2002-03-11 08:23:18 +08:00
|
|
|
#! /bin/sh
|
|
|
|
# $OpenLDAP$
|
2003-11-29 04:00:23 +08:00
|
|
|
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
|
|
|
|
##
|
2004-01-02 03:15:16 +08:00
|
|
|
## Copyright 1998-2004 The OpenLDAP Foundation.
|
2003-11-29 04:00:23 +08:00
|
|
|
## All rights reserved.
|
|
|
|
##
|
|
|
|
## Redistribution and use in source and binary forms, with or without
|
|
|
|
## modification, are permitted only as authorized by the OpenLDAP
|
|
|
|
## Public License.
|
|
|
|
##
|
|
|
|
## A copy of this license is available in the file LICENSE in the
|
|
|
|
## top-level directory of the distribution or, alternatively, at
|
|
|
|
## <http://www.OpenLDAP.org/license.html>.
|
2002-03-11 08:23:18 +08:00
|
|
|
|
|
|
|
echo "running defines.sh"
|
|
|
|
. $SRCDIR/scripts/defines.sh
|
|
|
|
|
2003-10-22 13:14:08 +08:00
|
|
|
mkdir -p $TESTDIR $DBDIR1
|
2002-03-11 08:23:18 +08:00
|
|
|
|
2004-04-26 07:58:22 +08:00
|
|
|
echo "Running slapadd to build slapd database..."
|
|
|
|
. $CONFFILTER $BACKEND $MONITORDB < $WHOAMICONF > $ADDCONF
|
|
|
|
$SLAPADD -f $ADDCONF -l $LDIFWHOAMI
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "slapadd failed ($RC)!"
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
2002-03-11 08:23:18 +08:00
|
|
|
echo "Starting slapd on TCP/IP port $PORT..."
|
2004-04-26 07:58:22 +08:00
|
|
|
. $CONFFILTER $BACKEND $MONITORDB < $WHOAMICONF > $CONF1
|
2003-10-22 13:14:08 +08:00
|
|
|
$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
|
2002-03-11 08:23:18 +08:00
|
|
|
PID=$!
|
|
|
|
if test $WAIT != 0 ; then
|
|
|
|
echo PID $PID
|
|
|
|
read foo
|
|
|
|
fi
|
2003-10-22 13:14:08 +08:00
|
|
|
KILLPIDS="$PID"
|
2002-03-11 08:23:18 +08:00
|
|
|
|
|
|
|
echo "Using ldapsearch to check that slapd is running..."
|
|
|
|
for i in 0 1 2 3 4 5; do
|
2003-10-22 13:14:08 +08:00
|
|
|
$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
|
2002-03-11 08:23:18 +08:00
|
|
|
'objectclass=*' > /dev/null 2>&1
|
|
|
|
RC=$?
|
2002-09-01 19:39:08 +08:00
|
|
|
if test $RC = 0 ; then
|
|
|
|
break
|
2002-03-11 08:23:18 +08:00
|
|
|
fi
|
2002-09-01 19:39:08 +08:00
|
|
|
echo "Waiting 5 seconds for slapd to start..."
|
|
|
|
sleep 5
|
2002-03-11 08:23:18 +08:00
|
|
|
done
|
|
|
|
|
2002-10-30 08:17:36 +08:00
|
|
|
echo "Testing ldapwhoami as anonymous..."
|
2003-10-22 13:14:08 +08:00
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1
|
2002-10-30 08:17:36 +08:00
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
2003-10-22 13:14:08 +08:00
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
2002-10-30 08:17:36 +08:00
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo "Testing ldapwhoami as ${MANAGERDN}..."
|
2003-10-22 13:14:08 +08:00
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD
|
2002-03-11 08:23:18 +08:00
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
2003-10-22 13:14:08 +08:00
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
2002-03-11 08:23:18 +08:00
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
2002-12-03 14:11:32 +08:00
|
|
|
echo "Testing ldapwhoami as ${MANAGERDN} for anonymous..."
|
2003-10-22 13:14:08 +08:00
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD \
|
2002-12-03 14:11:32 +08:00
|
|
|
-e \!authzid=""
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
2003-10-22 13:14:08 +08:00
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
2002-12-03 14:11:32 +08:00
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo "Testing ldapwhoami as ${MANAGERDN} for dn:$BABSDN..."
|
2003-10-22 13:14:08 +08:00
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD \
|
2002-12-03 14:11:32 +08:00
|
|
|
-e \!authzid="dn:$BABSDN"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
2003-10-22 13:14:08 +08:00
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
2002-12-06 02:14:02 +08:00
|
|
|
exit $RC
|
2002-12-03 14:11:32 +08:00
|
|
|
fi
|
|
|
|
|
2004-04-26 07:58:22 +08:00
|
|
|
echo "Testing ldapwhoami as ${MANAGERDN} for u:uham..."
|
2003-10-22 13:14:08 +08:00
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$MANAGERDN" -w $PASSWD \
|
2004-04-26 07:58:22 +08:00
|
|
|
-e \!authzid="u:uham"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
# authzFrom: someone else => njorn
|
|
|
|
echo "Testing authzFrom..."
|
|
|
|
|
|
|
|
BINDDN="cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=bjensen
|
|
|
|
AUTHZID="u:bjorn"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.exact)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=melliot
|
|
|
|
AUTHZID="u:bjorn"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (u)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Jane Doe,ou=Alumni Association,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=jdoe
|
|
|
|
AUTHZID="u:bjorn"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=James A Jones 2,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=jjones
|
|
|
|
AUTHZID="u:bjorn"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (group)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
2002-12-03 14:11:32 +08:00
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
2003-10-22 13:14:08 +08:00
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
2002-12-06 02:14:02 +08:00
|
|
|
exit $RC
|
2002-12-03 14:11:32 +08:00
|
|
|
fi
|
|
|
|
|
2004-04-26 07:58:22 +08:00
|
|
|
BINDDN="cn=No One,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=noone
|
|
|
|
AUTHZID="u:bjorn"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.onelevel)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=dots
|
|
|
|
AUTHZID="u:bjorn"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.regex)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=jaj
|
|
|
|
AUTHZID="u:bjorn"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.children)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=ITD Staff,ou=Groups,dc=example,dc=com"
|
|
|
|
BINDPW=ITD
|
|
|
|
AUTHZID="u:bjorn"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.subtree)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Should Fail,dc=example,dc=com"
|
|
|
|
BINDPW=fail
|
|
|
|
AUTHZID="u:bjorn"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.subtree)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
# authzTo: bjorn => someone else
|
|
|
|
echo "Testing authzTo..."
|
|
|
|
|
|
|
|
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=bjorn
|
|
|
|
AUTHZID="u:bjensen"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.exact)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=bjorn
|
|
|
|
AUTHZID="u:melliot"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (u)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=bjorn
|
|
|
|
AUTHZID="u:jdoe"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=bjorn
|
|
|
|
AUTHZID="u:jjones"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (group)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=bjorn
|
|
|
|
AUTHZID="u:noone"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.onelevel)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=bjorn
|
|
|
|
AUTHZID="u:dots"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.regex)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=bjorn
|
|
|
|
AUTHZID="u:jaj"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.children)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=bjorn
|
|
|
|
AUTHZID="u:group/itd staff"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (dn.subtree)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 0 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
|
|
|
BINDDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
|
|
|
|
BINDPW=bjorn
|
|
|
|
AUTHZID="u:fail"
|
|
|
|
echo "Testing ldapwhoami as ${BINDDN} for ${AUTHZID} (URI; should fail)..."
|
|
|
|
$LDAPWHOAMI -h $LOCALHOST -p $PORT1 -D "$BINDDN" -w $BINDPW \
|
|
|
|
-e \!authzid="$AUTHZID"
|
|
|
|
|
|
|
|
RC=$?
|
|
|
|
if test $RC != 1 ; then
|
|
|
|
echo "ldapwhoami failed ($RC)!"
|
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
|
|
|
exit $RC
|
|
|
|
fi
|
|
|
|
|
2003-10-22 13:14:08 +08:00
|
|
|
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
2002-03-11 08:23:18 +08:00
|
|
|
|
|
|
|
echo ">>>>> Test succeeded"
|
|
|
|
exit 0
|
2004-04-26 07:58:22 +08:00
|
|
|
|
|
|
|
## Note to developers: the command
|
|
|
|
## awk '/<===slap_sasl_match:/ {if (s==0) {s=1;c=0} c++; if ($4==0) {print c;s=0}} END {if (s==1) print c}' testrun/slapd.1.log
|
|
|
|
## must return consecutive numbers from 1 to 9 twice to indicate
|
|
|
|
## that the authzFrom and authzTo rules applied in the right order.
|