Commit a401ad09 authored by Ondřej Kuzník's avatar Ondřej Kuzník
Browse files

ITS#8427 Check slapd doesn't read ldap.conf

parent f4bfb5e0
......@@ -241,7 +241,6 @@ case $RC in
;;
esac
# FIXME: just adding olcDbStartTLS to the DB doesn't have an effect, why?
echo "Re-configuring proxy to use ldaps:// everywhere..."
$LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT3 -y $CONFIGPWF \
> $TESTOUT 2>&1 <<EOF
......@@ -338,7 +337,6 @@ case $RC in
;;
esac
# FIXME: just adding olcDbStartTLS to the DB doesn't have an effect, why?
echo "Re-configuring proxy to use ldaps:// everywhere..."
$LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT3 -y $CONFIGPWF \
> $TESTOUT 2>&1 <<EOF
......@@ -386,6 +384,139 @@ if test $? != 0 ; then
exit 1
fi
unset LDAPNOINIT
export LDAPNOINIT
echo "Sanity check..."
cd $TESTDIR
../$LDAPWHOAMI -H "$SURIP2" -D "$MANAGERDN" -w $PASSWD 2>/dev/null
RC=$?
case "$RC" in
"-1"|255)
;;
0)
echo "ldapwhoami should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
;;
*)
echo "ldapwhoami failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
cd $TESTWD
echo "Stopping the proxy and sleeping $SLEEP2 seconds..."
kill -HUP "$PROXYPID"
wait $PROXYPID
sleep $SLEEP2
KILLPIDS="$SERVERPID"
echo "======================= RESTART =======================" >> $LOG2
echo "Preparing an ldaprc file"
. $CONFFILTER $BACKEND $MONITORDB < $ITSDIR/ldap.conf > $TESTDIR/ldaprc
mkdir $TESTDIR/slapd.d
$SLAPD -Tt -f $CONF2 -F $TESTDIR/slapd.d >> $LOG2 2>&1
cd $TESTDIR
echo "Checking it is honoured by client tools..."
../$LDAPWHOAMI -H "$SURIP2" -D "$MANAGERDN" -w $PASSWD >/dev/null
RC=$?
if test $RC != 0 ; then
echo "ldapwhoami failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Starting proxy again..."
$SLAPD -F ./slapd.d -h $URI3 -d $LVL $TIMING >> $LOG2 2>&1 &
PROXYPID=$!
if test $WAIT != 0 ; then
echo PROXYPID $PROXYPID
read foo
fi
KILLPIDS="$KILLPIDS $PROXYPID"
cd $TESTWD
sleep 1
echo "Using ldapsearch to check that proxy slapd is running..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT3 \
'objectclass=*' > /dev/null 2>&1
RC=$?
if test $RC = 0 ; then
break
fi
echo "Waiting 5 seconds for slapd to start..."
sleep 5
done
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Configuring proxy..."
$LDAPMODIFY -D cn=config -h $LOCALHOST -p $PORT3 -y $CONFIGPWF \
> $TESTOUT 2>&1 <<EOF
dn: olcDatabase={2}ldap,cn=config
changetype: add
objectClass: olcLDAPConfig
olcDbUri: $SURIP2
olcSuffix: $BASEDN
olcRootDN: $MANAGERDN
EOF
RC=$?
if test $RC != 0 ; then
echo "modification failed ($RC)"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Privileged WhoAmI (proxy uses ldaps://)..."
$LDAPWHOAMI -h $LOCALHOST -p $PORT3 -D "$MANAGERDN" -w $PASSWD
RC=$?
case $RC in
52)
;;
0)
echo "ldapwhoami should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
;;
*)
echo "ldapwhoami failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "WhoAmI (proxy uses ldaps://), which should fail..."
$LDAPWHOAMI -h $LOCALHOST -p $PORT3 -D "$BABSDN" -w bjensen
RC=$?
case $RC in
52)
;;
0)
echo "ldapwhoami should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
;;
*)
echo "ldapwhoami failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo ">>>>> Test succeeded"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment