Commit 6b046ced authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Add initial certificate test

	(userCertificate;binary=*) works
	(userCertificate=*) doesn't but should
Needs to be expanded to include equality tests.
parent c9dfc1e3
dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,o=University of Michigan
,c=US
objectClass: OpenLDAPperson
cn: Jennifer Smith
cn: Jen Smith
sn: Smith
uid: jen
postalAddress: Alumni Association $ 111 Maple St $ Ann Arbor, MI 48109
seeAlso: cn=All Staff,ou=Groups,o=University of Michigan,c=US
drink: Sam Adams
homePostalAddress: 1000 Maple #44 $ Ann Arbor, MI 48103
title: Telemarketer, UM Alumni Association
mail: jen@mail.alumni.example.com
homePhone: +1 313 555 2333
pager: +1 313 555 6442
facsimileTelephoneNumber: +1 313 555 2756
telephoneNumber: +1 313 555 8232
userCertificate;binary:: MIIDajCCAtOgAwIBAgIBATANBgkqhkiG9w0BAQQFADB2MQswCQYDV
QQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdH
kgTHRkMRAwDgYDVQQDEwdJV1BMIENBMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLm5ldDAeFw0
wMzEwMTYyMjM4MzFaFw0wNDEwMTUyMjM4MzFaMH8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpTb21l
LVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxGDAWBgNVBAMTD0plbm5pZ
mllciBTbWl0aDEeMBwGCSqGSIb3DQEJARYPamVuQGV4YW1wbGUubmV0MIGfMA0GCSqGSIb3DQEBAQ
UAA4GNADCBiQKBgQC45An7/kRRHxiLIKR6yMfIVpGhkacWlKRFgkrzF5q9lcou+2NVZvuJDtMz36a
11EgQmRJzx39oh7Eg4ZHLAHk4OoPfcwfHQ0FHCOaU6uSE6EFqLC1CjbquZPRpwLnurf2EB0GpZTo+
bJZHvk6tA8SykUd+9qFMmX5As41JOOifjwIDAQABo4H+MIH7MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q
gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBS/e4vtKxSvjrV2JH
ghV/jgTEVMajCBoAYDVR0jBIGYMIGVgBQufFvScUL0ktR2YafMec94YPIrF6F6pHgwdjELMAkGA1U
EBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5
IEx0ZDEQMA4GA1UEAxMHSVdQTCBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5uZXSCAQAwD
QYJKoZIhvcNAQEEBQADgYEAbbGierD9QwK2cRnVr+Gs7dcbaRtuzriLIAgnR/s2t4Py0hpnySnyBV
ENXkzcgt7OIFEyF9ubRIe8YMfmLAO3yHxNyv4WaGTUVE0o54mZ5GaaIY2ibl7NK48u9VC/59pfxIs
oi2m4HHbY1MD54XRy2CANELBVFI3CI4raj3/UiiA=
userCertificate;binary:: MIIDaTCCAtKgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB2MQswCQYDV
QQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdH
kgTHRkMRAwDgYDVQQDEwdJV1BMIENBMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLm5ldDAeFw0
wMzEwMTYyMjQwMzNaFw0wNDEwMTUyMjQwMzNaMH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpTb21l
LVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMTDkplbm5pZ
mVyIFNtaXRoMR4wHAYJKoZIhvcNAQkBFg9qZW5AZXhhbXBsZS5uZXQwgZ8wDQYJKoZIhvcNAQEBBQ
ADgY0AMIGJAoGBAMiamobs0kC0Q/78yocNvf0iTI5x9efB3tMwsxweLg93KbuNBeFn2mczzQvuzvh
s+PLnfKxAyWbkeZrqw0Ve1h8ZXSHWSFg75UOFbo4wevuoYEtqmMupFEwT4rdf8Ykt5Rq1PyUJ5LgS
Ne0TMSqCYwTuo7+OunC/5YamsIbkKcsFAgMBAAGjgf4wgfswCQYDVR0TBAIwADAsBglghkgBhvhCA
Q0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFDx71116utXKGemZrZ
Vxp3p9NqU5MIGgBgNVHSMEgZgwgZWAFC58W9JxQvSS1HZhp8x5z3hg8isXoXqkeDB2MQswCQYDVQQ
GEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkg
THRkMRAwDgYDVQQDEwdJV1BMIENBMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLm5ldIIBADANB
gkqhkiG9w0BAQQFAAOBgQAPDn0+fm/GYV6elg3XFJgGA3wrVm4TeQQ8BdmIhqf25DUn/3ja3SBGI0
7DWz+LlYE/JzDEU+1UiYAfGgp7CnzKBzCUL0jyamgj11I6OyaYBdOsEGx1MFLjsOa+TCQS1f2v1gG
Cs/k0a/b3RRCTyoUfPHxJ0M6Cw9SGXu2K8GtHYA==
dn: cn=Ursula Hampster,ou=Alumni Association,ou=People,o=University of Michiga
n,c=US
objectClass: OpenLDAPperson
cn: Ursula Hampster
sn: Hampster
uid: uham
title: Secretary, UM Alumni Association
postalAddress: Alumni Association $ 111 Maple St $ Ann Arbor, MI 48109
seeAlso: cn=All Staff,ou=Groups,o=University of Michigan,c=US
homePostalAddress: 123 Anystreet $ Ann Arbor, MI 48104
mail: uham@mail.alumni.example.com
homePhone: +1 313 555 8421
pager: +1 313 555 2844
facsimileTelephoneNumber: +1 313 555 9700
telephoneNumber: +1 313 555 5331
userCertificate;binary:: MIIDbDCCAtWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADB2MQswCQYDV
QQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdH
kgTHRkMRAwDgYDVQQDEwdJV1BMIENBMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLm5ldDAeFw0
wMzEwMTYyMjQ0MThaFw0wNDEwMTUyMjQ0MThaMIGAMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29t
ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRgwFgYDVQQDEw9VcnN1b
GEgSGFtcHN0ZXIxHzAdBgkqhkiG9w0BCQEWEHVoYW1AZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQ
EBBQADgY0AMIGJAoGBAOftC+ppQ3/ZeWJRfs93FACCYAn9ajEtHy3A4GutavSQ1eLqlsU9wEkb8aE
vRtOQ9BwTjaJc+0JJ53uB6th7f5Tl7LNgjsbVR5Ef3ucsdX2ulfCwm4Mun5Us/AK6QeYnyn+cimdP
aWdS2XnopiAvvOmlnEDfDuFD3XNVs8MLuQ99AgMBAAGjgf4wgfswCQYDVR0TBAIwADAsBglghkgBh
vhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFI9vudD6euL2Lx
IhghjKii+3J4yqMIGgBgNVHSMEgZgwgZWAFC58W9JxQvSS1HZhp8x5z3hg8isXoXqkeDB2MQswCQY
DVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
dHkgTHRkMRAwDgYDVQQDEwdJV1BMIENBMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLm5ldIIBA
DANBgkqhkiG9w0BAQQFAAOBgQAnYYHkbAWFdgelG/MnYISPU48XBTxZv3dcLh9cx+J/gp1Vhggkxs
EVaPQlhlnQCfQwtM1h4j4cSVM8Tdceif93+uF48Arl6oQe5c63MoPIZD56vJkAlg+RiAFPDy6FjX6
otjpIpW3u5GeGzaDLDBn5rlUXr0kED7Ool7R9Javxzg==
......@@ -153,5 +153,6 @@ MODRDNOUTMASTER3=$DATADIR/modrdn.out.master.3
ACLOUTMASTER=$DATADIR/acl.out.master
REPLOUTMASTER=$DATADIR/repl.out.master
MODSRCHFILTERS=$DATADIR/modify.search.filters
CERTIFICATEOUT=$DATADIR/certificate.out
# Just in case we linked the binaries dynamically
LD_LIBRARY_PATH=`pwd`/../libraries:${LD_LIBRARY_PATH} export LD_LIBRARY_PATH
#! /bin/sh
# $OpenLDAP$
SRCDIR="."
if test $# -ge 1 ; then
SRCDIR=$1; shift
fi
. $SRCDIR/scripts/args.sh $*
echo "running defines.sh"
. $SRCDIR/scripts/defines.sh
echo "running defines.sh $SRCDIR $BACKEND"
. $SRCDIR/scripts/defines.sh
echo "Cleaning up in $DBDIR..."
rm -f $DBDIR/[!C]*
echo "Running slapadd to build slapd database..."
. $CONFFILTER $BACKEND $MONITORDB < $CONF > $DBCONF
$SLAPADD -f $DBCONF -l $LDIFORDERED
RC=$?
if test $RC != 0 ; then
echo "slapadd failed ($RC)!"
exit $RC
fi
echo "Starting slapd on TCP/IP port $PORT..."
$SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
PID=$!
if test $WAIT != 0 ; then
echo PID $PID
read foo
fi
echo "Testing certificate handling..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
'objectclass=*' > /dev/null 2>&1
RC=$?
if test $RC = 0 ; then
break
fi
echo "Waiting 5 seconds for slapd to start..."
sleep 5
done
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
kill -HUP $PID
exit $RC
fi
echo "Add certificates..."
$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD > \
$TESTOUT 2>&1 << EOMODS
version: 1
# LEADING COMMENT AND WHITE SPACE
dn: cn=Ursula Hampster,ou=Alumni Association,ou=People,o=University of Michigan,c=US
changetype: modify
add: userCertificate
userCertificate;binary::
MIIDbDCCAtWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADB2MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRAwDgYDVQQDEwdJ
V1BMIENBMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLm5ldDAeFw0wMzEwMTYyMjQ0MThaFw0w
NDEwMTUyMjQ0MThaMIGAMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UE
ChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRgwFgYDVQQDEw9VcnN1bGEgSGFtcHN0ZXIxHzAd
BgkqhkiG9w0BCQEWEHVoYW1AZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
AOftC+ppQ3/ZeWJRfs93FACCYAn9ajEtHy3A4GutavSQ1eLqlsU9wEkb8aEvRtOQ9BwTjaJc+0JJ
53uB6th7f5Tl7LNgjsbVR5Ef3ucsdX2ulfCwm4Mun5Us/AK6QeYnyn+cimdPaWdS2XnopiAvvOml
nEDfDuFD3XNVs8MLuQ99AgMBAAGjgf4wgfswCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFI9vudD6euL2LxIhghjKii+3J4yq
MIGgBgNVHSMEgZgwgZWAFC58W9JxQvSS1HZhp8x5z3hg8isXoXqkeDB2MQswCQYDVQQGEwJVUzET
MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRAw
DgYDVQQDEwdJV1BMIENBMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLm5ldIIBADANBgkqhkiG
9w0BAQQFAAOBgQAnYYHkbAWFdgelG/MnYISPU48XBTxZv3dcLh9cx+J/gp1VhggkxsEVaPQlhlnQ
CfQwtM1h4j4cSVM8Tdceif93+uF48Arl6oQe5c63MoPIZD56vJkAlg+RiAFPDy6FjX6otjpIpW3u
5GeGzaDLDBn5rlUXr0kED7Ool7R9Javxzg==
dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,o=University of Michigan,c=US
changetype: modify
add: userCertificate
userCertificate;binary::
MIIDajCCAtOgAwIBAgIBATANBgkqhkiG9w0BAQQFADB2MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRAwDgYDVQQDEwdJ
V1BMIENBMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLm5ldDAeFw0wMzEwMTYyMjM4MzFaFw0w
NDEwMTUyMjM4MzFaMH8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQK
ExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxGDAWBgNVBAMTD0plbm5pZmllciBTbWl0aDEeMBwG
CSqGSIb3DQEJARYPamVuQGV4YW1wbGUubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4
5An7/kRRHxiLIKR6yMfIVpGhkacWlKRFgkrzF5q9lcou+2NVZvuJDtMz36a11EgQmRJzx39oh7Eg
4ZHLAHk4OoPfcwfHQ0FHCOaU6uSE6EFqLC1CjbquZPRpwLnurf2EB0GpZTo+bJZHvk6tA8SykUd+
9qFMmX5As41JOOifjwIDAQABo4H+MIH7MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5T
U0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBS/e4vtKxSvjrV2JHghV/jgTEVMajCB
oAYDVR0jBIGYMIGVgBQufFvScUL0ktR2YafMec94YPIrF6F6pHgwdjELMAkGA1UEBhMCVVMxEzAR
BgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4G
A1UEAxMHSVdQTCBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5uZXSCAQAwDQYJKoZIhvcN
AQEEBQADgYEAbbGierD9QwK2cRnVr+Gs7dcbaRtuzriLIAgnR/s2t4Py0hpnySnyBVENXkzcgt7O
IFEyF9ubRIe8YMfmLAO3yHxNyv4WaGTUVE0o54mZ5GaaIY2ibl7NK48u9VC/59pfxIsoi2m4HHbY
1MD54XRy2CANELBVFI3CI4raj3/UiiA=
userCertificate;binary::
MIIDaTCCAtKgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB2MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRAwDgYDVQQDEwdJ
V1BMIENBMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLm5ldDAeFw0wMzEwMTYyMjQwMzNaFw0w
NDEwMTUyMjQwMzNaMH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQK
ExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMTDkplbm5pZmVyIFNtaXRoMR4wHAYJ
KoZIhvcNAQkBFg9qZW5AZXhhbXBsZS5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMia
mobs0kC0Q/78yocNvf0iTI5x9efB3tMwsxweLg93KbuNBeFn2mczzQvuzvhs+PLnfKxAyWbkeZrq
w0Ve1h8ZXSHWSFg75UOFbo4wevuoYEtqmMupFEwT4rdf8Ykt5Rq1PyUJ5LgSNe0TMSqCYwTuo7+O
unC/5YamsIbkKcsFAgMBAAGjgf4wgfswCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNT
TCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFDx71116utXKGemZrZVxp3p9NqU5MIGg
BgNVHSMEgZgwgZWAFC58W9JxQvSS1HZhp8x5z3hg8isXoXqkeDB2MQswCQYDVQQGEwJVUzETMBEG
A1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRAwDgYD
VQQDEwdJV1BMIENBMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLm5ldIIBADANBgkqhkiG9w0B
AQQFAAOBgQAPDn0+fm/GYV6elg3XFJgGA3wrVm4TeQQ8BdmIhqf25DUn/3ja3SBGI07DWz+LlYE/
JzDEU+1UiYAfGgp7CnzKBzCUL0jyamgj11I6OyaYBdOsEGx1MFLjsOa+TCQS1f2v1gGCs/k0a/b3
RRCTyoUfPHxJ0M6Cw9SGXu2K8GtHYA==
EOMODS
RC=$?
if test $RC != 0 ; then
echo "ldapmodify failed ($RC)!"
kill -HUP $PID
exit $RC
fi
echo 'Using ldapsearch to retrieve (userCertificate;binary=*) ...'
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'(userCertificate;binary=*)' > $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
kill -HUP $PID
exit $RC
fi
echo 'Using ldapsearch to retrieve (userCertificate=*) ...'
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'(userCertificate;binary=*)' > $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
kill -HUP $PID
exit $RC
fi
kill -HUP $PID
LDIF=$CERTIFICATEOUT
echo "Filtering ldapsearch results..."
. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
. $LDIFFILTER < $LDIF > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "comparison failed - certificate operations did not complete correctly"
exit 1
fi
echo ">>>>> Test succeeded"
exit 0
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment