RC != 0 ; then
993          echo "ldapsearch failed ($RC)!"
994          test $KILLSERVERS != no && kill -HUP $KILLPIDS
995          exit $RC
996fi
997
998echo "Testing filtered nested member functionality..."
999echo "# Testing filtered nested member functionality..." >> $SEARCHOUT
1000
1001$LDAPSEARCH -S "" -b "$BASEDN" -H $URI1 \
1002          -D "$BABSDN" -w bjensen \
1003          "(member=cn=Jennifer Smith,ou=Alumni Association,ou=People,$BASEDN)" '*' 'memberOf' \
1004          >> $SEARCHOUT 2>&1
1005RC=$?
1006if test $RC != 0 ; then
1007          echo "ldapsearch failed ($RC)!"
1008          test $KILLSERVERS != no && kill -HUP $KILLPIDS
1009          exit $RC
1010fi
1011
1012test $KILLSERVERS != no && kill -HUP $KILLPIDS
1013
1014LDIF=$DYNLISTOUT
1015
1016echo "Filtering ldapsearch results..."
1017$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
1018echo "Filtering original ldif used to create database..."
1019$LDIFFILTER < $LDIF > $LDIFFLT
1020echo "Comparing filter output..."
1021$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
1022
1023if test $? != 0 ; then
1024          echo "Comparison failed"
1025          exit 1
1026fi
1027
1028echo ">>>>> Test succeeded"
1029
1030test $KILLSERVERS != no && wait
1031
1032exit 0
1033