tests/ldap/check-ldap.in

   1 #!/bin/sh
   2 #
   3 # Copyright (c) 2006 - 2016 Kungliga Tekniska Högskolan
   4 # (Royal Institute of Technology, Stockholm, Sweden).
   5 # All rights reserved.
   6 #
   7 # Redistribution and use in source and binary forms, with or without
   8 # modification, are permitted provided that the following conditions
   9 # are met:
  10 #
  11 # 1. Redistributions of source code must retain the above copyright
  12 #    notice, this list of conditions and the following disclaimer.
  13 #
  14 # 2. Redistributions in binary form must reproduce the above copyright
  15 #    notice, this list of conditions and the following disclaimer in the
  16 #    documentation and/or other materials provided with the distribution.
  17 #
  18 # 3. Neither the name of the Institute nor the names of its contributors
  19 #    may be used to endorse or promote products derived from this software
  20 #    without specific prior written permission.
  21 #
  22 # THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  23 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  24 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  25 # ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  26 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  27 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  28 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  29 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  30 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  31 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  32 # SUCH DAMAGE.
  33 #
  34 # $Id$
  35 #
  36
  37 env_setup="@env_setup@"
  38 srcdir="@srcdir@"
  39 objdir="@objdir@"
  40
  41 . ${env_setup}
  42
  43 EGREP="@EGREP@"
  44
  45 R=TEST.H5L.SE
  46
  47 port=@port@
  48
  49 server=host/datan.test.h5l.se
  50 cache="FILE:${objdir}/cache.krb5"
  51
  52 kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache ${afs_no_afslog}"
  53 kgetcred="${TESTS_ENVIRONMENT} ../../kuser/kgetcred -c $cache"
  54 kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R"
  55 kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port"
  56
  57 foopassword="fooLongPasswordYo123;"
  58
  59 testfailed="echo test failed; exit 1"
  60
  61 KRB5_CONFIG="${objdir}/krb5.conf"
  62 export KRB5_CONFIG
  63
  64 # If there is no ldap support compiled in, disable test
  65 if ${kdc} --builtin-hdb | grep ldap > /dev/null ; then
  66    :
  67 else
  68     echo "no ldap support"
  69     exit 77
  70 fi
  71
  72 #search for all ldap tools
  73
  74 PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/libexec:/usr/lib/openldap:$PATH
  75 export PATH
  76
  77 oldifs=$IFS
  78 IFS=:
  79 set -- $PATH
  80 IFS=$oldifs
  81 for j in slapd slapadd; do
  82   for i in $*; do
  83     test -n "$i" || i="."
  84     if test -x $i/$j; then
  85        continue 2
  86     fi
  87   done
  88   echo "$j missing, not running test"
  89   exit 77
  90 done
  91
  92 sh ${objdir}/slapd-init || exit 1
  93
  94 kdcpid=
  95 cleanup() {
  96     if test -n "$kdcpid"; then
  97         echo signal killing kdc
  98         kill -9 ${kdcpid} 2>/dev/null
  99     fi
 100     echo Stopping slapd
 101     sh ${srcdir}/slapd-stop
 102     trap '' EXIT INT TERM
 103     cat messages.log
 104     exit 1
 105 }
 106 trap cleanup EXIT INT TERM
 107
 108 rm -f current-db*
 109
 110 > messages.log
 111
 112 echo Creating database
 113 ${kadmin} \
 114     init \
 115     --realm-max-ticket-life=1day \
 116     --realm-max-renewable-life=1month \
 117     ${R} || exit 1
 118
 119 ${kadmin} add -p "$foopassword" --use-defaults foo@${R} || exit 1
 120 ${kadmin} add -p "$foopassword" --use-defaults bar@${R} || exit 1
 121 ${kadmin} add -p kaka --use-defaults ${server}@${R} || exit 1
 122
 123 ${kadmin} cpw --random-password bar@${R} > /dev/null || exit 1
 124 ${kadmin} cpw --random-password bar@${R} > /dev/null || exit 1
 125 ${kadmin} cpw --random-password bar@${R} > /dev/null || exit 1
 126
 127 ${kadmin} cpw --random-password suser@${R} > /dev/null|| exit 1
 128 ${kadmin} cpw --password="$foopassword" suser@${R} || exit 1
 129
 130 ${kadmin} list '*' > /dev/null || exit 1
 131
 132 echo "$foopassword" > ${objdir}/foopassword
 133
 134 echo Starting kdc
 135 ${kdc} --detach --testing || { echo "kdc failed to start"; cat messages.log; exit 1; }
 136 kdcpid=`getpid kdc`
 137
 138 ec=0
 139
 140 echo "Getting client initial tickets";
 141 ${kinit} --password-file=${objdir}/foopassword foo@$R || \
 142         { ec=1 ; eval "${testfailed}"; }
 143
 144 echo "Getting ${server} ticket"
 145 ${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; }
 146
 147
 148 echo "Getting *@$R initial ticket (fail)";
 149 ${kinit} --password-file=${objdir}/foopassword '*'@$R 2>/dev/null && \
 150         { ec=1 ; eval "${testfailed}"; }
 151
 152
 153 echo "killing kdc (${kdcpid})"
 154 kill $kdcpid || exit 1
 155
 156 trap "" EXIT
 157
 158 # kill of old slapd
 159 sh ${srcdir}/slapd-stop
 160
 161 rm -rf db schema
 162
 163 exit $ec