mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
Issue#9335 - Skip test if compiled without SASL support
This commit is contained in:
parent
72bfa9d488
commit
9d48bdd03b
@ -246,77 +246,81 @@ if test $RC != 0 ; then
|
||||
exit $RC
|
||||
fi
|
||||
|
||||
# note - the attrs are being saved in raw DER form.
|
||||
# they need to be base64 encoded into PEM for most programs to use them
|
||||
# so we ignore those files for now.
|
||||
echo "Using ldapsearch to generate user cert..."
|
||||
$LDAPSEARCH -b "$BABSDN" -D $MANAGERDN -H $URIP1 -w $PASSWD -s base -ZZ \
|
||||
-T $TESTDIR -t 'objectclass=*' 'userCertificate;binary' 'userPrivateKey;binary' >> $TESTOUT 2>&1
|
||||
RC=$?
|
||||
if test $WITH_SASL = no ; then
|
||||
echo "SASL support not available, skipping client cert authentication"
|
||||
else
|
||||
# note - the attrs are being saved in raw DER form.
|
||||
# they need to be base64 encoded into PEM for most programs to use them
|
||||
# so we ignore those files for now.
|
||||
echo "Using ldapsearch to generate user cert..."
|
||||
$LDAPSEARCH -b "$BABSDN" -D $MANAGERDN -H $URIP1 -w $PASSWD -s base -ZZ \
|
||||
-T $TESTDIR -t 'objectclass=*' 'userCertificate;binary' 'userPrivateKey;binary' >> $TESTOUT 2>&1
|
||||
RC=$?
|
||||
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapsearch failed ($RC)!"
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
exit $RC
|
||||
fi
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapsearch failed ($RC)!"
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
exit $RC
|
||||
fi
|
||||
|
||||
echo "Using ldapsearch to retrieve user cert..."
|
||||
$LDAPSEARCH -b "$BABSDN" -D $MANAGERDN -H $URIP1 -w $PASSWD -s base -ZZ \
|
||||
'objectclass=*' 'userCertificate;binary' > $SEARCHOUT 2>&1
|
||||
RC=$?
|
||||
echo "Using ldapsearch to retrieve user cert..."
|
||||
$LDAPSEARCH -b "$BABSDN" -D $MANAGERDN -H $URIP1 -w $PASSWD -s base -ZZ \
|
||||
'objectclass=*' 'userCertificate;binary' > $SEARCHOUT 2>&1
|
||||
RC=$?
|
||||
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapsearch failed ($RC)!"
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
exit $RC
|
||||
fi
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapsearch failed ($RC)!"
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
exit $RC
|
||||
fi
|
||||
|
||||
echo "Setting up user cert..."
|
||||
echo "-----BEGIN CERTIFICATE-----" > $TESTDIR/usercert.pem
|
||||
sed -e "/^dn:/d" -e "/^ dc=com/d" -e "s/userCertificate;binary:://" -e "/^$/d" $SEARCHOUT >> $TESTDIR/usercert.pem
|
||||
echo "-----END CERTIFICATE-----" >> $TESTDIR/usercert.pem
|
||||
echo "Setting up user cert..."
|
||||
echo "-----BEGIN CERTIFICATE-----" > $TESTDIR/usercert.pem
|
||||
sed -e "/^dn:/d" -e "/^ dc=com/d" -e "s/userCertificate;binary:://" -e "/^$/d" $SEARCHOUT >> $TESTDIR/usercert.pem
|
||||
echo "-----END CERTIFICATE-----" >> $TESTDIR/usercert.pem
|
||||
|
||||
echo "Using ldapsearch to retrieve user key..."
|
||||
$LDAPSEARCH -b "$BABSDN" -D $MANAGERDN -H $URIP1 -w $PASSWD -s base -ZZ \
|
||||
'objectclass=*' 'userPrivateKey;binary' > $SEARCHOUT 2>&1
|
||||
RC=$?
|
||||
echo "Using ldapsearch to retrieve user key..."
|
||||
$LDAPSEARCH -b "$BABSDN" -D $MANAGERDN -H $URIP1 -w $PASSWD -s base -ZZ \
|
||||
'objectclass=*' 'userPrivateKey;binary' > $SEARCHOUT 2>&1
|
||||
RC=$?
|
||||
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapsearch failed ($RC)!"
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
exit $RC
|
||||
fi
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapsearch failed ($RC)!"
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
exit $RC
|
||||
fi
|
||||
|
||||
echo "Setting up user key..."
|
||||
echo "-----BEGIN PRIVATE KEY-----" > $TESTDIR/userkey.pem
|
||||
sed -e "/^dn:/d" -e "/^ dc=com/d" -e "s/userPrivateKey;binary:://" -e "/^$/d" $SEARCHOUT >> $TESTDIR/userkey.pem
|
||||
echo "-----END PRIVATE KEY-----" >> $TESTDIR/userkey.pem
|
||||
echo "Setting up user key..."
|
||||
echo "-----BEGIN PRIVATE KEY-----" > $TESTDIR/userkey.pem
|
||||
sed -e "/^dn:/d" -e "/^ dc=com/d" -e "s/userPrivateKey;binary:://" -e "/^$/d" $SEARCHOUT >> $TESTDIR/userkey.pem
|
||||
echo "-----END PRIVATE KEY-----" >> $TESTDIR/userkey.pem
|
||||
|
||||
LDAPTLS_CERT=$TESTDIR/usercert.pem
|
||||
LDAPTLS_KEY=$TESTDIR/userkey.pem
|
||||
export LDAPTLS_CERT
|
||||
export LDAPTLS_KEY
|
||||
LDAPTLS_CERT=$TESTDIR/usercert.pem
|
||||
LDAPTLS_KEY=$TESTDIR/userkey.pem
|
||||
export LDAPTLS_CERT
|
||||
export LDAPTLS_KEY
|
||||
|
||||
echo "Setting TLSVerifyClient to try..."
|
||||
$LDAPMODIFY -D cn=config -H $URIP1 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
|
||||
echo "Setting TLSVerifyClient to try..."
|
||||
$LDAPMODIFY -D cn=config -H $URIP1 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
|
||||
dn: cn=config
|
||||
changetype: modify
|
||||
replace: olcTLSVerifyClient
|
||||
olcTLSVerifyClient: try
|
||||
EOF
|
||||
RC=$?
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapmodify failed for autoca config ($RC)!"
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
exit $RC
|
||||
fi
|
||||
RC=$?
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapmodify failed for autoca config ($RC)!"
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
exit $RC
|
||||
fi
|
||||
|
||||
$CLIENTDIR/ldapwhoami -Y EXTERNAL -H $URIP1 -ZZ
|
||||
$CLIENTDIR/ldapwhoami -Y EXTERNAL -H $URIP1 -ZZ
|
||||
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapwhoami failed ($RC)!"
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
exit $RC
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapwhoami failed ($RC)!"
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
exit $RC
|
||||
fi
|
||||
fi
|
||||
|
||||
test $KILLSERVERS != no && kill -HUP $KILLPIDS
|
||||
|
@ -21,6 +21,11 @@ if test $WITH_TLS = no ; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if test $WITH_SASL = no ; then
|
||||
echo "SASL support not available, test skipped"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
mkdir -p $TESTDIR $DBDIR1
|
||||
cp -r $DATADIR/tls $TESTDIR
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user